MYSYSAD is built on a "Privacy-by-Architecture" model. Unlike web tools that send your data to remote servers for processing, all 74 MYSYSAD tools โ 29 inline and 45 advanced โ run entirely within your browser's memory, using WebCrypto, WebAssembly, the File System Access API, and the browser's built-in JavaScript engine to do everything locally.
/api/feeds) that fetches news headlines for the News page โ it never touches your tool data.
There are a small number of tools that must make outbound network requests to perform their function โ a DNS lookup tool has to actually query DNS servers, for example. These are clearly identified in this document. For those tools, the request is made directly from your browser to the relevant service; MYSYSAD servers are not an intermediary and never see the data.
Here is a complete, honest accounting of every category of data and what happens to it:
| Data / Action | Where it goes | Details |
|---|---|---|
| Credentials, tokens, keys, hashes (JWT Decoder, JWT Forensic Analyzer, Hash Generator, SSH Key Generator, Password Generator, SSO Autopsy, PKI Inspector, SSL Forensics, htpasswd Generator, OpenSSL Builder) | โธ LOCAL ONLY | Processed entirely in-browser via WebCrypto and JavaScript. Nothing transmitted. |
| Log files, config files, Terraform plans, Docker Compose, K8s YAML, jq queries, crontab manifests (Log Analyzer, Log Scrubber, Terraform Analyzer, Compose Visualizer, K8s Builder, Line Patcher, jq Playground, Cron Orchestrator, DriftScope) | โธ LOCAL ONLY | Parsed and processed in browser memory. Files are not uploaded to any server. |
| Images and screenshots (WebRSW Pro, Photo Organizer) | โธ LOCAL ONLY | All editing, OCR, redaction, and export operations run client-side. Images never leave your device. |
| Local files accessed via File System API (Photo Organizer, Log Analyzer, WebRSW Pro, Line Patcher, Scratchpad disk sync) | โธ LOCAL ONLY | You grant access per-session via a browser permission prompt. File contents are read and written directly on your device. MYSYSAD servers have no visibility into this activity. |
| Network topology designs, subnet calculations, firewall rules, permission simulations (NetBuilder Pro, Subnet Architect, VPC Planner, Firewall Builder, Permission Simulator, NGINX Simulator, Port Reference) | โธ LOCAL ONLY | All calculations and visualizations run in-browser. No network diagrams, CIDR data, or rule sets are transmitted. |
| Statistical calculations (Statistical Tables, Sysadmin Calculator) | โธ LOCAL ONLY | All numerical approximations (chi-square, Z-score, t-Student, RAID/SLA/transfer calculations) computed locally. |
| Email DNS records (Email DNS Generator) | โธ LOCAL ONLY | SPF, DKIM, and DMARC records are generated locally. No DNS queries are made โ the tool produces copy-paste records for you to add to your DNS provider manually. |
| Text diffing and JSON formatting (Advanced Diff Viewer, JSON Forensic Explorer, Base64 Forensic Architect, MAC Policy Translator, Data Transformer) | โธ LOCAL ONLY | All parsing, formatting, comparison, and transformation runs in-browser. No text content is transmitted. |
| Python code (Python Sandbox) | โธ LOCAL ONLY | Executed inside a WebAssembly sandbox in your browser. Code is not sent anywhere. |
| DNS queries (DNS Lookup, DNS Propagation Checker) | โธ TO DNS RESOLVERS | Queries are sent directly from your browser to public DNS resolvers (e.g., Cloudflare 1.1.1.1, Google 8.8.8.8). The resolver sees the domain you queried and your IP address. MYSYSAD does not see or log these queries. |
| SSL / TLS checks (SSL Certificate Checker, Security Header Tester) | โธ TO TARGET HOST | Your browser makes a direct request to the hostname you specify. The target server sees your IP. MYSYSAD does not proxy or log these requests. |
| IP reputation lookups (IP Reputation tool) | โธ TO THIRD-PARTY API | Queries are sent to the relevant threat intelligence API (e.g., AbuseIPDB, VirusTotal). The IP address you look up and your browser's IP are visible to that provider. Consult their privacy policy for handling details. |
| MAC vendor lookups (MAC Lookup tool) | โธ TO OUI DATABASE API | The MAC address prefix (first 3 octets) is sent to a public OUI lookup API. Your browser IP is visible to that provider. |
| User preferences and tool state | โธ BROWSER LOCALSTORAGE | Theme preference, pinned tools, and per-tool session state are stored in your browser's localStorage. This data never leaves your device and you can clear it at any time through your browser settings. |
| Performance metrics | โธ TO VERCEL | The site uses Vercel Speed Insights, which sends anonymized page load performance telemetry (load times, Core Web Vitals) to Vercel's servers. No personally identifiable information is included. See Vercel's privacy documentation for full details. |
| Fonts and code libraries | โธ TO CDN PROVIDERS | The site loads fonts from Google Fonts and JavaScript libraries from cdnjs.cloudflare.com. These providers receive your IP address and browser metadata when their resources load. MYSYSAD has no control over their data practices. |
| News: Reddit posts (News page only) | โธ TO REDDIT | Your browser fetches posts directly from reddit.com/r/{subreddit}/top.json. Reddit receives your IP address and standard browser headers. No MYSYSAD server is involved. See Reddit Privacy Policy. |
| News: Hacker News stories (News page only) | โธ TO ALGOLIA | Your browser fetches stories from hn.algolia.com/api/v1/search_by_date. Algolia receives your IP address and query parameters. No MYSYSAD server is involved. See Algolia Privacy Policy. |
| News: RSS feeds from CISA, Krebs, LWN (News page only) | โธ TO MYSYSAD PROXY โ FEED SOURCES | Your browser sends a request to the MYSYSAD /api/feeds endpoint, which server-side fetches RSS content from government agencies and publishers. The proxy does not log your queries, but the hosting provider (Vercel) may collect standard access logs per their policy. This is the only MYSYSAD server-side component. |
Several advanced tools use the browser's File System Access API to read and write files directly on your local device. This includes:
File access is granted per-session. Closing the browser tab or window revokes all file system permissions until you explicitly grant them again on your next visit.
MYSYSAD uses your browser's localStorage and IndexedDB to persist state between sessions. Specifically, the following may be stored locally on your device:
None of this data is synchronized to any server. It exists only in your browser on your device. You can clear it entirely by clearing your browser's site data for mysysad.com.
MYSYSAD.COM does not set any first-party cookies for tracking, advertising, or analytics purposes. No session cookies, authentication cookies, or persistent tracking identifiers are set by MYSYSAD.
Third-party resources (Google Fonts, Cloudflare CDN, Vercel) may set their own cookies as part of their service delivery. These are outside MYSYSAD's control. You can inspect and manage all cookies for this site through your browser's developer tools.
MYSYSAD is a professional technical platform intended for adult system administrators and IT professionals. It is not directed at children under the age of 13 and we do not knowingly collect any information from minors.
This privacy policy will be updated as the platform evolves. The "Last Updated" date at the top of this page reflects the most recent revision. Continued use of the site following any update constitutes acceptance of the revised policy. For material changes, a notice will be added to the site's main page.
Questions about this privacy policy or data handling practices can be directed to the site maintainer via the contact link in the footer.