Passwords are never stored and never sent to a server. Everything is generated locally with crypto.getRandomValues(). There is no backend, no analytics and no external requests — they are blocked by the page's own CSP. Save the file and it works offline.
These are typical rule sets, not the official policies of any particular company — site requirements change. If a password is rejected, switch to the Random tab and adjust it by hand.
This session
Kept in the tab's memory only and gone when you close it — nothing is written to disk.