Privacy Policy
CrateX.app processes tool inputs and results locally in your browser by default and does not upload them to our servers. For sign-in, memberships, payments, and site security, we only process the minimum information needed to provide the service.
Our Privacy Commitment
Our Privacy Commitment
Local by default: For most tools, your inputs and results are processed in your browser and are not uploaded to our servers.
Tool content stays off our servers: For tools that work without sign-in, we do not collect or store your inputs or results.
Minimum necessary data: For site operations, sign-in, memberships, and payments, we only process the minimum information needed to provide the service.
What Information We Collect
What Information We Collect
For tools that work without sign-in, we generally do not collect
The text, parameters, and original file contents you enter into tools
The results generated by the tools
Identity information additionally required solely to run those tools
Copies of file contents retained on our servers after tool processing completes
In these situations, we may process
Anonymous usage statistics and basic usage events (when you consent to analytics or measurement)
The minimum account and service information needed for sign-in, sessions, orders, or subscription status
Basic technical information needed for security and operations, plus error logs that do not include tool inputs
Cookies and Local Storage
Cookies and Local Storage
Functional Storage
Language preference settings
Tool configurations saved after sign-in or explicit save
Theme preference (dark/light mode)
Storage Location
We use a small amount of first-party storage to save site preferences such as language, theme, and privacy choices. When you are not signed in, tool inputs, outputs, and tool settings stay only in current page memory. Necessary cookies or similar mechanisms maintain sign-in state, restore membership benefits, and protect site security. Third-party services may set cookies or similar identifiers to provide sign-in, payments, ads, or analytics, subject to applicable law and their own policies.
Data Security
Data Security
HTTPS encrypted transmission
Client-side security processing
Tool inputs and results are not stored persistently on our servers by default
Regular security updates and maintenance
WebDAV Sync storage
WebDAV Sync storage
When you enable WebDAV Sync, CrateX.app stores encrypted WebDAV credentials so the API can proxy sync requests.
WebDAV usernames and passwords are encrypted before storage and are never returned to the browser.
Only encrypted sync content is written to your chosen WebDAV storage.
CrateX.app cannot recover encrypted remote sync content if you lose your recovery key.
Your Rights
Your Rights
Clear locally stored settings and cached data at any time
View and manage local storage data content
Most tools can be used without sign-in
Stop using our service at any time
Advertising and third-party services
Advertising and third-party services
We may integrate advertising, analytics, sign-in, or payment-related third-party services. These services may use cookies or similar technologies for authentication, ad delivery, frequency capping, measurement, or transaction processing, subject to applicable law and their own privacy policies. In the EEA, the UK, and Switzerland, analytics or advertising features will be activated based on your consent.
Consent and withdrawal
You can review or adjust your consent at any time through the 'Manage Cookies' link in the footer. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Children and sensitive information
Children and sensitive information
The website is intended for users who can legally enter into contracts. We do not target children or knowingly collect children's personal information. If you believe we inadvertently collected information from minors, please contact us to request deletion.
Data controller and contact
If you have any questions, requests, or complaints about this policy, your account information, membership benefits, payment records, or personal data processing, please contact us using the email address listed on the About page.
Retention and cross-border transfers
We retain data for no longer than necessary to achieve the relevant purposes and will delete or anonymize it after the retention period. Due to third-party infrastructure locations, cross-border transfers may occur; we will take reasonable compliance measures within the scope permitted by law.
Data Storage Management
Analyzing storage usage...
Third-party Services
Third-party Services
We may use the following third-party services to support site operations, analytics, authentication, payment processing, or content delivery:
Analytics and measurement
Where required and with your consent, we may use anonymized or de-identified analytics and measurement services to understand page visits, feature usage, and conversion performance.
Infrastructure, sign-in, and payment services
We may use content delivery networks, third-party sign-in providers, and payment processors to accelerate access, authenticate users, and handle transactions. These services receive only the information necessary to perform their role.
Legal Compliance
Legal Compliance
We continuously review and adjust our data practices to align with applicable legal requirements, including but not limited to:
European Union General Data Protection Regulation (GDPR)
California Consumer Privacy Act (CCPA)
Other applicable regional data protection laws
Policy Updates
We may update this privacy policy from time to time. Important changes will be notified to users in prominent positions on the website. Continued use of our services indicates your acceptance of the updated policy.