Privacy Policy

• Most tools run entirely in your browser. Your files, text, and images for those tools are not uploaded to us for processing.
• A small set of features uses our servers (for example encrypted pastes, short links, sign-in, and AI-assisted tools). Those flows are described below.
• We use technical measures such as rate limits and hashed IP data where needed to reduce abuse and keep the service available.

The majority of ZeroKit tools execute locally in your web browser using JavaScript. For those tools, your content stays on your device: we do not receive your raw inputs or outputs for processing unless you explicitly use a server-backed feature listed below.

When you use certain features, we process data on our infrastructure only as needed to provide them:

• Paste & share — Encrypted paste payloads and metadata needed to store and retrieve pastes (for example expiry) may be handled on our servers. Paste encryption is designed so that keys needed to decrypt content are not stored in plaintext on our systems in the same form as the content you intended to protect; implementation details may vary by deployment.
• URL shortener — We store mappings between short codes and destination URLs so redirects work.
• AI-powered tools— Your prompts and related inputs are sent to our backend and then to our AI provider (see "Third parties") to generate a response. Do not submit secrets or highly sensitive data you are not comfortable sending to an AI API.
• Authentication — If you sign in (for example with GitHub or Google), we receive profile identifiers and email from your provider as permitted by that login flow, to create and manage your session and account record.
• Payments (Pro) — If you subscribe to paid features, our payment processor receives billing details as described in their terms; we receive subscription status and identifiers needed to grant access.

To protect the service and other users, we may apply rate limits, log minimal technical data about requests, and process IP addresses in a hashed or aggregated form (for example using a configured salt) to detect spam and misuse. We do not sell your personal information.

We use cookies and similar technologies where required for authentication, sessions, theme preferences, and basic site operation. You can control cookies through your browser settings; disabling some cookies may limit sign-in or certain features.

Depending on configuration and which features you use, data may be processed by:

• Hosting and infrastructure — Our application and database providers (for example serverless hosting and managed databases).
• AI provider — AI features may use models and APIs operated by Anthropic or another provider under their terms and privacy policy.
• OAuth and payment providers — GitHub, Google, Stripe, or similar services when you use sign-in or paid plans.
• Analytics — If enabled for a deployment, we may use privacy-oriented analytics (for example aggregated, cookie-light tools) to understand usage in the aggregate.

We retain server-side data only as long as needed for the feature (for example until a paste expires or a short link is removed), for legal compliance, or for legitimate operational purposes such as security logs with limited retention. Exact retention can depend on your deployment and configuration.

Depending on where you live, you may have rights to access, correct, delete, or export personal data we hold about you, or to object to certain processing. To exercise these rights, contact us using the details your deployment provides. If you use OAuth, you can also revoke ZeroKit's access from your GitHub or Google account settings.

ZeroKit is not directed at children under 13 (or the minimum age in your jurisdiction). We do not knowingly collect personal information from children.

Our servers and providers may be located in countries other than your own. By using the service, you understand that data may be processed in those locations.

We may update this Privacy Policy from time to time. The "Last updated" date at the top will change when we do. Continued use of ZeroKit after changes means you accept the updated policy.

For privacy questions about ZeroKit, email support@zerokit.in or visit the contact page.