The short version: We are a zero-knowledge service. We cannot read your encrypted data. We collect the minimum information technically required to operate the service — including IP addresses for rate limiting and abuse prevention — and we never sell or share your data with third parties for advertising.
SSDP (Simple Secure Dump Place) is a privacy-first file sharing and storage service. References to “SSDP,” “we,” “us,” or “our” refer to the operators of this service. This policy explains what information we collect, how we use it, and what rights you have over it.
What we cannot access: For all end-to-end encrypted services (File Storage, Vault, Notes, encrypted file sharing), your data is encrypted on your device before upload. We store only ciphertext. We do not have access to your encryption keys, your passwords, or your plaintext data. This is not a policy choice we can reverse — it is a technical reality.
Account information: If you create an account, we store your public key and a unique account identifier. We do not store your email address, your name, or any other personally identifying information unless you explicitly provide it.
IP addresses: Like all web services, our servers receive and log your IP address with every request. We retain IP addresses for up to 30 days, strictly for rate limiting, abuse prevention, and security incident response. We do not use IP addresses to build user profiles, track behaviour across sessions, or sell to third parties. After 30 days, IP logs are automatically deleted.
Signaling and connection data (File Sharing): Our peer-to-peer file sharing product works by establishing a direct connection between two browsers. To facilitate this, our servers temporarily hold a small amount of connection signaling data (a session identifier and peer connection metadata — not your file content). This data exists only for the duration of the session and is permanently deleted the moment the sharing tab is closed or the session expires. We never receive, store, or have access to the actual files being transferred.
Technical information: We collect aggregate usage statistics (total storage used, transfer volumes — never tied to individual files or accounts) and error logs (anonymised, retained for 14 days).
Anonymous file drops: When you use our anonymous drop service without an account, no identifying information is associated with your upload beyond a temporary session identifier. Session data is deleted when the link expires or the session closes.
The following tools operate entirely within your browser. They make zero network requests related to your input data. Nothing you type or generate in these tools is ever transmitted to our servers, logged, or accessible to us in any form:
crypto.getRandomValues() API. Neither the generated password nor your configuration preferences are sent anywhere.SubtleCrypto). Your secret, your codes, and your configuration (digit length, time period) are never sent to our servers. This tool operates identically to RFC 6238-compliant authenticator apps like Google Authenticator and Authy — the algorithm is the same, the privacy model is the same. We have no visibility into what secrets you enter or what codes are generated.For all browser-only tools, the only network data we receive is the standard HTTP request to load the page itself (which includes your IP address, subject to the IP retention policy in Section 2). After page load, these tools generate no further server communication.
We use session cookies strictly necessary for service operation (authentication state, CSRF protection). We do not use advertising cookies, analytics pixels, or third-party tracking scripts. We do not use Google Analytics or any similar service. Our analytics are self-hosted, aggregate, and contain no personal identifiers.
We do not use your information for advertising. We do not profile you. We do not build or sell audience data.
We do not sell your data. We do not share it with third parties for commercial purposes. We may disclose limited technical information (not your encrypted content, which we cannot read) in the following circumstances:
Importantly: for encrypted data, even a legal compulsion cannot produce your plaintext. We can only disclose ciphertext and metadata we actually hold. We will publish transparency reports annually disclosing the number and nature of legal requests received.
For browser-only tools (Password Generator, Hash Generator, TOTP Generator), there is no user-generated content on our servers to disclose. A legal order directed at TOTP secrets or generated codes would yield nothing — we do not have them.
Encrypted files and notes: retained until you delete them, or until account closure. Anonymous drops: deleted when the session expires or the link is closed. P2P signaling data: deleted immediately when the session ends or the tab is closed. IP address logs: 30 days. Error logs: 14 days. After account closure: all associated encrypted data is securely deleted within 30 days.
Browser-only tool data (TOTP secrets, passwords, hash inputs): not retained — we never receive this data.
Your data is encrypted client-side with AES-256-GCM before transmission. All traffic uses TLS 1.3 with Perfect Forward Secrecy. Our infrastructure undergoes regular independent security audits. We practice responsible disclosure and have a public vulnerability disclosure program. We maintain a bug bounty program — see our Security page for details.
Depending on your jurisdiction, you may have rights including: access to your data, correction of inaccurate data, deletion of your data, restriction of processing, and data portability. To exercise these rights, contact us via the methods below. Note: because your content is encrypted and we cannot read it, “access to your data” means access to the metadata we hold (such as IP logs within the retention window), not your encrypted content (which you already have full access to via your key).
SSDP services are not directed at children under 16. We do not knowingly collect data from children under 16. If you believe a child has provided us with personal information, contact us and we will delete it promptly.
We will notify registered users of material changes to this policy via a notice on the service before changes take effect. The date at the top of this document shows when it was last updated. Continued use after changes constitutes acceptance of the updated policy.
For privacy-related questions or to exercise your rights: privacy@ssdp.io. We aim to respond within 72 hours. For legal requests, please see our Law Enforcement Guidelines.
This privacy policy was written to be read, not just clicked through. If something is unclear, please ask. We'll explain it in plain language.