GhostUtils
GhostUtils
© 2026 GhostUtils

Legal

Privacy Policy.

Last updated June 1, 2026. We've written this to actually be readable.

The short version

We collect the minimum information needed to run and improve the service. We don't sell your data. We use Google Analytics on public pages to understand aggregate traffic. Private generated links, inboxes, raw paste URLs, downloads, poll results, and pact pages are excluded from analytics. We don't show ads.

What we collect

  • Content you create - notes are encrypted client-side with XSalsa20-Poly1305 before reaching our servers. We store only ciphertext. Pastes are stored as-is. All content has an expiry and is deleted automatically.
  • Hashed IP addresses - used solely for rate limiting (preventing abuse). We use HMAC-SHA256 keyed with a server secret so the hash cannot be reversed to your real IP. We do not log raw IPs.
  • Session data - a single session cookie is used for CSRF protection and to track whether you've unlocked a password-protected note or paste in the current browser session. No personal identifiers are stored in the session.
  • Public page analytics - Google Analytics may collect aggregate visit data on public, indexable pages such as the homepage, tool landing pages, and policy pages.

What we don't collect

  • Your name, email address, or any account information
  • Browser fingerprints or device identifiers
  • Analytics on private generated tool pages
  • Third-party advertising or marketing cookies
  • Any information from third-party data brokers

Data retention

Content expires according to the expiry you set when creating it (1 hour, 24 hours, 7 days, or 30 days). Burn-after-read content is deleted immediately after the first view. A scheduled cleanup task runs periodically to hard-delete any expired rows from the database.

Hashed IP rate-limit records are stored in a local file and expire after 60 seconds automatically.

Security

All traffic is served over HTTPS with HSTS. CSRF tokens protect every form submission. Rate limiting prevents brute-force attacks. Content encryption uses libsodium (XSalsa20-Poly1305), the same library trusted by Signal and Wireguard.

Your rights

Because we don't collect identifying information, we cannot identify which content belongs to you after the fact. Save your note/paste URL - it's the only way to access your content. If you lose it, neither of us can retrieve it.

To remove content early, use the destroy function available on your note or paste's created page.

Changes to this policy

If we make material changes, we'll update the date at the top of this page. Continued use of GhostUtils after a policy change constitutes acceptance of the updated policy.

Questions? hello@ghostutils.com