UtilitySansar
Semua alat
Kategori
DeveloperMatematikaTeksDesainEncodingKeamananPemasaranDataKeuanganCloud

Kebijakan privasi

Pembaruan terakhir: 19 April 2026

UtilitySansar dirancang untuk menjaga input Anda tetap privat. Sebagian besar alat berjalan langsung di browser, dan kami tidak menyimpan teks, file, atau rahasia yang Anda proses.

Kami hanya mengumpulkan telemetri agregat minimal untuk memahami alat mana yang dipakai dan dari wilayah mana, agar kami dapat memelihara dan meningkatkan situs.

Jaminan penanganan data

  • Input dan output mentah diproses di browser untuk alat sisi klien.
  • Event analitik hanya berisi slug alat, stempel waktu, dan wilayah kasar.
  • Kami tidak mengingest, menyimpan, atau menjual konten mentah Anda.
  • Tindakan Bersihkan Data tersedia di alat sensitif untuk pembersihan lokal cepat.

Catatan privasi per alat

Alat-alat ini menangani input sensitif sepenuhnya di sisi klien:

  • JWT tools (jwt-encoder, jwt-decoder): header, payload, token strings, and signing secrets are handled client-side.
  • HMAC generator (hmac-generator): message payloads and secret keys are hashed locally in your browser session.
  • Hash tools (hash-generator, hash-compare-tool): source text and hash values are computed/compared locally.
  • Email tools (email-validator, email-extractor): addresses and source text remain in-page unless you copy/export them yourself.
  • Base64 image conversion (base64-to-image): Base64 payloads are decoded for preview/download without server upload.

Yang kami lacak

  • Slug alat (contoh: json-formatter).
  • Kode negara yang disimpulkan jaringan edge (contoh: ID).
  • Prefiks bahasa aktif (contoh: ne untuk /ne/...).
  • Stempel waktu event kunjungan.

Yang tidak kami lacak

  • Tidak ada konten mentah input/output alat.
  • Tidak ada profil akun untuk pengunjung publik.
  • Tidak ada penjualan informasi pribadi.

Languages & locale (Visitors)

UtilitySansar is available in multiple languages. When you switch language with the locale picker, we set a small cookie (us_locale) that remembers your preferred locale so we can serve the right translation on your next visit. The cookie stores only the locale code (for example "es" or "ja") — nothing else.

  • The active locale prefix (e.g. /es/, /hi/) is included in analytics events alongside the tool slug.
  • Locale detection may use the Accept-Language header on the very first visit; this header is not stored.
  • You can change or remove the locale cookie at any time from your browser settings.
  • Translations are static — your text input is never sent to a translation service.

Accounts & login providers (Signed-in users)

Signing in is optional. We support sign-in with the following identity providers, and we never store your password — the provider verifies you and tells us who you are.

  • Google (OpenID Connect)
  • GitHub
  • Microsoft (Entra ID / personal accounts)

When you complete sign-in, we read only the following from your provider profile and store it on our account record:

  • Provider user ID (an opaque identifier from Google / GitHub / Microsoft).
  • Email address (used as your account identity).
  • Display name, when present.
  • Avatar / profile picture URL, when present.

After a successful sign-in we create a short-lived session and set a single HTTP-only, Secure cookie (us_session) that identifies the session on our server. We do not place any third-party cookies, and the session cookie carries no profile data of its own.

We request only the minimum scopes each provider needs to return your email, name, and avatar. We do not post on your behalf, do not read your repositories, mailbox, calendar, or contacts, and we do not request offline-access / refresh tokens.

You can sign out from the account menu at any time, which immediately destroys the session. If you would like your account record removed entirely, contact us through the report page and we will delete the stored profile and any account-scoped data within 30 days.

Third parties

We do not share account data, locale preference, or analytics events with advertisers or data brokers. The only third parties involved in a typical signed-in session are the OAuth provider you chose (Google, GitHub, or Microsoft) and our infrastructure host (Cloudflare). Each is contacted only to the extent needed to authenticate you or serve the page.

Retensi

Event analitik disimpan hingga 12 bulan, lalu dihapus atau diagregasi untuk pelaporan tren jangka panjang. Akses ke analitik mentah dibatasi pada admin yang berwenang.

Contact & terms

Questions about privacy, account deletion requests, or other concerns can be raised from our report page. See also our Terms of Use for the rules that govern use of the site.

Safa privacy summary

Safa is a Chrome extension designed to block ads, trackers, and intrusive overlays while maintaining strong privacy protections.

Key privacy points

  • Data collection. Safa does not collect, transmit, or store any personal data on external servers during the MVP. The extension stores only locally-managed information like your blocking preferences, site allowlists, and configuration settings — all remaining on your device via chrome.storage.local.
  • Network activity. The extension itself makes no external requests. Instead, it relies on Chrome's declarative network rules that function within the browser engine itself.
  • API usage. Safa's API retrieves only public configuration data like profile information and version details. This API does not receive any data from your browser.
  • Permissions. Five permissions enable core functionality — network rule declaration, local storage, and tab access for the popup feature.
  • Data retention. Settings persist locally until you uninstall the extension or reset to defaults; nothing remains on UtilitySansar servers.

Users concerned about privacy can report issues via the official report page.