Live privacy audit

Don't trust this page.
Audit it.

Every privacy policy is a promise. This one is an instrument. Below, your own browser shows you, in real time, every request this page makes, proving that nothing you do on Floati reaches a tracker, an ad network, or an AI vendor. Read the words, then watch them be true.

Live · outbound network monitor

0First-party
requests

0Trackers
reached

0Your content
transmitted

requests, newest first

Your browser is the witness. With JavaScript on, every request this page makes appears here, classified as first-party (stays on floati.life) or a third-party tracker. Spoiler: the tracker column stays at zero.

Analytics ping · full payload captured

That is the entire payload: the page path, the referring site, your window width, and your language. No name, no IP (the server hashes that one-way), and never a byte of your resume, code, or notes.

What we ever send

{
  "p": "/privacy/",   // page path
  "r": "",           // referring site
  "w": 1280,         // window width
  "l": "en"          // language
}

The single first-party analytics ping. No IP (hashed one-way on the server), no name, and never your content.

Don't take the panel's word for it either. Open your browser's DevTools → Network tab and compare, every domain you see is floati.life.

Your move

The monitor is passive. Try to make it lie.

Two live controls below. Go ahead and try to make Floati leak. You won't be able to, and you don't have to take our word for that either, you can watch.

01 · Type a secret

On your device 0 bytes Transmitted to us 0 bytes

Measured live: your browser has made 0 outbound requests so far, and your text appeared in 0 of them. The transmitted figure is a real tally, not a promise.

02 · Try to leak it out

Edit the URL to any tracker you like, then make this page try to POST your secret from box 01 to it. Watch it bounce.

This fires a real POST of your secret at the domain above, over fetch and XHR. Both are refused by this site's Content-Security-Policy before a byte leaves; the report shown is your browser's own verdict, not ours.

We neverSell or share your data

We neverUse third-party trackers or ad pixels

We neverSend your content to an AI vendor

We neverMake you create an account

The other side of the glass

Every website you visit can read the signals below the moment you arrive. Most quietly bank them to fingerprint you. We read them too, to lay out the page, then we look away. Computed live in your browser, never sent anywhere (the monitor above is your proof).

Timezoneyour local timezone discarded

Languageyour language discarded

Screenyour screen size discarded

Platformyour platform discarded

CPU threadsyour core count discarded

Themelight / dark discarded

The ledger, per product

Three live products, one principle. Here is the full accounting of what stays on your device versus the short, anonymous list that ever touches our server.

Floati Desktop App

Native app for Windows (Microsoft Store) and macOS (Mac App Store)

Floati does not collect, store, transmit, or share any personal data. It makes zero network requests in normal use.

Stays on your device everything

Expenses, budgets, subscriptions, debts, savings, net worth
Habits, birthdays, notes, reminders, receipts
All of it in one local file: ~/.floati/floati.db
Optional AES-256 encrypted backups with a passphrase only you hold
Export anytime as JSON, PDF, Excel or CSV; delete the file to wipe everything

Leaves your device to anyone

Nothing.

No accounts, no logins, no sync, no telemetry, no crash reports
No location, no device identifiers, no cookies
Both store listings declare "Data Not Collected" in every category

Don't take our word for it: watch the app with Little Snitch, LuLu, or Wireshark and you'll see no outbound connections.

CV Builder

The free resume tool at floati.life/cv

No account. The AI runs on your own device, and your resume content is never sent to OpenAI, Anthropic, Google, our server, or anyone.

Stays in your browser your work

Your full resume content (experience, education, skills)
The on-device AI improver (WebGPU / WebLLM) and the deterministic ATS scorer
PDF export, generated locally via print-to-PDF, nothing uploaded
An optional, compressed profile photo if you add one

Reaches our server minimal

An auto-saved copy of your draft, keyed to a random cookie token (no name, no email)
If, and only if, you post a review: your display name, rating and comment (public), plus a one-way hashed id, never your raw IP

Delete everything anytime with "Remove all saved data" in the builder, or clear your cookies. Questions: nevintom2018@gmail.com.

Learn: Python + AI course

The free in-browser course at floati.life/learn

No account. Your lesson code runs in a sandbox in your browser, the AI tutor runs on your device, and your progress is saved on your machine.

Stays in your browser your work

Lesson code runs in a Pyodide WebAssembly sandbox, network-blocked, never executed or stored on our server
The optional AI tutor and "review my code" helper run on-device (WebGPU / WebLLM)
Your progress, streak and XP live in local storage; export them to a JSON file you control

Reaches our server opt-in only

A certificate, only if you mint one: the name you type, the course, your score and the date, made publicly verifiable, plus a one-way hashed id
A public review, only if you post one: display name, rating and comment, with the same hashed id

No account, no email, no analytics on the code you write or the answers you give, and no third-party AI calls. Ever.

Across the whole site

A few things that are true for floati.life as a website, whichever product you use.

Privacy-preserving analytics

That single first-party ping you saw in the monitor above is the whole story: the page path, referrer, window width, language, plus, computed on the server, a one-way hashed visitor id (sha256 of your IP and browser, truncated, so the raw IP is never stored), a coarse country and a device type. There is no third-party analytics service, no cross-site tracking, and no advertising network anywhere on the site.

Cookies

The CV Builder uses one first-party cookie to link your saved draft across visits, plus a standard session cookie for security. No advertising or cross-site cookies, ever. The desktop app uses none (it is not a website).

Children's privacy

The desktop app collects no data from anyone. The website does not knowingly collect personal data from children under 13. If you believe a child has submitted data, email us and we will remove it.

Changes to this policy

If anything changes, the updated policy is published at this URL with a new "last updated" date. No silent edits.

Contact

Questions, corrections, or deletion requests: nevintom2018@gmail.com · Built and operated by Nevin Tom in South Africa · Last updated June 2026.

Looking for the Bday Wishes iOS app? It is a separate product with its own policy. Bday Wishes privacy

Free · Private · No account · Verifiable · floati.life