HTML entities represent reserved characters in HTML. For example, < represents <, & represents &, and " represents ". They prevent the browser from interpreting these characters as HTML tags.
Whenever you display user-generated content in HTML to prevent XSS attacks, or when you need to include special characters like angle brackets, ampersands, or quotes in HTML attributes and text.
Yes. All encoding and decoding runs locally in your browser with pure JavaScript. No data is sent to any server.