Privacy Proof

Developer tools

JWT decoder: the token is decoded with atob() (a browser built-in) and parsed with JSON.parse(). No HTTP request is made; the payload is never serialised to a URL, a header, or an analytics event.

JSON formatter: JSON.parse() + JSON.stringify() — two synchronous standard library calls. No async, no network.

Hash generators (MD5, SHA-256, SHA-512): use the browser's built-in crypto.subtle.digest(). No third-party library makes an outbound call.

UUID generator: crypto.randomUUID() — the browser's own CSPRNG. No server entropy request.

All other developer tools (regex tester, CSV/JSON converters, cron builder, diff checker, base converter): pure synchronous JavaScript. No asynchronous side-effects, no external calls.

PDF tools

All PDF operations use pdf-lib, a TypeScript/WebAssembly library that runs entirely in the browser. The library is lazy-loaded the first time you interact with a PDF tool; thereafter it runs from the module cache.

Merge, split, rotate, reorder, sign, watermark, add page numbers, password-protect, and unlock — all are in-memory operations on ArrayBuffers. The output is written to a new Uint8Array and passed to a Blob. No byte of your PDF content is transmitted over any network connection during processing.

Image-to-PDF: images are drawn to an off-screen Canvas and the PNG/JPEG pixel data is embedded directly into the PDF by pdf-lib. The Canvas pixels never leave the tab.

Image tools

Compression, resizing, cropping, and format conversion all use the HTML5 Canvas API. The image is drawn to an off-screen canvas with drawImage(); the output is extracted with canvas.toBlob() at the target quality and format. All pixel data stays inside the browser's rendering engine.

EXIF remover: reads the JPEG binary as an ArrayBuffer, locates the APP1 marker segment that contains EXIF data, removes it, and reassembles the file. No upload; the byte-stream manipulation is pure JavaScript.

HEIC/HEIF conversion: uses a WASM-compiled decoder that runs inside your browser. Like pdf-lib, it is lazy-loaded and runs locally once downloaded.

Text tools

Word counter, case converters, find-and-replace, line sorter, deduplicator, text diff, Markdown preview — all are synchronous JavaScript string operations triggered on user input. Processing happens as you type. No debounce-to-server pattern is used; the entire pipeline is input → transform() → render in the browser's call stack.

Finance tools

VAT calculator, compound interest, mortgage repayment, loan EMI, FIRE number, tip calculator — all are arithmetic expressions evaluated in JavaScript. No exchange-rate lookups, no external API calls. Conversion factors and formula constants are hardcoded in the bundle.

Crypto tools

Address validators: Bitcoin and Ethereum address checksums are validated locally using the same algorithms wallets use (Base58Check for BTC, EIP-55 checksum for ETH). No address is transmitted to a blockchain node, explorer API, or any external endpoint.

BIP39 validator: the 2048-word wordlist is embedded in the JavaScript bundle as a static asset. Seed phrase validation and entropy calculation run entirely in memory. Your seed phrase never appears in a network request, an analytics event, an error message, or a console log.

Unit converters (satoshi ↔ BTC, wei ↔ gwei ↔ ETH): pure arithmetic with hardcoded denominators. No price data is fetched.

DCA, staking, APY/APR, crypto tax, portfolio rebalancer: all calculations use inputs you provide directly. No live price data is fetched; prices are entered manually. This means results depend on the accuracy of the numbers you supply, but it also means no external service sees your portfolio or transaction data.

Converters

Unit conversions (length, weight, temperature, area, volume, speed), timezone conversion, Unix timestamp lookup, and age calculator all use hardcoded conversion factors or the browser's Intl.DateTimeFormat and Date APIs. No external data source is consulted.

JavaScript delivery

The privacy guarantee depends on the JavaScript we deliver being what it claims to be. You are trusting that the bundle has not been tampered with between our build system and your browser. We mitigate this with TLS (HTTPS enforced site-wide) and Vercel's build integrity guarantees. If this level of trust is insufficient for your threat model, you can inspect the Network tab yourself to verify no outbound requests fire during tool use.

Browser memory

While the tab is open, your files live in RAM. Brevio does not persist them anywhere — there is no IndexedDB write, no localStorage write, no service worker cache entry for user data. When you close the tab, the data is gone. If you're processing documents that should not persist after use, close the tab when done and clear your browser's download history if needed.

Browser extensions

Extensions run with elevated browser permissions and can intercept in-page JavaScript. If you have extensions installed that inspect page content, they may see your data before or after processing. For sensitive workflows, use a clean browser profile without extensions.

Ads and analytics isolation

Google AdSense and Plausible Analytics only load after your explicit consent. When consent is given, these scripts fire on page load — not during tool processing, and not in response to your input. The privacy policy details exactly what each service collects.

The automated test suite includes privacy tests for JWT decoder and JSON formatter that assert zero external network requests after input is provided. These tests run in CI and must pass before any code change is deployed.

Unsupported edge cases

Some tools may fail on malformed or exotic inputs — for example, a heavily encrypted PDF with a non-standard encryption scheme, or a JPEG with a corrupt EXIF block. When this happens, the error is caught locally and displayed in the UI. No partial data is sent anywhere; the failure is entirely contained within your browser tab.