crud.md
// crud.md / legal

Privacy Policy

Last updated: 29 June 2026

crud.md is built on one promise: your files never leave your machine. Everything below follows from that. You can verify it yourself — open your browser's network tab while you use a tool and watch zero bytes of your data get sent.

Who we are

"crud.md" ("we", "us", "our") is a suite of local-first tools for Markdown files, operated by Andrew Dowell, based in the United Kingdom. You can reach us at support@crud.md.

Your files are never uploaded

Our conversion tools run entirely in your browser using WebAssembly. The contents of the files you drop in — your Notion export, your Markdown, their text, images and attachments — are read, transformed and written back to a download on your device. They are never transmitted to us, never stored on our servers, and never seen by us. A strict Content-Security-Policy enforces this in the browser.

What we do collect

  • Licence-key checks. When you enter a licence key to unlock the full version, only that key is sent to our server to confirm it is valid. No file data accompanies it.
  • Your email — only if you give it. If you choose to join our list, we store your email address solely to tell you about new crud.md tools and updates. We never sell or share it, and you can unsubscribe at any time.
  • Payment information. Purchases are processed by Paddle (Paddle.com Market Ltd), our Merchant of Record and reseller. Paddle collects and processes your payment and billing details under Paddle's privacy policy. We never receive or store your card number.
  • Anonymous usage statistics. We may record anonymous, aggregate events — for example, that a page was viewed or a conversion was run — to understand how the tools are used. These never include your files, filenames, or their contents.
  • Server logs. Our host, Cloudflare, processes standard request metadata (such as IP address and browser type) to serve the site and protect it from abuse.

Cookies & local storage

We do not use advertising or cross-site tracking cookies. To keep the tool unlocked for you, we store your licence key (and your email, if you entered it) in your browser's localStorage — this stays on your device and is not a cookie sent to us.

Who we share data with

We do not sell your personal data. We share the limited data above only with the service providers that make crud.md work: Paddle (payments and tax), Cloudflare (hosting and security), and our email provider if you opt in. Each processes data on our behalf or, in Paddle's case, as the Merchant of Record for your purchase.

Your rights

Depending on where you live (for example under the GDPR or CCPA), you may have the right to access, correct, or delete the personal data we hold about you, and to object to certain processing. To exercise any of these, email support@crud.md. For data relating to a purchase, Paddle is the Merchant of Record and can also action requests directly.

International users & children

crud.md is served from Cloudflare's global network, so requests may be processed in data centres outside your country. The service is not directed to children and is not intended for anyone under 16.

Changes to this policy

We may update this policy as the tools evolve. When we do, we'll revise the "last updated" date above. Material changes will be highlighted on the site.

Contact

Questions about privacy? Email support@crud.md.