← Back to home

Privacy Policy

Last updated: April 28, 2026

What we collect

  • Account: email, hashed password, account creation date
  • Usage: file count, total storage, last-access timestamps (per file)
  • Audit log: upload/download/delete events with timestamp + IP + user-agent
  • Federal contract metadata: contracting agency identifier, contract number, classification level (no personal billing data — federal deployments pay by Treasury invoice, not credit card)

What we do NOT collect

  • The plaintext content of your files. We never see it.
  • Your user_code passphrases or no_trail transcription strings — those exist only in your head / on your paper.

How protected files are stored

Every file is split into multiple pieces of uniform size and distributed across multiple storage regions, mixed with all other users' data. No metadata on disk reveals which pieces belong to which file or user. The mapping lives in our database, encrypted under your chosen recovery mode.

Recovery modes you can choose, per file

  • Standard recovery: We hold the encryption key under a managed server-side key. We can recover your file if you forget your account password.
  • Your passphrase only: You set a passphrase. We encrypt the per-file parameters under your passphrase. Without it, NO ONE — including us — can recover your file.
  • Offline recovery code: We store NO digital copy of the per-file parameters. You receive a one-time recovery code at upload. Lose it = file gone forever.

Data sharing

We do not sell or share user data. Subprocessors used in the federal deployment: AWS GovCloud (compute + database + storage; FedRAMP High + DoD IL5 authorized), Wasabi Government Cloud (auxiliary object storage; FedRAMP High + IL5 authorized), AWS Simple Email Service GovCloud (verification email + system notifications), AWS Simple Notification Service GovCloud (emergency SMS / dispatch notifications).

Retention

Audit logs: 90 days. File data: until you delete it or close your account.

Your rights

  • Access / portability (GDPR Art. 15, 20): download a JSON of everything we hold for you at Account → Data & Privacy.
  • Erasure (GDPR Art. 17): delete your account and all data at Account → Delete Account. Cascade is immediate (files, pieces on every storage backend, API keys). Audit log entries are anonymized but retained for 90 days for security/compliance.
  • Rectification (Art. 16): update profile fields on the Account page.
  • Other concerns: email privacy@aegiseternal.net. We respond within 30 days.

Contact

privacy@aegiseternal.net