Privacy Policy

Last updated: 2026-06-19

Last updated: June 19, 2026

JWTValidator.org ("we", "us", "our") operates jwtvalidator.org. This Privacy Policy explains how we handle information when you use our JWT tools and website.

Summary

We do not collect, store, or transmit your JWT tokens or secrets. All JWT decoding, encoding, and validation happens locally in your web browser using JavaScript. We designed our platform to be privacy-first.

Information We Do Not Collect

  • JWT tokens, API keys, secrets, or passwords you paste into our tools
  • Decoded token contents or validation results
  • Personal authentication credentials

Client-Side Processing

Our JWT decoder, validator, encoder, debugger, and related tools process all data entirely on your device. No token data is sent to our servers because our tools do not require a backend for core functionality.

Information We May Collect

Like most websites, we may collect limited, non-personal technical data through standard web server logs or analytics (if enabled in the future), such as:

  • Browser type and version
  • Pages visited and time spent
  • Referring website
  • General geographic region (country level)

This data is aggregated and cannot be used to identify individual users or their tokens.

Cookies

We currently use minimal or no cookies. If we introduce analytics or preference cookies in the future, this policy will be updated. You can control cookies through your browser settings.

Third-Party Services

Our site may load resources from content delivery networks (CDNs) for static assets. Third-party services operate under their own privacy policies. We do not share JWT token data with any third party.

JWKS Fetch Feature

Our JWKS Validator tool may fetch public keys from JWKS URLs you provide. This request goes directly from your browser to the specified endpoint — not through our servers.

Your Rights (GDPR & Similar Laws)

If you are in the European Economic Area or other jurisdictions with data protection laws, you may have the right to:

  • Access personal data we hold about you (if any)
  • Request correction or deletion of your data
  • Object to or restrict processing
  • Data portability where applicable
  • Lodge a complaint with a supervisory authority

Given our minimal data collection, these rights typically apply only to contact correspondence or analytics data — not JWT tool usage.

Children's Privacy

Our services are intended for developers and technical professionals. We do not knowingly collect information from children under 13.

Changes to This Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated date.

Contact

Privacy questions: support@ratpdf.com or visit our Contact page.