Privacy Policy

Last updated: April 17, 2026

Encrypt My File is committed to protecting your privacy. This policy explains how we handle your data when you use our file encryption service.

1. Zero Data Retention

We operate on a strict zero-retention policy:

• Uploaded files are processed entirely in server memory and temporary storage.
• Processed files (encrypted or decrypted) are deleted from the server immediately after you download them.
• If a processed file is not downloaded within 5 minutes, it is automatically deleted by our cleanup system.
• We do not store, archive, back up, or retain any copy of your files at any time.

2. Password Handling

• Your encryption password is used solely for key derivation during the encryption or decryption process.
• Your password is never stored, logged, or transmitted to any third party.
• The password exists in server memory only for the duration of the processing request and is discarded immediately after.
• We use industry-standard PBKDF2-SHA256 for key derivation with configurable iteration counts.

3. Advertising

This site displays advertisements served by third-party ad networks. These services may use cookies, web beacons, and similar technologies to serve ads based on your prior visits to this or other websites.

• Ad networks may collect information such as your IP address, browser type, pages visited, and interaction with ads.
• We do not share your uploaded files, passwords, or encryption settings with any ad network.
• Ad-related data collection is separate from and has no access to your file encryption activities.
• You may opt out of personalized advertising by choosing "Essential Only" in the cookie consent banner, or by visiting your ad network's opt-out page (e.g., Google Ads Settings for AdSense).

4. Cookies

This site uses the following types of cookies:

• Essential cookies: A PHP session cookie is used for CSRF protection and download token verification. It contains no personal data and cannot be disabled.
• Advertising cookies: Third-party ad networks may set cookies to serve relevant advertisements. These are only loaded if you accept them via the cookie consent banner.
• Consent cookie: A cookie_consent value is stored in your browser's local storage to remember your cookie preference.

You can manage or delete cookies at any time through your browser settings.

5. No Logging of File Content

• We do not log file names, file contents, file types, or file sizes.
• Standard web server access logs may record your IP address and request timestamps as part of normal server operation, but these logs contain no information about your uploaded files.
• We do not inspect, analyze, or scan the content of your files.

6. Encryption Technology

We are transparent about the encryption methods used:

• AES-256-GCM: Authenticated encryption providing both confidentiality and integrity verification.
• AES-256-CBC: Industry-standard symmetric encryption with HMAC-SHA256 authentication (encrypt-then-MAC).
• AES-128-GCM / AES-128-CBC: Faster variants suitable for most security needs.
• Camellia-256-CBC: An alternative cipher standardized by ISO/IEC, with HMAC-SHA256 authentication.

All encryption uses cryptographically secure random number generation for salts and initialization vectors.

7. Data Processing Location

• All file processing occurs on this server only.
• No file data is transmitted to external services, APIs, or third-party servers.
• Encryption and decryption are performed using the server's OpenSSL library.

8. Security Measures

• Temporary file storage is protected from direct web access.
• CSRF tokens protect all form submissions.
• Session-based download tokens prevent unauthorized file access.
• File integrity is verified using HMAC or GCM authentication tags.
• Security headers are set to prevent clickjacking, content sniffing, and XSS attacks.

9. Your Responsibility

• You are responsible for remembering your encryption password. We cannot recover your files if you forget it.
• You are responsible for the security of your downloaded encrypted files.
• We recommend using a strong, unique password for each file you encrypt.

10. Third-Party Sharing

We do not share, sell, rent, or disclose your uploaded files, passwords, or encryption settings to any third party. Third-party ad networks may independently collect non-file-related browsing data as described in Section 3. We have no access to or control over cookies set by advertisers.

11. Open Source

The encryption algorithms and file format used by Encrypt My File are based on well-established, peer-reviewed cryptographic standards. We encourage security researchers to review our implementation.

12. Changes to This Policy

If we make changes to this privacy policy, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

13. Contact

If you have questions about this privacy policy or our data practices, please contact the server administrator.