SUB&SUB · Tools

Privacy Policy

Last updated: 2026-05-01

Short version: this site runs entirely in your browser. We do not collect, store, transmit, or sell any of the text, files, secrets, or codes you put into the tools.

1. Who we are

SUB&SUB Tools (the “Service”) is a free, browser-based developer toolkit operated by SUB&SUB LLC (“we”, “us”, “our”). For privacy questions you can reach us at [email protected].

2. Local-only processing

Every tool on this site — Base64, TOTP, JWT decode, QR generation, hashing (MD5/SHA-1/SHA-256/SHA-512), hex conversion, HTML‑entity encoding, regex testing, text diffing, color conversion, UUID generation, password generation, and Unix timestamp conversion — runs in your browser using JavaScript and the Web Crypto API. The data you paste, type, or drop into the page:

is never sent to our servers,
is never stored on disk by us,
is never shared with any third party,
exists only in the memory of the open browser tab and is discarded when you close it.

3. Information we do not collect

We do not run analytics, advertising, fingerprinting, or behavioural tracking on this site. We do not set any cookies. We do not require an account and we do not have a login. We do not log IP addresses beyond the short-lived request logs your hosting provider may keep for abuse-prevention purposes.

4. Local browser storage

To remember your preferences (such as the chosen color theme and the last active tool tab), the Service may use the browser’s localStorage. This data stays on your device, is readable only by this site, and you can clear it at any time from your browser settings.

The Service is also installable as a Progressive Web App. The service worker caches the static page assets so the tools keep working offline. It does not cache or transmit any of your input.

5. Third-party resources

The page loads the Inter and JetBrains Mono web fonts from Google Fonts (fonts.googleapis.com and fonts.gstatic.com). When your browser fetches these font files, Google may receive standard request metadata (such as your IP address and user-agent) under Google’s Privacy Policy. No tool input is included in those requests.

6. Security

Because all sensitive operations happen on your device, the integrity of your data depends on the integrity of your browser and operating system. We recommend keeping them up to date and avoiding the use of secrets (such as TOTP seeds or private JWT keys) on shared or compromised machines.

7. Children’s privacy

The Service is a general-purpose developer tool and is not directed at children under 13. We do not knowingly collect personal information from children.

8. Changes to this policy

If we update this Privacy Policy, we will revise the “Last updated” date at the top of this page. Material changes will be highlighted on the homepage.

9. Contact

Questions, requests, or concerns about this policy can be sent to [email protected].