This Privacy Policy is unique because our primary goal is to know as little about you as possible. We are not in the business of data collection. We are in the business of providing a secure, private vault for your data. This policy outlines the minimal data we must process to provide the service and, more importantly, what we technically and philosophically cannot access.

**Account Information:** We collect an email address for account creation, login, and billing purposes. This is the primary identifier for your account.

**Payment Information:** If you subscribe to a paid plan, our third-party payment processor (e.g., Stripe) will collect and process your payment information. We do not store your full credit card number on our servers.

**Operational Metadata:** We collect non-personally identifiable, aggregate data necessary for the operation of our service. This includes things like total storage used, number of files, and bandwidth consumption. This data is essential for billing and service maintenance and contains no information about the content of your files.

**File Content:** Due to our zero-knowledge, end-to-end encryption model, we cannot see, scan, or analyze the content of your files. The files are encrypted on your device before they are uploaded. We only store the encrypted data blob.

**File Names and Folder Structures (in plaintext):** Your file names and folder structures are part of the encrypted data and are not visible to us.

**User Activity Patterns:** We do not track which files you access, when you access them, or how you organize your data. We do not build a profile of your activity.

**Encryption Keys:** Your encryption key is generated and stored exclusively on your client device(s). It is never transmitted to us. We cannot access or recover it.

To provide and maintain our service.

To process payments and manage your subscription.

To communicate with you about your account, such as billing reminders or critical service updates.

To respond to your support requests. Note that our support team cannot access your files.

We do not sell, rent, or trade your personal information with any third parties for marketing purposes.

We may share necessary information with trusted third-party service providers, such as payment processors and infrastructure hosts (e.g., AWS, Google Cloud). These providers are bound by their own strict security and confidentiality agreements.

**Legal Compliance:** We will not disclose any data to law enforcement unless required by a valid and binding legal order. In such a case, we can only provide the encrypted data blobs from your account. We cannot provide the file content as we do not have the ability to decrypt it.

**Right to Access:** You can access your account information at any time through the settings page.

**Right to Portability:** You can download all of your files at any time.

**Right to Deletion ('Right to be Forgotten'):** You can delete your account at any time. When you delete your account, we will permanently delete all associated data, including your encrypted files and account information, from our production systems.