Privacy

Last updated: 28 June 2026

TL;DR — JSONKit processes everything in your browser. Your JSON, the files you upload, and anything you type never leave your device. There are no servers, no accounts, and no analytics.

What we collect

Nothing. JSONKit is a static web page made of HTML, CSS, and JavaScript. Every operation — formatting, validating, querying, converting, diffing, generating types, redacting PII — runs locally in your browser using JavaScript. No JSON you paste, upload, or fetch is ever sent to us or anyone else.

Files & input

When you upload a file or paste text, it is read into your browser's memory and processed on the spot. It is never transmitted off your machine.

The “From URL” feature

If you use From URL, your browser fetches that URL directly from your device to the server you named. JSONKit is not involved in that request and never sees its contents. That request follows the target server's own privacy policy.

Local storage

JSONKit keeps a short history of your recent inputs in your browser's localStorage so you don't lose work between sessions, plus a flag in sessionStorage to skip the splash screen. Both live only on your device and can be cleared anytime via your browser. Nothing in them is sent anywhere.

Sharing

The Share button encodes your current input into a link's URL fragment (the part after #). URL fragments are never sent to a server by browsers — the link only works for whoever you hand it to. For sensitive data, redact or mask it first using the Privacy tools.

Third parties

The only external request the page makes is to Google Fonts for typography. All processing libraries (YAML, CSV, JSONPath, JMESPath) are bundled with the app and run locally — no CDN calls at runtime. There are no trackers, ads, or analytics scripts.

Contact

Questions? Visit ToolWizHub or the project's GitHub.