SimpleToolset
DE
USEnglishENVNTiếng ViệtVICN中文CNKR한국어KRJP日本語JPTHไทยTHDEDeutschDEBRPortuguês (Brasil)PT_BRLATAMEspañol (LATAM)ES_419IDBahasa IndonesiaIDINहिन्दीHIINবাংলাBNINதமிழ்TAINతెలుగుTEINमराठीMR

Privacy architecture

How SimpleToolset privacy works

SimpleToolset is designed around browser-side processing: the page loads code, your browser performs the work, and source content stays on your device unless a specific tool clearly says otherwise.

Updated 2026-06-04

Processing happens in the browser

Most tools run as JavaScript in the current tab. Text, images, PDFs, calculator inputs, and generated outputs are handled in browser memory instead of being sent to an app processing server.

  • Upload-style controls read files with browser APIs such as FileReader, Canvas, PDF, or WebAssembly libraries.
  • Calculator and text tools compute directly from values entered on the page.
  • Download buttons create local files or object URLs in the browser session.

What can be stored locally

Some convenience features use browser storage on the same device. This includes theme preference, recently used tools, favorites, and offline app shell cache for lightweight tools.

  • Recently used and favorite tool IDs are stored in localStorage.
  • PWA offline cache stores app pages and static assets, not files you upload into tools.
  • AI Local tools may cache model files in the browser cache or IndexedDB after the first model download.

What is not uploaded for normal tool work

  • Source files selected for browser-based image, PDF, GIF, text, or AI Local tools.
  • Calculator values, health estimates, finance inputs, and generated results.
  • Passwords generated or checked in browser-side password utilities.

Network requests you may still see

A privacy-first browser tool still needs to load the website, static scripts, ads or analytics where enabled, and sometimes model/library assets for AI Local tools. Those requests should not contain your source file contents.

Privacy-safe client error monitoring

Client-side error reporting is opt-in by endpoint configuration and sends only low-cardinality diagnostics such as route, tool ID, viewport bucket, browser family, online status, and an error fingerprint. It does not send form values, uploaded files, extracted text, generated output, error messages, or stack traces.

Practical limits

Browser-side privacy also means performance depends on your device memory, browser support, and storage settings. Very large files, private browsing modes, or aggressive storage cleanup can affect results or offline availability.