Home / Privacy Policy

Privacy Policy

Effective Date: February 12, 2026

1. Introduction

Welcome to the AES-256-GCM Web Utility, a completely client-side browser tool for AES-256-GCM authenticated encryption and decryption. This Privacy Policy explains our practices regarding your information. Because the tool runs entirely in your web browser using the Web Crypto API, we collect, store, transmit, or process no personal data or user content whatsoever. All encryption, decryption, and key/nonce generation occur locally on your device.

2. Information We Do Not Collect

We do not collect any of the following:

  • Personal Identifiable Information — names, email addresses, IP addresses, device identifiers, or location data
  • Input Content — plaintext, ciphertext, keys, nonces, or generated outputs remain exclusively in your browser memory
  • Usage Analytics — no tracking of page views, session duration, clicks, or feature usage
  • Logs or Server-Side Data — there are no servers involved in processing your data

Since no information ever leaves your device, there is no possibility of us accessing, storing, or sharing it.

3. How the Tool Operates

All functionality is executed client-side:

  • Plaintext or ciphertext you enter is processed using JavaScript and the browser’s built-in Web Crypto API
  • Key and nonce derivation (via PBKDF2) happens locally when you use the generator
  • Any temporary data (e.g. form inputs during your session) is held only in browser memory and is discarded when you close or refresh the tab
  • No localStorage, sessionStorage, IndexedDB, or cookies are used to persist information

4. Third-Party Services and CDNs

The utility loads Bootstrap via CDN for styling. CDNs may log standard HTTP request metadata (IP address, browser headers) for their own operational purposes — this is outside our control and unrelated to your use of the encryption features. We do not integrate analytics, advertising, or any tracking scripts.

5. Security Considerations

Although we collect nothing, your security depends on your device and browser:

  • Use a modern, up-to-date browser that supports the Web Crypto API
  • Avoid entering sensitive data on shared or compromised devices
  • Never share generated keys or nonces unless you intend to

6. Children’s Privacy

This tool is not directed to children under 13. We do not knowingly collect data from children.

7. Changes to This Policy

We may update this Privacy Policy. Changes will appear on this page with a new effective date. Continued use after changes constitutes acceptance.

Our zero-data-collection design ensures maximum privacy for AES-256-GCM operations performed entirely in your browser.