Trust & Privacy

Figlytics is designed so you never have to trust us with your data.

Zero Data Storage

What we store on our servers:

Nothing. No database, no file storage, no logs of your Figma data.

What lives in your browser:

  • Your Figma Personal Access Token (localStorage)
  • Your workspace config: team IDs, library file keys
  • Your display preferences (language, theme)

What we never store:

  • Your Figma designs, components, or variables
  • Your team members or organization data
  • Your file contents or thumbnails
  • Analytics results or scores

Token Security

Your Figma token is sent to our server on each API request as a base64-encoded header, encrypted in transit via TLS. The server uses it to call the Figma API on your behalf, then discards it. It is never written to disk, logged, or persisted in any form.

The server is stateless — if it restarts, it has zero knowledge of any user's token or configuration.

Verifiable

Open your browser's Network tab and inspect every request. You'll see:

  • An X-Figma-Config header on each API call (your config, base64)
  • Responses contain only Figma API data — no tracking pixels, no analytics beacons
  • No third-party scripts, no external CDN calls beyond Figma's own

Self-Hostable

Figlytics is fully open-source. If you prefer complete control, run it on your own infrastructure:

  1. Clone the repository
  2. Set FIGLYTICS_MODE=local
  3. Run with Docker or npm run dev
  4. Your data stays entirely on your machine
← Back to Figlytics