Privacy Policy

Last updated: June 1, 2026

1. Scope

This Privacy Policy applies to https://jinitools.com and all of its subpaths (/en/, /ja/, /tools/, /guides/, /about/, /privacy/, /terms/, and so on). Third-party sites reached through external links are governed by their own privacy policies.

Terms used in this policy follow the definitions of the Korean Personal Information Protection Act and the EU General Data Protection Regulation (GDPR) where applicable.

2. How files are processed

Every file conversion and calculation in the Service (image compression, PDF merge/split, EXIF removal, housing subscription points, etc.) runs 100% in your browser. Specifically:

• Files you load into a tool are not transmitted to our server or any external server.
• The output (compressed images, converted PDFs, etc.) is not stored on any server.
• All processing is performed by JavaScript inside your browser's memory and is discarded the moment the tab is closed.
• You can verify this in your browser's DevTools (F12) → Network tab: no upload requests are issued when you load a file.

Exception: standard HTTP requests are made the first time the page downloads JavaScript libraries (pdf-lib, PDF.js, JSZip, etc.), fonts, and emoji SVGs from CDNs. These requests are normal content delivery and do not include any of your file content.

3. Information collected and how it is collected

3-1. Information the Service does not collect on its own

• Identifiable personal information such as name, email, phone number, or government ID number
• The content of any files or text you enter into a tool
• Account information (the Service has no account system)
• Payment information (the Service has no paid features)
• Location data (we do not request browser location permission)
• Address books, contacts, or social login credentials

3-2. Non-identifying information collected automatically

• Web analytics: page views, country (country level only), device type (desktop/mobile), browser family, operating system, and referrer. Collected by Cloudflare Web Analytics, which does not use cookies and aggregates data in a non-identifying way.
• Access logs: standard HTTP access logs (IP address, request time, request URL, User-Agent) generated by the Cloudflare CDN. Used solely for security and service-reliability purposes.
• Advertising-related information (when AdSense is active): see Section 4 below.

3-3. Data stored in your browser (localStorage)

For usability features, the Service stores the following items in your browser's localStorage. This data is never transmitted to our servers or to any third party — it lives only in your own browser.

• jinitools-favorites — slugs of tools you starred
• jinitools-recent — slugs of tools you recently used
• jinitools-theme — your light/dark mode preference

These are non-identifying usage records. Clearing your browser's site data removes them immediately.

4. Advertising and third-party cookies (Google AdSense)

To fund operating costs, the Service displays Google AdSense ads on some pages. Through AdSense, the following may occur:

• Google and its partner ad networks may use cookies or advertising identifiers to show ads based on your prior visits (personalized advertising).
• Cookies used by Google may include DoubleClick DART, NID, and IDE cookies.
• To measure impressions and clicks, your IP address, User-Agent, and page URL may be transmitted to Google.
• You can opt out of personalized advertising on the Google Ads Settings page, or opt out of third-party behavioral advertising in bulk at aboutads.info/choices.

For more on Google's advertising data, see the Google Advertising Policy and the Google Privacy Policy.

5. EEA / UK users (GDPR)

If you reside in the European Economic Area (EEA), the United Kingdom, or Switzerland, the following applies under GDPR:

• The Service itself collects no identifiable personal information, so no personal data is processed without your explicit consent on our side.
• For EEA users, Google AdSense may display a consent banner before advertising cookies are set (Google Consent Mode v2). You can refuse advertising cookies; in that case, non-personalized ads are shown.
• You have the rights of access, rectification, erasure, restriction, and portability over your data. Because we hold no personal data ourselves, these rights must generally be exercised directly against third-party processors such as Google.

6. Children's privacy (COPPA, Korean ITNA)

The Service is not specifically directed at children under 13 (in the United States) or under 14 (in Korea). Because there are no account or posting features, there is no channel through which a child's personal data would be collected.

Children who do use the Service should do so under parental or guardian supervision. If you believe a child has unintentionally entered personal information, please contact us using the address at the bottom of this page so we can investigate and take action.

7. Third-party services

The Service relies on the following third-party services. Each handles data according to its own privacy policy.

• Cloudflare, Inc. — site hosting (Cloudflare Pages), CDN, DDoS protection, web analytics. Privacy policy
• Google LLC — Google AdSense advertising. Privacy policy
• jsDelivr (Prospect One) — CDN delivery of JavaScript libraries and emoji SVGs. Privacy policy

8. Data retention and deletion

• User files: not stored on any server; discarded from memory the moment you close the browser tab.
• Cloudflare access logs: retained per Cloudflare's own policy (typically 30–90 days) and then automatically deleted.
• Google AdSense data: handled per Google's retention policy (typically advertising cookies expire within 13 months).
• localStorage data: persists in your browser until you delete it.

9. Security measures

• HTTPS everywhere: every page is served only over HTTPS (TLS 1.2 or higher).
• Pinned CDN library versions: all external JavaScript libraries are loaded at explicit pinned versions (e.g., jszip@3.10.1, pdf-lib@1.17.1) to prevent silent code injection.
• Least-privilege principle: the Service requests no browser permissions — no location, no camera, no microphone, no contacts.
• Open-source libraries only: every dependency is MIT/Apache 2.0/BSD-licensed and visible in the page source.

10. Your rights and how to exercise them

Because we do not collect identifiable personal information directly, there is no first-party dataset for typical access/correction/deletion requests. You can still exercise the following:

• Refuse advertising cookies: via the Google Ads Settings page in Section 4 or your browser's cookie controls.
• Clear localStorage: via your browser settings → clear site data.
• Block web analytics: enable Do Not Track in your browser, or use a content blocker (uBlock Origin, etc.).

11. Contact for privacy matters

• Privacy contact: JiniTools operator
• Email: jini506410@gmail.com
• Response time: typically 1–3 business days

Users in Korea can also contact the following agencies for privacy-related complaints or mediation:

• Personal Information Infringement Report Center (privacy.kisa.or.kr / 118)
• Personal Information Dispute Mediation Committee (kopico.go.kr / 1833-6972)

12. Changes to this policy

• Minor changes (wording cleanup, contact updates): we post them on this page and update the "Last updated" date at the top.
• Material changes (new categories of collection, expanded third-party sharing): we announce them on the home page at least 7 days before they take effect, with the change history listed on this page.

Updated policy takes effect upon posting. If you do not agree with the changes, you may stop using the Service.

13. Effective date

This policy first took effect on August 1, 2025, and was last revised on June 1, 2026.