When you use an online tool to format some JSON, generate a password, or convert an image, it is easy to assume they all work the same way. In reality, there is a fundamental divide between tools that process your data on their own servers and tools that do everything inside your browser. That difference has major implications for your privacy, and understanding it helps you choose tools you can actually trust with sensitive information.
Server-side tools send your data away
A server-side tool takes whatever you enter, uploads it to a remote computer, processes it there, and sends the result back. This is invisible to you, but it means your data has left your device and now sits, however briefly, on someone else's infrastructure. For casual, public data that may be fine, but for anything sensitive such as passwords, API keys, personal documents, or unpublished work, it is a genuine risk. You have no way to verify what the server does with your data, whether it logs it, or how long it keeps it.
Client-side tools keep data on your machine
A client-side tool, by contrast, runs entirely in your browser using JavaScript. When you paste text or generate a value, the work happens on your own computer and nothing is transmitted anywhere. The result appears instantly because there is no round trip to a server. This model is dramatically more private, because your data physically never leaves your device.