Privacy Policy

1. Information We Collect

What We Can See

• Encrypted data: We store your encrypted secrets, but cannot decrypt them
• Metadata: File names, file sizes, expiration times, and view counters
• Technical data: Initialization vectors (IVs), salt values for key derivation, and encryption parameters
• Usage data: IP addresses, timestamps, and basic analytics for service operation

What We Cannot See

• Your secrets: The actual content of your notes, passwords, or files
• Encryption keys: Keys are generated in your browser and never transmitted to our servers
• Passphrases: When using passphrase mode, we never receive or store your passphrase

2. How We Use Information

We use the information we collect to:

• Provide the secret sharing service
• Enforce expiration and burn-after-read functionality
• Prevent abuse and maintain service security
• Monitor service performance and reliability
• Comply with legal obligations

3. Data Storage and Security

Encryption

• All secrets are encrypted using AES-GCM 256-bit encryption in your browser
• Keys are derived using PBKDF2 with 210,000 iterations for passphrase mode
• We use the Web Crypto API for all cryptographic operations

Data Retention

• Secrets are automatically deleted when they expire or reach their view limit
• We run automated cleanup processes to remove expired data
• No backups are kept of encrypted secret data
• Server logs are retained for up to 30 days for security and debugging purposes

4. Data Sharing

We do not sell, trade, or rent your information to third parties. We may share information only in these limited circumstances:

• Legal requirements: When required by law, court order, or government request
• Service providers: With trusted service providers who help us operate the service (e.g., hosting, analytics)
• Safety and security: To protect the rights, property, or safety of SafeMonk, our users, or others

Note: Even if we wanted to share your secrets, we cannot decrypt them as we don't have access to your encryption keys.

5. Cookies and Tracking

• We use minimal analytics to understand service usage
• We do not use advertising cookies or tracking pixels
• We do not create user profiles or track users across websites
• Local storage is used only for temporary encryption operations

6. Your Rights

Since SafeMonk operates anonymously without user accounts, traditional data subject rights are limited. However:

• Data minimization: We collect only the minimum data necessary to provide the service
• Automatic deletion: Your data is automatically deleted based on your chosen expiration settings
• No tracking: We don't build profiles or track individual users
• Transparency: This privacy policy explains exactly what we can and cannot see

7. International Data Transfers

SafeMonk may process data in various countries where our service providers operate. All data transfers are protected by appropriate safeguards, and your encrypted secrets remain protected by client-side encryption regardless of where they are processed.

8. Children's Privacy

SafeMonk is not intended for use by children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.

9. Changes to This Policy

We may update this privacy policy from time to time. We will notify users of any material changes by updating the "Last updated" date at the top of this policy. Your continued use of SafeMonk after any changes constitutes acceptance of the updated policy.

10. Contact Us

If you have any questions about this privacy policy or our privacy practices, please contact us at: