torn.report is a static site, your data goes straight from Torn to your browser and is never sent anywhere else. The same goes for your API key, it is never sent to or saved on any server other than Torn's.

Using a separate API key for every service is highly recommended. This makes it easier for you to monitor usage to detect any unauthorized use.

Everything is done in your browser, including storage. Browser storage is only as secure as you make it. Only install scripts from people you can trust.

Saved data is tied to your user ID, you may delete your key after usage. However, you will need to enter a new key on your next visit. If you choose to do so, you can use the Logout link under Tools in the navbar and the Create API Key button on the Login page to simplify the process.

The Manage Data page is available for you to delete individual logs, if needed.