1. Data Controller
Owner: GenerarPassword.com
Contact email: [email protected]
Website: https://generarpassword.com
2. Data We DO NOT Collect
It is essential to clarify what information we DO NOT collect:
- ❌ Generated passwords: We never see, store, or transmit the passwords you create.
- ❌ Checked passwords: Strength analysis happens locally in your browser.
- ❌ Verified emails: Queries to HaveIBeenPwned are made from your device.
- ❌ Usage history: We don't save which tools you use or when.
- ❌ Personally identifiable information: We don't ask for name, address, phone, etc.
3. Data We DO Collect
3.1 Essential Technical Cookies
We store in your browser (localStorage):
- Theme preference: Whether you use dark or light mode.
- Selected language: To remember your preferred language.
- Cookie consent: Your decision about accepting/rejecting cookies.
Legal basis: Legitimate interest (basic site functionality).
3.2 Google Analytics
We use Google Analytics to understand how the site is used:
- Pages visited
- Time spent
- Country/region (anonymized IP)
- Device type and browser
- Traffic source (Google, social media, etc.)
Legal basis: Consent (when accepting cookies).
Google's policy: https://policies.google.com/privacy
3.3 Contact Form
If you contact us via form or email, we collect:
- Your name (if you provide it)
- Your email
- The message you send
Purpose: To respond to your inquiry.
Retention: Up to 90 days after resolving your case.
Legal basis: Consent and execution of a requested service.
4. Technical Verification: Privacy Proof
You can verify that we don't send data by following these steps:
- Press F12 in your browser to open Developer Tools
- Go to the "Network" tab
- Generate a password, check its strength, or verify an email
- Observe that there are no HTTP requests sent to our servers
All processing happens on your device using JavaScript and the browser's Web Crypto API.
5. Your Rights (GDPR)
According to the General Data Protection Regulation (GDPR), you have the right to:
- Access: Request what data we have about you (answer: practically none).
- Rectification: Correct incorrect data.
- Erasure: Delete your data.
- Object: Reject certain processing (e.g., Google Analytics).
- Portability: Receive your data in structured format.
- Restriction: Limit processing.
To exercise these rights, contact: [email protected]
6. Third-Party Cookies
6.1 Google Analytics
Cookies: _ga, _gid, _gat
Duration: Up to 2 years
Purpose: Web analytics
More info: Google Analytics Cookies
6.2 Google AdSense (if applicable)
If we implement Google AdSense in the future, advertising cookies will be used. We will notify you and request prior consent.
7. Data Security
We implement the following measures:
- ✅ Mandatory HTTPS: All connections are encrypted with SSL/TLS.
- ✅ Local generation: Passwords never leave your device.
- ✅ No password databases: There is no database storing passwords.
- ✅ Constant updates: We keep software up to date against vulnerabilities.
8. International Transfers
Google Analytics may transfer data outside the European Economic Area (EEA). Google complies with:
- Privacy Shield (until its invalidation)
- Standard Contractual Clauses (SCC)
- EU Adequacy Decisions
9. Minors
Our service is designed for users over 16 years old. If you are a minor, please ask permission from your parents or guardians. We do not intentionally collect data from minors without parental consent.
10. Policy Changes
We may update this policy to reflect legal changes or changes to our service. We will notify you of significant changes through:
- Prominent notice on the website
- Update of the "Last updated" date
11. Applicable Law
This policy is governed by:
- GDPR (EU Regulation 2016/679)
- LOPDGDD (Organic Law 3/2018, Spain)
- LSSI-CE (Law 34/2002, Spain)
12. Contact and Complaints
Contact email: [email protected]
Web form: Contact page
Supervisory Authority: Spanish Data Protection Agency (AEPD)
Website: www.aepd.es
Address: C/ Jorge Juan, 6, 28001 Madrid, Spain
Phone: +34 901 100 099 / +34 912 663 517