Privacy, in plain language.
The honest summary: Scripto is designed so that we could not read your documents even if we wanted to. There is no server component, no account system, and no transmission of your writing.
Your documents
Everything you write is processed inside your browser tab — parsing, preview, PDF generation — and stored in your browser’s local storage on your device. Nothing is uploaded, synced or backed up by us. Deleting your browser data deletes your documents; export .md files for your own backups.
The optional passphrase lock encrypts your entire local library (AES, key derived from your passphrase). We cannot recover a forgotten passphrase — that is the point.
The optional AI assistant
The AI features are off until you paste your own API key. When you invoke them, the selected text is sent directly from your browser to the provider you configured (e.g. Anthropic or OpenAI) under their privacy terms — never through any Scripto server. Your key is stored locally alongside your other settings.
This website’s analytics
We count page views with Vercel Web Analytics — served first-party by our host, cookieless, with no personal identifiers, fingerprinting or cross-site tracking. It cannot see your documents: analytics record that the editor page was opened, never what you write in it.
Third-party resources
Fonts load from Google Fonts’ CDN (subject to Google’s privacy policy); after the first visit the PWA caches them locally. There are no ad networks, no tracking pixels, and no social embeds anywhere on the site.
Open source, auditable
The entire application is open source under the MIT license. Every claim on this page can be verified by reading the code — the strongest privacy guarantee software can offer.
Keep exploring
See it for yourself.
The editor is one click away — free, no signup, works offline.