Frequently Asked Questions

Is Z Tools completely free to use?

Yes, all tools on Z Tools are 100% free to use. We do not charge for any features, and there are no premium tiers or paid subscriptions. The service is supported by non-intrusive advertising.

We believe essential utilities should be accessible to everyone. Whether you're a developer debugging code, a student completing homework, or a small business owner preparing marketing materials, you can use all features without creating an account or paying anything.

Do I need to create an account?

No. Z Tools does not require registration, login, or any form of account creation. All tools are accessible immediately without providing personal information. This is a core part of our commitment to frictionless utility.

Simply visit the website, select your tool, and start using it. There's no email verification, no password to remember, and no personal data collection.

Do my files or data get uploaded to your servers?

For most tools (QR Code, Password Generator, JSON Formatter, Base64, Markdown Converter), all processing happens entirely in your browser using JavaScript. No data is sent to our servers.

Image Compression is the only tool that requires server-side processing, because the compression algorithms run on our server using PHP's GD library. When you upload an image:

• The file is uploaded to our secure server
• It's stored with a random, unguessable filename
• Processing completes within seconds
• Files are automatically deleted after 5 minutes
• No backup copies are retained

Is there a file size limit?

For image compression, the maximum upload size is 10MB per file, and maximum dimensions are 4000x4000 pixels. These limits ensure reliable processing even on shared hosting environments with limited memory.

For other tools that work with text (JSON Formatter, Base64, Markdown), there is no hard limit, though extremely large inputs (above 5MB of text) may cause performance issues in the browser depending on your device's RAM.

Can I use Z Tools on mobile devices?

Yes, all tools are fully responsive and optimized for mobile use. The interface adapts to smaller screens with touch-friendly controls, a collapsible navigation menu, and appropriately sized input areas.

Performance is comparable to desktop on modern smartphones. For image compression, we recommend using a stable WiFi connection for faster uploads.

How do I report a bug or request a feature?

You can reach us through the contact email listed at the bottom of every page: [email protected]

When reporting bugs, please include: your browser name and version, the operating system you were using, the specific tool you were using, and a clear description of what happened (including any error messages). For feature requests, describe the use case — it helps us prioritize development effectively.

Is the password generator secure?

Yes. Passwords are generated using the browser's built-in crypto.getRandomValues() API, which provides cryptographically secure randomness sourced from your operating system's CSPRNG (Cryptographically Secure Pseudorandom Number Generator).

Important: We do not use Math.random() for password generation — that function is predictable and unsuitable for security applications.

Passwords are never transmitted to our servers, logged, or stored anywhere. Each generated password exists only in your browser's memory until you close the page, copy it, or generate a new one.

Are uploaded images kept private?

Uploaded images are stored with cryptographically random filenames (16 characters from a-z0-9) in a non-public temporary directory. They are automatically deleted after 5 minutes, regardless of whether you downloaded the result.

Access control: Files are served through a secure download proxy (download.php) that validates the filename exists in the temp directory. Directory listing is disabled, so files cannot be discovered or enumerated. Search engines cannot index temp files.

No third parties have access to uploaded files. We do not share, sell, or analyze uploaded images for any purpose.

What security headers does Z Tools use?

We implement multiple security headers to protect against common web vulnerabilities:

• X-Frame-Options: DENY — Prevents clickjacking by blocking the site from being embedded in iframes
• X-Content-Type-Options: nosniff — Prevents MIME type sniffing attacks
• Referrer-Policy: strict-origin-when-cross-origin — Controls referrer information sent to other sites
• Strict-Transport-Security (HSTS) — Forces HTTPS connections (requires HTTPS)
• Permissions-Policy — Disables browser features we don't use (geolocation, microphone, camera)

We also use CSRF tokens for server-side form submissions and rate limiting to prevent abuse.

Do you track users or use analytics?

We use Google Analytics for basic traffic statistics (page views, browser types, approximate geographic regions) to understand which tools are most popular. This helps us prioritize development.

What we don't do: We don't use fingerprinting scripts, behavior tracking, cross-site tracking cookies, or any form of invasive analytics. We don't sell user data to data brokers or ad networks.

We use session cookies only for CSRF token maintenance when uploading files — these are essential cookies, not tracking cookies.

What image formats are supported for compression?

We support four formats: JPEG, PNG, WebP, and GIF. The output format matches the input format (JPEG in, JPEG out).

Smart compression: If compression does not reduce the file size (common with already-optimized images or PNG graphics with large flat color areas), we automatically serve the original file instead. This prevents quality degradation when the algorithm can't improve the file.

We also automatically correct EXIF orientation metadata from mobile photos, ensuring images display upright regardless of how the device was held during capture.

What types of QR codes can I generate?

Our QR Code Generator supports five standard types:

• URL/Website: Automatically prefixes http:// if omitted. Great for business cards and promotional materials.
• Plain Text: Any arbitrary text content — notes, messages, encoded data.
• WiFi Network: Encodes SSID, password, and encryption type (WPA/WPA2, WEP, or none). Works with iOS and Android.
• Email: Pre-filled subject line and body text for support requests or feedback forms.
• Phone Number: Creates a tap-to-call link for mobile devices.

You can also scan and decode existing QR codes from uploaded images using our integrated scanner.

Does the JSON formatter work with large files?

Yes, within browser memory limits. The JSON formatter uses the browser's native JSON.parse() and JSON.stringify() APIs, which are highly optimized for large datasets.

Practical limits: Most modern browsers can handle JSON files between 50MB and 500MB depending on available RAM. Very large files may cause slowdowns or crashes on devices with limited memory.

For files exceeding browser capabilities, consider using command-line tools like jq or splitting the JSON into smaller chunks.

Why does my Base64 output look different from another tool's output?

Base64 encoding of text depends on the character encoding used. Our tool uses UTF-8 encoding consistently, which properly handles all Unicode characters including emoji, CJK characters, Arabic, and more.

Historical note: Before the TextEncoder API became available, developers used btoa(unescape(encodeURIComponent(str))) as a workaround for Unicode in Base64. This older method produces different output for non-ASCII characters.

If another tool uses ASCII or Latin-1 encoding instead of UTF-8, the Base64 output for non-ASCII characters will differ. Both encodings are valid — they just represent the same logical text in different byte sequences.

Which browsers are supported?

Z Tools works on all modern browsers including Chrome (v80+), Firefox (v75+), Safari (v13+), Edge (v80+), and Opera (v67+). We recommend using the latest stable version of your browser for the best experience and security updates.

Not supported: Internet Explorer. If you need to use our tools on an old browser, we recommend updating to a modern alternative like Firefox or Chrome.

How does the Markdown converter handle exports?

PDF Export: Uses html2pdf.js to render the preview as a PDF document. The output respects page breaks and maintains formatting across all devices.

PNG Export: Uses html2canvas to capture the preview as a high-resolution (2x scale) PNG image. The background is white and the output is suitable for sharing on social media or embedding in presentations.

Word Export: Generates a DOC file with inline styles matching the preview appearance. Compatible with Microsoft Word, Google Docs, and other word processors.