Privacy Policy

Last update: 30th March 2026

This privacy policy applies to the SecureFileShare app (hereby referred to as "Application") for mobile devices, created by Nome Cognome (hereby referred to as "Service Provider") as a Free service. This service is intended for use "AS IS".

Zero-Knowledge & End-to-End Encryption (E2EE)

The Application is designed with a "Zero-Knowledge" architecture. All files are encrypted locally on your device (AES-GCM 256-bit) before being uploaded. The Service Provider does not hold decryption keys and cannot technically access, read, or disclose the content of your transferred files.

Information Collection and Use

The Application does not require registration and does not collect personally identifiable information (PII) such as names, email addresses, or phone numbers. However, certain technical data may be processed:

Technical Logs: Transient network data (IP addresses, device type) may be processed by our infrastructure solely for traffic routing and security purposes (DDoS mitigation). This data is not linked to any personal identity.
No Tracking: The Application does not use tracking SDKs, analytics, or third-party profiling cookies.

Android Permissions & Data Access

The Application is built to respect user privacy by minimizing data access through modern Android standards:

Storage Access (SAF): The Application uses the Storage Access Framework (SAF). It does not request broad permissions to read or write to your entire device storage. Instead, the user manually selects specific files through the system picker. The Application only gains temporary access to the files explicitly chosen by the user for encryption or decryption.
REQUEST_INSTALL_PACKAGES (Optional): This permission is NOT mandatory for the core functionality of the Application. It is requested only if the user explicitly chooses to install an Android package file (.apk) that has been received and decrypted. The core service (secure file exchange) remains fully functional without this permission. The Service Provider does not monitor or collect data regarding other applications installed on your device.

Data Retention & Deletion

The Service Provider follows a "Burn-After-Reading" policy:

Encrypted files are automatically deleted from the server immediately after a successful download.
Any undownloaded files are permanently destroyed after a maximum period of 60 minutes (Time-To-Live).

Third Party Access

The Service Provider does not sell or transfer your data to third parties. Disclosure may only occur if required by law; however, due to E2EE architecture, the Service Provider does not possess any readable content to provide to authorities.

Children's Privacy

The Service Provider does not knowingly collect information from children under 13. If you have any concerns, please contact us at test@email.com.

Security

We prioritize your confidentiality by providing physical and electronic safeguards, combined with client-side encryption, to protect all processed data.

Changes

This Privacy Policy may be updated. Continued use of the Application is deemed approval of all changes.

Contact Us

If you have any questions, please contact the Service Provider via email at test@email.com.