Privacy Policy
How we protect your data and your anonymity.
1. Zero-Knowledge Sharing
hiddenfile is designed to be a zero-knowledge platform. For guest users, we do not require names, email addresses, or any personal identification. Your uploads are tied only to a unique, cryptographically secure token.
2. Encryption at Rest
Every file uploaded to our servers is encrypted using AES-256 encryption before it is written to disk. The decryption keys are managed securely, and for PIN-protected shares, an additional layer of security ensures that even we cannot view the content without the correct PIN.
3. Automatic Purging
Data longevity is a security risk. To minimize this, hiddenfile enforces strict expiration policies:
- Guest Shares: Automatically deleted after 12 hours or 1 access.
- Registered Shares: Automatically deleted after 24 hours (default) or user-defined limits.
- Manual Purge: Once a file is deleted, it is wiped from our storage and cannot be recovered.
4. Minimal Logging
We do not track your IP address, browser fingerprint, or geographic location. We only log technical metadata necessary for the platform's operation, such as file size and expiration timestamps.
5. Registered Users
For registered users, we only store the username and a secure hash of your password. We do not sell or share this data with any third parties. Your share history is private and visible only to you while you are logged in.
Last Updated: May 16, 2026 • hiddenfile Security Team