Contents
1. Introduction
PassZenith ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we handle information when you use our password generator web application (the "Service").
The key principle: PassZenith is designed with privacy at its core. We do not collect, store, transmit, or process any personal data. Everything happens locally in your browser.
2. Data We Collect
🔒 Zero Data Collection
We collect absolutely no personal data. This includes:
- No account registration required
- No names, emails, or contact information
- No IP addresses logged
- No cookies for tracking
- No analytics or telemetry
- No passwords stored on our servers
All password generation happens entirely within your browser using the Web Crypto API. Generated passwords never leave your device unless you explicitly copy them.
3. Local Browser Storage
PassZenith uses your browser's localStorage to save:
- Theme preference (dark/light mode)
- Password history (up to 50 entries, stored locally)
This data is:
- Stored only on your device
- Never transmitted to any server
- Completely under your control
- Deletable at any time via the "Clear All" button or browser settings
⚠️ Important Note
Your password history is stored in plain text in localStorage. While convenient, this means anyone with access to your device or browser could potentially view this history. Use the "Clear All" feature to remove sensitive entries.
4. Third-Party Services
PassZenith uses the following third-party resources:
| Service | Purpose | Data Shared |
|---|---|---|
| Google Fonts | Typography (Inter, JetBrains Mono) | Standard HTTP headers only |
Google Fonts may collect standard web server logs. See Google's Privacy Policy for details. If you prefer, you can self-host these fonts to avoid any third-party requests.
5. GDPR Compliance
For users in the European Economic Area (EEA), we are fully compliant with the General Data Protection Regulation (GDPR):
- No personal data processing: Since we don't collect personal data, most GDPR requirements don't apply to our processing activities.
- No consent required: No tracking cookies or personal data collection means no consent banners are needed.
- Data portability: You can export your locally stored password history at any time.
- Right to erasure: Use the "Clear All" button to delete all stored data instantly.
Legal basis: Where applicable, our legal basis for processing is legitimate interest in providing the Service.
6. Your Rights
You have the right to:
- Access: View all data stored locally via browser developer tools
- Export: Download your password history as CSV or TXT
- Delete: Clear all local data at any time
- Object: Since we don't process personal data, there's nothing to object to
7. Security Measures
PassZenith implements robust security:
- HTTPS: All connections are encrypted
- Web Crypto API: Cryptographically secure random number generation
- No server-side processing: Eliminates database breach risks
- No network requests: Passwords never leave your device
- Content Security Policy: Protection against XSS attacks
- Subresource Integrity: Verification of external resources
8. Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of the Service after changes constitutes acceptance of the updated policy.
9. Contact Us
If you have questions about this Privacy Policy or our privacy practices:
- Visit our Support page
- Submit feedback via our Feedback form