Skip to content
Patens
ES
Back to the foundry

Privacy.

Patens runs entirely in your browser. Every project you draw lives in your browser's IndexedDB, on your machine. There is no Patens-hosted account system. There is no analytics SDK. There are no tracking cookies. The server you're reading this page from never sees the contents of your fonts.

What stays on your machine

  • Every project's glyphs, kerning, metadata, brief, decisions log, samples — stored in the IndexedDB database named font-studio.
  • Family records + family-level kerning — stored in the IndexedDB database named font-studio-families.
  • Your settings (theme preference, welcome dismissal, editor toggles, optional Anthropic API key) — stored in localStorage under the font-studio:settings:v1 key.
  • Per-share delete tokens — if you upload a share, the originator's token is kept locally so only you can re-share or delete it later.

What leaves your machine — only when you choose

  • Cloud share — when you click "Copy share link", the project's JSON is uploaded to Vercel Blob storage so the recipient can fetch it. The share URL is unguessable (UUID). Anyone with the URL can read; only you can delete (via the locally-stored token).
  • Exports — OTF, WOFF2, TTF, UFO, .font.json, designer bundle. These are downloads to your machine; they don't go to a Patens server. You decide where to send them next.
  • AI features (opt-in) — "Explain (AI)" on the audit page + AI kerning-suggest send the audit code + relevant project metadata to Anthropic's API using your own API key. The key is stored in your browser; Patens's server doesn't see it (the /api/ai/messages proxy forwards verbatim and discards). If you don't add a key in Settings, no AI feature is ever called.
  • OAuth sign-in — Patens is currently account-free. The deployed instance at patens.design never offers sign-in. Self-hosted deployments that opt in to GitHub OAuth follow the same minimum-data principle.

Server logs

The deployment is hosted on Vercel. Vercel's edge network keeps standard request logs (IP, user agent, path, response code) for the duration of their default retention window. Patens itself does not collect or process additional logs.

GDPR + CCPA

Patens does not collect personal information. We have no user database to export, correct, or delete. To delete your local projects, clear your browser's site data for patens.design (Settings → Privacy → Site data). To delete an uploaded share, use the "Unshare project" button in the editor header (visible when the project has been shared) or contact hi@patens.design with the share URL.

Self-hosters

Patens is MIT-licensed. If you run your own instance, this policy describes the design intent of the code, but operational responsibility is yours — you choose your hosting, your logging policy, and which integrations to enable. See docs/setup.md for the per-platform instructions.

Last updated: 2026-05-25. Send questions to hi@patens.design.