Privacy
Your data stays yours.
Tinspec is built local-first, so privacy isn't a setting — it's the default. This is a plain-language summary of how the app and this site handle your data.
Last updated June 24, 2026
The short version
Tinspec is a local-first desktop app. There is no account, no sign-in, and no telemetry. Your specs, requests, responses, and collections stay on your machine. We don’t collect, store, or transmit your data — there is no Tinspec server in the loop.
What stays on your device
Collections, requests, and chains are saved as plain files in the folder you choose. A local SQLite database holds only run history and a rebuildable cache. Secrets and tokens are stored in your operating system’s keychain — never in the files and never in plain text.
Connections the app makes
Tinspec only talks to the network when it has a reason you control: the requests you send go directly to the targets you specify; OpenAPI spec sources resolve from the URLs you add; and on launch the app checks tinspec.dev for a new version. Each of these goes to the endpoint involved — not to us.
AI features
AI assistance is opt-in and bring-your-own-key. When you enable it, the data you send (such as a spec or response) goes to the provider you configure, under that provider’s terms. A local path is planned so nothing has to leave your machine.
This website
tinspec.dev is a static site with no analytics, no advertising, and no tracking cookies. Your theme preference is stored in your browser’s local storage and never leaves it. Email links open your own mail client — we only receive what you choose to send.
Future cloud tier
An optional paid cloud tier (sync, sharing, teams) is planned. It will be strictly opt-in, and the desktop app will remain fully usable offline with no account. This page will be updated before any such feature ships, describing exactly what it stores.
Questions about privacy?
We’re happy to clarify anything here. Email us and we’ll get back to you.
Email support@tinspec.dev