$ privacy

DevSecDeck does not collect, store, or transmit any personal data. There are no user accounts, no analytics, no tracking pixels, no cookies, and no telemetry of any kind.

All tools process your data entirely within your browser using standard Web APIs (Web Crypto API, TextEncoder/Decoder, Clipboard API, etc.). Your input never leaves your machine.

The one exception is the SSL Certificate Inspector's URL lookup mode, which sends the URL you provide to a minimal server-side API route to establish a TLS connection and retrieve the certificate. The URL is used solely to perform the lookup — it is not logged, stored, or shared. The certificate data is returned to your browser for client-side parsing.

DevSecDeck may use your browser's localStorage to persist your theme preference (light or dark mode). This data stays on your device and is never transmitted.

DevSecDeck does not share data with any third parties. There are no advertising networks, analytics services, or external tracking integrations.

The site is hosted on infrastructure that may collect standard server access logs (IP address, request path, timestamps) as part of normal web hosting operations. DevSecDeck does not control or access these logs.

If this policy changes, the updated version will be posted on this page. Our commitment to privacy-first, client-side processing will not change.