Privacy

Site overview

• Cipher and code tools run entirely in your browser. Plaintext, ciphertext, and keys are not transmitted to a server.
• The Multi Decoder runs every decoder locally, including syllable counts, which use a CMU Pronouncing Dictionary bundle loaded from this site on first use. No input is transmitted. Share links (e.g. #md= hashes) are only created when you click the Share button, and the encoded payload stays in the URL fragment.
• The Coordinate Converter and Frequency Analyzer compute results locally.
• Map tiles are loaded from third-party providers (Mapbox, OpenStreetMap, Esri, OpenTopoMap). Their privacy policies apply when their tiles are requested.
• Coordinate decoding for Mapcode and reverse-geocoding call out to public APIs (mapcode.com, nominatim.openstreetmap.org) only when you submit a coordinate to those features.
• The ISBN tool looks up book details by sending the ISBN you submit to Open Library (openlibrary.org/api/books). Only the ISBN is sent; their privacy terms apply. Amazon and Google fallback links are constructed locally, no request is made to those services unless you click the link.
• Elevation lookups call out to cachesleuth.opentopodata.org, a third-party endpoint operated by OpenTopoData on a CacheSleuth-branded hostname. Despite the cachesleuth in the URL, the request leaves CacheSleuth's infrastructure and is served by OpenTopoData; their privacy and usage terms apply. Only the coordinate you submit is sent; no other input from the page is included.
• Cache checkers and game pages (the /keyword/, /burggirl/, and the puzzle-cache helper pages reached via owner-supplied links, Ghostbusters, Goonies, Big Boss, the Adventure Lab finals, Ready Player One, and similar) are the one place on the site where the value you type is intentionally transmitted. When you submit an answer, the page logs the attempt so the cache owner is notified and so abuse patterns (e.g. brute-force guessing) can be investigated. Each submission sends the geocache identifier, the keyword or coordinates you entered, whether the attempt was correct, your browser, OS, device, screen size, and timezone, and the date/time. Your IP and its approximate city/region/country are derived at the edge by Cloudflare from the request itself, no third-party IP-lookup service is called. The submission is sent to checker-log.cachesleuth.com, a CacheSleuth-operated Cloudflare Worker. The worker checks your answer against a list maintained by the cache owner inside a CacheSleuth-controlled database, returns the success message (or a generic "not correct" reply) to your browser, records the attempt, and notifies the cache owner. The answer set never leaves the worker and is not exposed in any URL or page response. Submissions are rate-limited per IP to slow brute-force attempts. Attempts are automatically deleted after 90 days. These pages are unlisted and only reached via a cache owner's checker link; if you'd rather not have your attempt logged, do not submit an answer.
• The Wherigo Solver uploads cartridges to api.cachesleuth.com for parsing. Cartridges are processed in memory and are not stored long-term. After parsing, the solver may also fetch the public cartridge-details page on wherigo.com and any referenced geocache pages on geocaching.com through a CORS-bypass proxy at proxy.cachesleuth.com in order to enrich the displayed result with author and cache-title info. The proxy only fetches the public URLs the cartridge already references; it does not see anything you typed.
• Translation. When you pick a language from the footer dropdown, CacheSleuth sends the static UI strings on the current page (button labels, headings, descriptions, tool names) to CacheSleuth's translation service at cs-translate.cachesleuth.com for translation. Your tool input is not included. The translator only sees the same text the page would show to a guest browsing in English: nothing you typed into a textarea, dropped into a file input, pasted into the coordinate box, or entered into the contact form. Form fields, your chosen text, your uploaded cartridges, and anything else you enter into a tool stay in your browser. Translated results are cached on the translation service and in your browser's localStorage so the same string is not re-sent across visits or across visitors.
• Donations route through PayPal; CacheSleuth does not receive your payment details.

My puzzle texts

Anything you type, paste, or drop into a tool (puzzle clues, cipher text, plaintext you're encoding, coordinates, keywords, pad characters, cache pages, notes) stays in your browser. CacheSleuth runs the decoders, encoders, coordinate parsers, and analyzers locally using JavaScript on the page you have open. The site has no server-side database for puzzle inputs and never sends them to a logging endpoint.

The exceptions are spelled out above: cache checker pages (which intentionally log answer attempts so the cache owner is notified), the Wherigo Solver upload (sent to a CacheSleuth parser, processed in memory, not stored long-term), ISBN lookups (the ISBN is sent to Open Library), elevation lookups (the coordinate is sent to OpenTopoData), Mapcode and reverse-geocoding (the coordinate is sent to mapcode.com / Nominatim), and map tile loads (your viewport coordinates are sent to the tile provider). No other tool transmits what you type.

The Notes drawer ("My Puzzle Texts") stores its content in your browser's localStorage on your device. By default, notes are not transmitted to any server and are not shared between devices or browsers. Clearing your browser's site data removes them.

Optional cloud sync. You can choose to create an account (a username and a passphrase) to sync your notes across devices. When you do, your notes are end-to-end encrypted in your browser before they are uploaded, using a key derived from your passphrase that never leaves your device. The sync service stores only the encrypted note data, your username, your key-derivation parameters (random salts and an iteration count), password-style verifiers that let you sign in, and encrypted copies of your note key that can only be unwrapped with your passphrase or recovery key. It cannot read your notes, and neither can we. This protection covers the sync service and the network. It assumes you trust the CacheSleuth website itself to deliver honest code, since the encryption runs in your browser using JavaScript we serve. The account data is held by Cloudflare (Workers and D1) on servers in the United States. We use a Cloudflare Turnstile check to limit automated abuse, and we cap how many accounts can be created from one network address. An account that is not used for 18 months is automatically deleted, and you can delete yours at any time from the cloud panel in the drawer, which erases the encrypted copy on our server. Because the encryption is end-to-end, if you lose both your passphrase and your recovery key, the data cannot be recovered by anyone, including us.

One important caveat: by default, signing in on a device caches a session token and your note key in that browser so it can keep syncing without re-entering your passphrase. Anyone with access to your unlocked device or browser profile can therefore read and sync your notes (by default your notes are also stored unencrypted in that browser, as above). Changing the passphrase or deleting the cloud account does require re-entering your passphrase, so a cached session alone cannot lock you out or erase your account. Sign out on shared devices, choose a strong passphrase, and do not store passwords, financial details, or other sensitive personal data in your notes.

Lock mode (optional at-rest encryption). The cloud panel has an "Encrypt notes on this device" option. When you turn it on, the unencrypted at-rest copy in your browser's localStorage is replaced by an encrypted vault, and the working copy plus your cached note key move to sessionStorage, which the browser clears when the tab closes. You then re-enter your passphrase once per session on each device to unlock your notes. So a cold or shared device holds only ciphertext. Lock mode protects your notes at rest, not while the page is open and unlocked, and it does not change what the sync service can see, which is still only ciphertext.

Share links

Many tools have a Share Link button that copies a self-contained URL recreating your current input. Examples: /multidecoder/#md=…, /multiencoder/#me=…, /tools/coordinateconverter/#cc=…, and similar hashes on the mapping and cipher pages.

The payload after the # is your tool input (e.g. cipher text and keys, or a coordinate string), compressed with LZ-String and URL-safe encoded. Everything needed to recreate the state is in that fragment.

A URL fragment (the part after #) never leaves your browser. Browsers do not include fragments in HTTP requests, so when you open or share a share-link URL, the server (CacheSleuth, Cloudflare, anyone else) sees only the path, not the encoded input. The page loads, JavaScript reads the fragment locally, and the inputs are recreated in your browser.

However, anyone you share the URL with can recover the original input by opening the link, since the payload is encoded (compressed) but not encrypted. Don't paste sensitive information into a share link and then post it publicly. Treat a share link the same as you'd treat a screenshot of the tool with your input visible.

Tool-specific policies

• Geocache Viewer browser extension, local-only processing of the cache page you are viewing on Geocaching.com.

Cookies and storage

CacheSleuth uses your browser's localStorage to remember UI preferences (sidebar mode, theme, format choices, recently used inputs). These values stay on your device and are not transmitted. Clearing your browser's site data resets them.

CacheSleuth does not run any advertising trackers, third-party ad networks, or cross-site fingerprinting scripts. The site is served through Cloudflare, which includes Cloudflare Web Analytics: a cookieless, privacy-respecting analytics script that records page views, browser and OS info, and approximate country. Cloudflare aggregates this data so the site owner can see general traffic patterns. It does not use cookies, does not track you across sites, and does not store your full IP address. You can read more on Cloudflare's Web Analytics page.

Contact

Questions about privacy or data handling? Use the contact page.