Skip to main content

Trust & transparency

Privacy policy

This policy separates tool input—which stays in your browser—from the limited information used for site delivery, analytics, support, and optional suggestions.

Last updated:

Who operates Toolk

Toolk is built and maintained by M H Tawfik under Soft Web Grove. Questions or privacy requests can be sent to hello@mhtawfik.com. Include enough information for us to locate the relevant submission, but do not email passwords, API keys, or other secrets.

Tool input stays on your device

The text, code, URLs, tokens, numbers, dates, colors, and files entered into Toolk tools are processed by JavaScript and browser APIs in the active tab. Toolk does not receive or store that input. Clipboard access happens only when you choose a paste, copy, or export action and your browser permits it.

The Nginx Config Generator can save its current draft in your browser's local storage so it is available on a later visit. That draft remains on your device and can be cleared from the tool or through browser site-data controls. The Pomodoro Timer may request browser notification permission when you enable notifications; the browser controls that permission.

Google Analytics

Toolk loads Google Analytics 4 after the page hydrates to understand which pages are used and whether the site works across devices. Google states that its default web measurement can collect user and session statistics, approximate location, browser and device details, traffic source, page information, and a client identifier stored in a first-party_ga cookie. Toolk does not attach tool input to analytics events.

Google processes analytics data under its own terms and privacy controls. Read Google's GA4 data-collection explanation and privacy policy. You can block or delete analytics cookies using your browser settings or a compatible content blocker.

Tool suggestions and support messages

The optional suggestion form sends the proposed tool name, description, and any email address you choose to provide to Toolk's server. The server forwards that message through the configured email provider to the maintainer. The email is used only to evaluate the suggestion or follow up about it. Request metadata, including an IP address, is used in transient memory for basic abuse-rate limiting.

Direct support emails are stored by the sender's and recipient's email providers. Form and email messages are retained only as long as reasonably needed to evaluate the request, respond, prevent abuse, or meet applicable obligations. You can request deletion using the contact address above.

Hosting and security logs

Hosting, content-delivery, and security providers may process ordinary request metadata such as IP address, requested URL, timestamp, user agent, and response status to deliver the site, detect abuse, and diagnose failures. Tool input is not part of those requests because it is processed in the browser.

Your choices and requests

  • Clear Toolk cookies or local storage through your browser's site-data settings.
  • Decline clipboard or notification permissions when your browser asks.
  • Leave the optional email field blank when suggesting a tool.
  • Ask to access, correct, or delete a support or suggestion message you submitted.

This policy covers the main Toolk website. The AltCatch extension has a separate extension privacy policy describing its permissions and local audit history.

Policy changes

The date at the top changes only when this policy or the underlying data practices change. Material changes will be reflected here before or when the revised practice takes effect.