Privacy Policy
Last updated: May 2026
This Privacy Policy explains how DevBench (devbench.co.in) collects, uses, and protects information when you visit and use the site. By using DevBench, you agree to the practices described below.
1. Tool inputs and data processing
DevBench tools process your input entirely within your browser. Text you paste, files you upload, and options you configure are handled by client-side JavaScript running on your own device. We do not operate a backend that receives, stores, or logs your tool inputs.
Examples of data that never reaches our servers: JSON payloads, JWT tokens, Base64 strings, passwords, hash inputs, API request bodies, PDF files, images, cron expressions, code you run in the playground, and any other text or file you provide to a DevBench tool.
The two exceptions are features that require a network request by design:
- API Tester — HTTP requests you send are routed through a CORS proxy so they can reach external APIs from a browser. The proxy forwards your request and returns the response; it does not log request bodies or headers beyond what is necessary to relay the response.
- Webhook Simulator — payloads are sent to the destination URL you provide. HMAC signing happens in your browser before transmission; your signing secret is never sent to our servers.
1a. Data flow (how information moves)
The diagram below describes the path your data takes when you use DevBench. It is a logical flow — not a network capture of every byte — but it reflects how the product is built today.
[You] paste / upload / type
↓
[Browser tab] DevBench JavaScript parses & transforms locally
↓
[Browser tab] Result rendered + optional download blob
↳ (not sent) DevBench application servers — no tool-input API
Exceptions branch sideways:
→ API Tester → CORS proxy → your target API
→ Webhook Simulator → destination URL you enter
→ Page load → CDN (Vercel) serves static assets only
→ Analytics / ads → coarse visit metadata (no tool bodies)
- Input capture — Keyboard and file-picker data stay inside the rendering engine for that tab.
- Processing — Libraries (JSON, PDF, crypto, etc.) run synchronously or via Web Workers in the same origin as the page; output is written to the DOM or a temporary object URL for download.
- Persistence — DevBench does not write tool payloads to disk on our infrastructure. Only your browser may cache static files or store theme/shortcut preferences in
localStorage. - Egress — Data leaves the tab only when you use an explicit network feature (API call, webhook) or when third-party scripts record a page view.
1b. Data retention FAQ
Quick answers about how long different categories of data exist. Expand each question for detail.
1c. Sensitive data — examples and risk reduction
Many visitors use DevBench with credentials, customer data, or regulated information. The table below lists common sensitive inputs and practical ways to minimize exposure.
| Data type | Example | How to minimize risk |
|---|---|---|
| JWT / API keys | Bearer eyJhbG… | Use expiring test tokens; redact before screenshots; prefer JWT Debugger over pasting into chat or ticket systems. |
| Passwords & hashes | Production bcrypt hashes | Use synthetic samples for format checks; never reuse real passwords across environments. |
| PII in JSON/CSV | Customer export with emails | Anonymize columns first; work on a copy; close the tab when finished. |
| PDF contracts | Signed legal PDF | Processing stays local, but clear downloads from shared machines and avoid browser extensions that scan downloads. |
| Health / finance figures | Loan or BMI inputs | Treat calculators as estimates only; do not enter real account numbers or medical record IDs. |
When in doubt, assume anything visible on screen could be captured by screen recording, shoulder surfing, or a compromised browser extension. DevBench’s client-side model removes server-side storage risk but does not replace your organisation's data-handling policies.
2. Analytics
DevBench uses Google Analytics (via Google Tag Manager) and Vercel Analytics to understand which tools are used, where visitors come from, and how the site performs. These services collect standard web analytics data: pages visited, referrer, browser type, country, and device type. Individual tool inputs are not included in analytics events.
Analytics data helps us prioritise which tools to improve and which new tools to build. You can opt out of Google Analytics by using the Google Analytics Opt-out Browser Add-on.
3. Advertising
This site uses Google AdSenseto display advertisements. Google and its advertising partners use cookies and similar technologies to serve ads based on your prior visits to DevBench and other websites. Google's use of advertising cookies allows it and its partners to serve ads based on your visit here and/or other sites on the internet.
You can opt out of personalised advertising by visiting Google Ad Settings or YourAdChoices. DevBench does not control the cookies set by Google AdSense or its advertising partners.
DevBench also participates in the Namecheap affiliate programme (via Impact.com). If you click a Namecheap link and make a purchase, we may earn a commission at no extra cost to you. Affiliate links are clearly presented as hosting or domain recommendations.
4. Cookies and local storage
DevBench itself stores one item in your browser's localStorage: your preferred light or dark colour theme. This preference never leaves your device and is not sent to any server.
Third-party services (Google Analytics, Google AdSense, Vercel) may set their own cookies. These are governed by their respective privacy policies, which are linked in sections 2 and 3 above.
5. Hosting and server logs
DevBench is hosted on Vercel. Vercel may collect standard server access logs (IP address, requested URL, HTTP status code, timestamp, and user agent) as part of normal infrastructure operation. See Vercel's Privacy Policy for details on how they handle this data.
6. Contact form
The contact page lets you send a message to us via email. The form constructs a mailto: link that opens your email client; your message is not submitted to or stored by DevBench until you send it through your own email provider. We retain contact messages only as long as necessary to respond.
7. Children's privacy
DevBench is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child has submitted personal information to us, please contact us and we will promptly delete it.
8. Your rights
Because DevBench does not collect personal data through tool usage, there is generally no data stored about you to access, correct, or delete. If you have contacted us and wish to have your message deleted from our records, please reach out and we will honour that request promptly.
9. Changes to this policy
We may update this Privacy Policy as the site evolves — for example, when new tools or features are added. The “last updated” date at the top of this page reflects the most recent revision. Continued use of DevBench after a change constitutes acceptance of the updated policy.
Questions about this policy? Reach out via the contact page.