# Data Generator by OzCrypt Privacy and Local-first Notes ## Core model Data Generator by OzCrypt standalone is local-first: - Generation runs in the browser. - No signup is required. - No backend upload for generated output in this standalone package. - The in-app `#/privacy-safety` page provides a concise privacy, safety, and limitations summary for users. ## Optional analytics - Basic usage analytics is optional and off by default. - The first-run Privacy choices banner asks before analytics is enabled. - When consent is not chosen or denied, the app does not load the Google Analytics script and does not call `gtag`. - When granted in the banner or Full Settings, the app may send high-level usage events such as page/tool views to Google Analytics. - Analytics events must not include generator inputs, uploaded file names or contents, generated rows/assets/output values, data-plan contents, passwords, secrets, tokens, names, emails, addresses, IDs, custom labels, or raw errors. - If analytics script loading fails offline or is blocked by the browser, Data Generator by OzCrypt continues to work normally. ## Share link warning Share links may be visible in: - browser history - screenshots - copied messages - logs Do not include: - passwords - passphrases - secrets - tokens - private keys - API keys - session IDs - real personal/customer data ## Sensitive generators Password/secret-style tools should share settings only, not generated secret values. ## Synthetic identity/card safety Identity and card/badge output must remain synthetic test-only and clearly labeled where relevant: - SAMPLE - NOT A REAL ID - FOR TESTING ONLY ## Storage notes - Essential local settings are stored in the browser so the app can remember user-requested preferences such as language and theme. - Preferences, favorites, recent, and some setup data may be stored in browser local storage. - The analytics consent choice is stored locally in this browser. - Clear browser storage if you need to remove local traces. - Treat shared machines as non-private environments. ## Security claim boundary This product does not claim a formal security audit. Use it as a local test-data/asset tool, and review outputs before using them in real workflows. ## Jurisdiction and responsibility boundary Privacy, cookie, analytics, data protection, education, healthcare, finance, and legal requirements vary by country and region. This document is product guidance, not legal advice or a compliance guarantee. Site owners and users remain responsible for reviewing whether the tool and generated output are appropriate for their use case and jurisdiction.