Privacy Policy

Last Updated: January 2025

ToolHut ("we," "us," or "our") operates the https://toolhut.com website. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our services.

By using ToolHut, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our services.

1. Information We Collect

1.1 Information You Provide Directly

When you create an account or use our services, we collect:

  • Account Information: Display name, email address, password (securely hashed using bcrypt), and username
  • Profile Information: Profile picture/avatar (stored in Firebase Storage), bio or additional details you choose to provide
  • Authentication Data: When you sign in via third-party providers (Google, GitHub, Twitter), we receive your name, email, profile picture, and unique identifier from those services
  • Contact Form Data: Name, email, and message content when you submit inquiries through our contact form (processed via Web3Forms)
  • Tool Request Data: Tool name, description, and reference links when you request new tools
  • Comments: Comment text, timestamps, and associated user information when you post comments on tools

1.2 Information Collected Automatically

When you use our website, we automatically collect:

  • Log Data: IP address, browser type and version, device information, operating system, referring URLs, pages visited, time and date of access, and time spent on pages
  • Cookies and Tracking: Session cookies, authentication tokens (JWT), preference settings, and analytics cookies
  • Usage Data: Which tools you use, feature interactions, error logs, and performance metrics
  • Analytics Data: Collected through Google Analytics including page views, user flow, traffic sources, and demographic information

1.3 Information from Third Parties

We receive information from:

  • OAuth Providers: Google, GitHub, and Twitter provide your profile information when you authenticate through them
  • Social Media Platforms: When using our video downloader tools, we may receive metadata from Facebook, Instagram, and Twitter APIs

2. How We Use Your Information

We use the collected information for the following purposes:

Account Management

Create and maintain your account, authenticate your identity, and enable account features

Email Verification

Send verification emails via Resend to confirm your email address

Service Provision

Provide access to all our tools and features, process your requests, and deliver tool outputs

Communication

Respond to your inquiries, send important notifications, and provide customer support

Personalization

Remember your preferences, display your profile information, and customize your experience

Security

Detect and prevent fraud, abuse, and security incidents; enforce our terms of service

Analytics

Understand how users interact with our tools, improve our services, and develop new features

Legal Compliance

Comply with legal obligations and respond to lawful requests from authorities

3. Data Storage and Processing

3.1 Database Storage

User account information, comments, and profile data are stored in our PostgreSQL database. We implement appropriate security measures including:

Password hashing using bcrypt (cost factor 14)
Encrypted database connections
Regular security audits and updates
Access controls and authentication

3.2 File Storage

Profile pictures and avatars are stored in Firebase Storage with secure access controls. Generated avatars use gradient algorithms when you don't provide a custom image.

3.3 Tool Data Processing

Data you input into our tools (text, code, images, URLs) is:

  • Processed in real-time on our servers or client-side in your browser
  • Not stored permanently unless you explicitly save it
  • Deleted immediately after processing for most tools
  • Used only for the specific tool function you requested

4. Information Sharing and Disclosure

We do not sell your personal information.

We share your information only with essential third-party services (NextAuth.js, Resend, Firebase, Web3Forms, Google Analytics, Google AdSense), when required by law, or in business transfers. All partners are carefully selected and bound by strict data protection agreements.

5. Cookies and Tracking

We use cookies for authentication, preferences, analytics, and advertising. You can control cookies through your browser settings, though essential cookies are required for the site to function.

For personalized advertising opt-out, visit Google Ads Settings.

6. Your Rights

You have the right to access, correct, delete, or export your data. You can also opt-out of communications and withdraw consent at any time.

To exercise these rights, contact us. We respond within 30 days.

7. Security & Data Retention

We implement industry-standard security measures including bcrypt password hashing, HTTPS encryption, JWT tokens, and regular security audits. We retain data only as long as necessary for service provision and legal compliance.

When you delete your account, we remove or anonymize your personal information within a reasonable timeframe.

8. Important Notes

Children's Privacy

Our services are not for users under 13. We immediately delete any data from children under 13.

International Transfers

Your data may be processed in different countries with appropriate safeguards in place.

Policy Updates

We may update this policy and will notify you of significant changes via email or website notice.

Questions or Concerns?

If you have questions about this Privacy Policy, please contact us. We respond within 30 days.

By using ToolHut, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.