Last Updated: May 30, 2026 · Effective Date: May 30, 2026
The short version: We can't see the passwords you generate. They're created entirely inside your browser and never sent to us. We do use basic analytics to understand how many people visit and which pages they use, and our web host keeps standard server logs. Details below.
Every password and passphrase is generated locally in your browser using the Web Crypto API (crypto.getRandomValues), the same cryptographic randomness used by banks and secure systems. Your generated passwords are never transmitted to us, never stored on our servers, and never logged. We could not retrieve one if we tried. You can verify this in our open-source code or by watching your browser's network activity while generating.
We use Google Analytics to understand general usage, such as which pages are popular, how visitors find us, and what devices they use. Through it, the following is collected:
We use this only to understand traffic and improve the site, not to identify you personally, and we do not sell it. Google processes this data under its own privacy policy.
The site is hosted on Amazon Web Services and delivered through Amazon CloudFront. As part of normal operation, these record standard technical data such as IP addresses, timestamps, requested URLs, and browser type, used for security and reliability.
Google Analytics sets cookies or similar identifiers to measure usage. We do not use advertising or cross-site tracking cookies. You can block or delete cookies in your browser settings and the generator will still work fully.
We keep the site free through affiliate partnerships. Some links to password managers and security products (such as NordPass, Proton Pass, and RoboForm) are affiliate links. If you click one and buy, we may earn a commission at no extra cost to you. Those partners run their own sites with their own tracking and policies, which we don't control.
Google (analytics), Amazon Web Services and CloudFront (hosting and delivery), and the affiliate partners linked from our pages. Each has its own privacy policy governing the data it collects.
We don't sell your personal information. We don't have user accounts, so we don't collect names or account passwords. We don't run advertising or social-media tracking pixels. If you email us, we receive only what you choose to send.
Our servers and Google Analytics process data in the United States. If you visit from the EU, UK, or elsewhere, your information may be transferred to and processed in the US. Google and Amazon, as our service providers, rely on standard contractual safeguards for these international transfers.
Depending on where you live, you may have rights over your data.
EU/UK residents (GDPR): access, correction, deletion, restriction, objection, portability, withdrawal of consent, and the right to complain to your data protection authority.
California residents (CCPA/CPRA): the right to know, delete, and opt out of sale (we don't sell), without discrimination.
To exercise any of these, email admin@safepasswordgenerator.net. Because we don't link analytics data to your identity, we may need more information to locate data about you, or may be unable to if none is identifiable.
Our tools are not directed at children, and we don't knowingly collect personal information from anyone under 16.
Analytics data is retained according to our Google Analytics retention settings. Server logs are kept per our host's standard practices.
We may update this policy. Material changes will be posted here with a new "Last Updated" date.
Questions: admin@safepasswordgenerator.net