Privacy Policy
How we collect, use, protect, and respect your data across the Lexical Space Open-Source App Store and all associated services.
Introduction & Scope
Welcome to Lexical Space ("we," "our," "us," or "the Platform"). This Privacy Policy describes in detail how we collect, receive, use, store, share, transfer, and process information about you when you visit or use our website at lexicalspace.blogspot.com — including the Lexical Space Open-Source App Store, our curated platform that makes open-source software tools accessible to non-technical users worldwide without requiring knowledge of GitHub, command-line interfaces, or software development toolchains.
This policy applies to all visitors, users, and others who access or use our services, including: browsing our app store catalog, using browser-based utilities, interacting with AI-powered Cloud Connect features, or engaging with any part of the Lexical Space ecosystem.
- The Lexical Space website and all its subpages
- The Open-Source App Store and its full tool catalog
- All browser-based utilities — Text Analyzers, Code Tools, PDF Utilities, and more
- Cloud Connect / AI-powered tools using secure backend APIs
- Our consent, preference, and customization mechanisms
- Any communications we send (newsletters, updates, important notices)
By accessing or using our Site, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you disagree with any part of this policy, please discontinue use of our Site immediately.
About Lexical Space & Our Mission
Lexical Space is an independent web platform built on the belief that powerful open-source software should be accessible to everyone — not just developers. GitHub, while an extraordinary resource, presents a significant barrier for the non-technical majority: confusing interfaces, command-line requirements, compilation steps, and dependency management are intimidating for everyday users.
Our Open-Source App Store bridges this gap. We discover, curate, verify, package, and present open-source tools in a clean, user-friendly interface — similar to the App Store or Google Play, but for free, open-source software. Users can browse by category, read plain-English descriptions, see screenshots, and launch or download tools with a single click — no technical knowledge required.
Client-Side Architecture & Cloud Connect Tools
We believe your data belongs to you. To protect that principle, the vast majority of tools on Lexical Space run entirely within your web browser, transmitting nothing to any server. Here is a detailed breakdown of how each type of tool operates:
Includes Text Analyzers, Code Formatters, File Converters, PDF Utilities, JSON Tools, Image Compressors, Markdown Editors, and others marked as "Local" or "Offline-Ready".
- All computation occurs inside your browser using JavaScript, WebAssembly, or Web Workers
- Your text, files, and inputs are loaded into browser RAM — never transmitted over the network
- No HTTP request containing your content is ever made to our servers or any third-party server
- Closing the browser tab or refreshing immediately wipes all processed data from memory
- Verifiable: Monitor your browser's Developer Tools → Network tab — you will see zero upload traffic
Specifically labeled "Cloud Connect" or "Servered" — including AI Summarizers, Language Translators, Code Generators, and similar ML-powered tools.
- Secure Transmission: Your input is sent over an encrypted HTTPS connection to a backend API (such as Hugging Face Inference API) for processing.
- Session-Only Processing: Your data is processed in real-time for your session and is not retained, logged, or stored by Lexical Space after the session completes.
- Third-Party Processing: The API provider may have their own data handling policies — see Section 10 for links.
- Explicit Labeling: Every Cloud Connect tool is clearly labeled in the UI so you always know before you use it.
- Minimal Data: Only your specific input is transmitted — no device fingerprinting, no browser history, no account data.
- Web-launched tools open in your browser — tool code is served from our CDN or the original GitHub/hosting source and runs locally.
- Download-based tools redirect to the official project's release page (GitHub Releases, etc.). We do not host executable binaries ourselves.
- Metadata only: We may record anonymous, aggregate launch statistics (e.g., "PDF Tool launched 500 times this month") for catalog improvement. No personal identifying information is attached.
Information We Collect
We are committed to collecting the minimum data necessary to operate and improve our service. Below is a comprehensive breakdown of every category of data we may collect and its source.
A. Information You Provide Directly
We do not require account registration for most services. You may voluntarily provide information via:
- Contact Form / Email: Your name, email address, and message content.
- Feedback Submissions: "Report a Bug" or "Suggest a Tool" text and optionally your email.
- Newsletter Sign-up: Your email address. Unsubscribe at any time, no questions asked.
B. Information Collected Automatically
When you visit the Site, our hosting provider (Google/Blogger) and analytics services automatically collect certain technical data:
| Data Type | Examples | Purpose | Retained By |
|---|---|---|---|
| IP Address | Anonymized | Security, country-level geolocation | Google/Blogger |
| Browser Type | Chrome 124, Firefox 126 | Compatibility testing | Google Analytics |
| Operating System | Windows 11, macOS 14 | Compatibility testing | Google Analytics |
| Referring URL | google.com, reddit.com | Traffic source analysis | Google Analytics |
| Pages Visited | /tools/pdf-editor | Popular tool analysis | Google Analytics |
| Time on Page | 3 min 22 sec | Content quality assessment | Google Analytics |
| Device Type | Desktop, Mobile, Tablet | UI optimization | Google Analytics |
| Country / Region | India, United States | Audience understanding | Google Analytics |
* IP addresses are anonymized at collection time. Full IP addresses are never stored in any system under our direct control.
C. Tool Input Data (Your Content)
- For Local tools: never transmitted. Stays in browser RAM only. Wiped on tab close.
- For Cloud Connect tools: transmitted securely for processing, not retained by Lexical Space after session.
- We never sell, share, or use your content to train AI models or for any commercial purpose.
D. Preference & Consent Data (Local Storage)
To remember your choices (dark/light mode, cookie consent, tool settings), we may store small amounts of data in your browser's localStorage or sessionStorage. This data never leaves your device and is fully under your control — clear it anytime via browser settings.
App Store — Specific Data Practices
The Lexical Space Open-Source App Store is our core mission: making open-source tools accessible to users unfamiliar with developer platforms like GitHub. This section describes data practices unique to the App Store experience.
A. Browsing the Catalog
- Anonymous browsing: You can browse the entire catalog without creating an account or providing any personal information.
- Aggregate view counts: We track how many times each tool page is viewed in aggregate (e.g., "1,200 views this week") to surface popular tools. These counts are not linked to individual users.
- Search queries: Search terms may be logged in aggregate (e.g., "top searched terms: 'PDF editor', 'markdown'") to improve our catalog. Queries are not linked to you personally.
B. Tool Launch / Installation Events
- Web tools: When you click "Launch," an anonymous event may be recorded (tool ID + timestamp, no user identifier) for usage statistics.
- Download redirects: When you click "Download," you are redirected to the official project's GitHub Release. We may log this redirect anonymously. Lexical Space receives no data from the destination page.
- No tracking of installed tools: Once a tool is downloaded, we have absolutely no visibility into whether, how often, or how you use it.
C. Privacy Labels System
Every App Store listing includes a Privacy Label (similar to Apple's nutrition labels) describing each tool's network behavior to help you make informed decisions:
| Privacy Label | Meaning |
|---|---|
| ✅ Fully Offline | Tool makes zero network requests. Works entirely locally on your device. |
| ⚡ Partial Network | Tool may fetch updates, fonts, or static assets — no user content is transmitted. |
| ☁️ Cloud-Dependent | Tool requires network access to function. Review the tool's own privacy policy before use. |
Open-Source Tool Vetting Process
We take the responsibility of recommending open-source tools to non-technical users very seriously. Our vetting process ensures that catalog tools are safe, maintained, and genuinely useful:
- Source Code Review: We review publicly available source code for obvious malicious patterns, unauthorized data collection, or suspicious network requests before listing.
- License Verification: Every tool must carry an OSI-approved license (MIT, Apache 2.0, GPL, etc.), confirming it is genuinely free and open-source.
- Maintenance Status: We prefer actively maintained tools (commits within 12 months) and flag or remove abandoned projects.
- Community Trust Signals: We check GitHub stars, issue activity, and community health indicators as additional quality signals.
- Functional Testing: We personally test every tool to verify it performs its stated function correctly before listing.
- Security Disclosures: We check the tool's issue tracker and security advisories and do not list tools with open critical security issues.
Despite our vetting process, Lexical Space cannot guarantee the absolute security of every listed open-source tool. Open-source software is maintained by independent developers and can receive updates at any time. We strongly recommend reviewing a tool's own documentation and privacy characteristics before providing sensitive personal data to any third-party application.
How We Use the Information We Collect
We use the limited information we collect only for legitimate purposes directly related to operating and improving Lexical Space. We do not use your data for advertising targeting, profiling, or sale to third parties.
Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), our legal bases for processing personal data are:
| Processing Activity | Legal Basis |
|---|---|
| Analytics & site performance | Legitimate Interests (Art. 6(1)(f) GDPR) |
| Responding to contact / feedback | Contract / Pre-contractual steps (Art. 6(1)(b)) |
| Newsletter & marketing emails | Consent (Art. 6(1)(a)) — freely given, withdrawable anytime |
| Security and fraud prevention | Legitimate Interests (Art. 6(1)(f)) |
| Legal compliance obligations | Legal Obligation (Art. 6(1)(c)) |
| Functional cookies & preferences | Consent via "Initialize" mechanism |
Data Sharing & Disclosure
We do not sell, rent, or trade your personal information. Period. We may share limited data only in the following specific, bounded circumstances:
- Service Providers: A small number of third-party services (listed in Section 10) may process limited data on our behalf. These providers are contractually bound to use your data only for the services they provide us.
- Backend API Providers (Cloud Connect): When you use a Cloud Connect tool, your input is transmitted to the relevant API provider (e.g., Hugging Face) for processing. Lexical Space does not receive a copy after processing completes.
- Legal Requirements: We may disclose information if required by law, court order, or governmental authority, or if we believe disclosure is necessary to protect rights or safety.
- Business Transfers: In the unlikely event of acquisition or change of ownership, user data may transfer. We will notify you prominently in advance and ensure the new owner is bound by protections at least as strong as this policy.
- Aggregate & De-identified Data: We may publish aggregate, non-personally-identifiable statistics (e.g., "Lexical Space serves users in 120+ countries") for informational purposes.
- We never sell your personal data to advertisers or data brokers
- We never use your tool inputs to train AI models
- We never share your data for third-party advertising purposes
- We never build individual behavioral profiles for targeting
- We never monetize your browsing or usage patterns
Cookies, Local Storage & Tracking Technologies
We use cookies and related browser technologies to make our Site work properly and to understand how it is used. Below is a comprehensive breakdown of every tracking technology we use.
A. What Are Cookies?
Cookies are small text files that websites store in your browser. They allow websites to remember information about your visit — such as your preferred language, theme choice, or that you've agreed to cookie terms. Cookies themselves cannot execute programs or install viruses; they are simple data files.
B. Categories of Cookies We Use
| Category | Purpose | Examples | Can You Opt Out? |
|---|---|---|---|
| Strictly Necessary | Essential for the Site to function | Session cookies, CSRF tokens, consent record | No |
| Functional / Preference | Remember your settings and preferences | Theme (dark/light), language, tool layout | Partial |
| Analytics | Understand traffic patterns and popular content | Google Analytics (_ga, _gid, _gat) | Yes |
| Third-Party | Set by external services embedded on our pages | Google Fonts, FontAwesome CDN | Yes |
C. Our "System Protocols" Consent Mechanism
When you first visit Lexical Space, you will encounter our System Protocols initialization screen — our custom cookie consent mechanism. Clicking "Initialize" provides informed consent for functional and analytics cookies. Strictly necessary cookies activate regardless, as they are required for the Site to operate. You can reset your consent at any time by clearing browser cookies.
D. Local Storage & Session Storage
In addition to traditional cookies, we may use your browser's localStorage or sessionStorage APIs to store preferences and temporary tool state. This data is never transmitted to any server — it exists only within your browser. Session storage is automatically cleared when you close the tab; local storage persists until you clear it manually.
E. How to Control Cookies
- Google Chrome: Settings → Privacy & Security → Cookies and other site data
- Mozilla Firefox: Preferences → Privacy & Security → Cookies and Site Data
- Safari: Preferences → Privacy → Manage Website Data
- Microsoft Edge: Settings → Privacy, Search, and Services → Cookies
- Opera: Settings → Privacy & Security → Cookies
Note that disabling certain cookies may affect the functionality of our Site. Strictly necessary cookies cannot be disabled without impacting core functionality.
F. Do Not Track (DNT)
Some browsers include a "Do Not Track" setting that signals you do not wish to be tracked. Currently there is no universally accepted standard for responding to DNT signals. At this time, Lexical Space does not alter its data collection practices in response to DNT signals. We encourage you to use browser cookie controls or the Google Analytics Opt-out Browser Add-on to control tracking directly.
Third-Party Services & Integrations
Lexical Space integrates with a small number of carefully selected third-party services to provide analytics, fonts, icons, and backend AI capabilities.
| Service | Purpose | Data They May Receive | Privacy Policy |
|---|---|---|---|
| Google Analytics | Traffic & usage analytics | Anonymized IP, browser, pages visited, session duration | policies.google.com/privacy |
| Google / Blogger | Website hosting platform | Standard server logs (IP, request headers) | policies.google.com/privacy |
| Google Fonts | Typography assets | IP address (to serve font files) | developers.google.com/fonts/faq/privacy |
| FontAwesome CDN | Icon assets | IP address (to serve icon files) | fontawesome.com/privacy |
| Hugging Face APIs | AI backend (Cloud Connect tools only) | Tool input text — session only, not retained by us | huggingface.co/privacy |
| GitHub | Source repo links & download redirects | Standard referral traffic | docs.github.com/site-policy |
| jsDelivr / cdnjs | Open-source JS library CDN | IP address (to serve library files) | jsdelivr.com/privacy-policy-jsdelivr-net |
We are not responsible for the privacy practices of these third-party services and encourage you to review their individual privacy policies. We periodically review these integrations and will update this section if our usage changes.
Data Security
Protecting the limited data we do collect is important to us. We implement reasonable technical and organizational security measures appropriate to the nature and sensitivity of the data involved.
No method of data transmission or electronic storage is 100% secure. While we strive to use commercially reasonable means to protect your information, we cannot guarantee its absolute security. In the event of a data breach affecting your personal information, we will notify you promptly in accordance with applicable laws and take reasonable steps to mitigate impact.
Data Retention
We retain data only for as long as is necessary for the purposes described in this policy or as required by applicable law.
| Data Type | Retention Period | Rationale |
|---|---|---|
| Tool input data (Local tools) | Seconds to minutes (browser RAM only) | Never persisted; erased on tab close |
| Tool input data (Cloud Connect) | Session only — not stored by Lexical Space | Real-time processing, no storage |
| Analytics data | Up to 26 months (Google Analytics default) | Trend analysis & performance tracking |
| Server log files | Up to 30 days (Blogger/Google policy) | Security & abuse prevention |
| Contact form / feedback emails | Until matter resolved + 1 year | Support continuity |
| Newsletter email addresses | Until you unsubscribe + 30 days | Communication preference management |
| Cookie consent records | 13 months (EU guidance) or until user clears | Demonstrating consent compliance |
| Browser localStorage data | Until you clear browser data | Preference persistence (user-controlled) |
GDPR — Your Rights Under European Data Protection Law
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you are protected by the General Data Protection Regulation (GDPR) or equivalent national laws. Lexical Space respects and upholds these rights fully.
To exercise any of these rights, contact us at unknowingly.in777@gmail.com. We will respond within 30 days and may need to verify your identity before processing your request.
CCPA — California Consumer Privacy Rights
If you are a California resident, the California Consumer Privacy Act (CCPA) and its amendment, the California Privacy Rights Act (CPRA), grant you additional rights regarding your personal information.
Your California Rights
- Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected, the categories of sources, the purposes for collecting it, and the categories of third parties with whom we share it.
- Right to Delete: Request deletion of personal information we have collected from you, subject to certain exceptions.
- Right to Correct: Request correction of inaccurate personal information we maintain about you.
- Right to Opt-Out of Sale: We do not sell or share your personal information for cross-context behavioral advertising.
- Right to Limit Sensitive Data Use: We do not collect sensitive personal information as defined under the CPRA.
- Right to Non-Discrimination: You will not receive any difference in service quality or pricing for exercising your privacy rights.
Categories of Personal Information Collected (CCPA Disclosure)
| CCPA Category | Collected? | Examples |
|---|---|---|
| Identifiers | Limited | Anonymized IP, email (if you contact us) |
| Personal Records | No | Name, address, SSN — not collected |
| Protected Characteristics | No | Age, race, religion — not collected |
| Commercial Information | No | Purchase history — we don't sell anything |
| Biometric Information | No | Not collected |
| Internet Activity | Limited | Pages visited, time on site (via Google Analytics) |
| Geolocation | Country-level | Country/region only via IP anonymization |
| Professional Information | No | Not collected |
| Inferences / Profiles | No | We do not build user profiles |
To submit a CCPA rights request, email unknowingly.in777@gmail.com with the subject line "CCPA Privacy Request."
Children's Privacy
Protecting the privacy of children online is a responsibility we take very seriously. Lexical Space is a general-audience platform and is not directed at children under the age of 13 (or under 16 for users in the EEA, where GDPR sets a higher age threshold for digital consent).
- No Intentional Collection: We do not knowingly collect, solicit, or process any personal information from children under 13 (or 16 in the EEA).
- No Account Registration: Because Lexical Space does not require account creation, there is no age verification mechanism that children could circumvent.
- Parental Guidance: We encourage parents and guardians to monitor their children's internet use, discuss online privacy with them, and participate in their online activities.
- Reporting & Removal: If you believe a child under 13 has provided us with personal information, please contact us immediately at unknowingly.in777@gmail.com. We will investigate and delete such information promptly.
Local/client-side tools on Lexical Space process data entirely within the browser and are safe to use under supervision. However, Cloud Connect / AI tools that transmit input to external APIs should be used with adult oversight when children are involved. Always check a tool's Privacy Label before your child uses it.
International Data Transfers
Lexical Space is operated from India and serves a global audience. By using our Site, you acknowledge that your information may be processed in countries where data protection laws may differ from those in your country of residence — particularly the United States (where Google's servers are primarily located).
- Google Analytics & Blogger: Data processed by Google may be stored on servers in the United States or other countries where Google operates. Google complies with applicable data transfer frameworks including the EU-U.S. Data Privacy Framework.
- Hugging Face: API requests may be processed on servers located in the United States or EU. Please review Hugging Face's privacy policy for their transfer safeguards.
- Your Content (Local Tools): Because local tool processing occurs entirely within your browser, your content does not cross any international border — it never leaves your device.
- EEA Residents: For transfers of personal data outside the EEA, we rely on Google's Standard Contractual Clauses (SCCs) and adequacy decisions where applicable.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:
- Update the "Last Updated" date at the top of this page
- Increment the version number in the header badge
- For material changes, display a prominent notice on the Site's homepage for at least 30 days
- If you have subscribed to our newsletter, send an email notification summarizing key changes
Your continued use of the Site after any changes constitutes your acceptance of the updated terms. We encourage you to review this policy periodically.
Change Log
Contact Us
If you have any questions, concerns, complaints, or requests regarding this Privacy Policy or our data practices, please reach out. We aim to respond to all inquiries within 5 business days.
📧 Email: unknowingly.in777@gmail.com
🌐 Website: lexicalspace.blogspot.com
📍 Location: India
For GDPR requests, please include "GDPR Request" in the subject line.
For CCPA requests, please include "CCPA Privacy Request" in the subject line.
5 business days
