Privacy Policy

Short version: we don't collect your data. All hashing runs in your browser.

1. What We Collect

Almost nothing

HashMama is a static educational site. Here's what actually happens with your data:

Hashing tools: All hash calculations run entirely in your browser using the Web Crypto API. Nothing you type or upload is sent to any server.

Analytics: We use Plausible Analytics, which is privacy-friendly and cookieless. It collects aggregate page view counts - no personal data, no fingerprinting.

Contact & project forms: If you submit a form, that data goes to Web3Forms and is used only to respond to you.

Blockchain explorer: Fetches public Bitcoin data from the Blockchain.info API. No personal data involved.

Bottom line: Your cryptographic inputs, outputs, and files never leave your device.

2. Security

Client-side by design

The site is served over HTTPS. All cryptographic operations use the browser's built-in Web Crypto API - no third-party crypto libraries handle your sensitive inputs.

Hash calculations: Web Crypto API (SHA-256, SHA-512, etc.)

MD5: Computed locally via spark-md5 library

File hashing: Files are read locally, never uploaded

Standards followed: NIST FIPS 180-4 (SHA-2), FIPS 202 (SHA-3), RFC 5869 (HKDF).

3. Third-Party Services

Plausible Analytics - cookieless, GDPR-compliant page analytics. No personal data collected.

Web3Forms - handles contact and project submission forms. Data used only to process your submission.

Blockchain.info API - public Bitcoin blockchain data. No account or personal data required.

No advertising networks. No tracking pixels. No cookies beyond what the browser sets for basic site function.

4. Contact

If you have questions about this policy or how the site handles data, reach out via the contact page.

Last updated: 2025