cryptfiles.cloud
Home Features Desktop Client Pricing FAQ Security

Language

DE EN ES PT
Sign In Sign Up
Object Storage in Sweden • GDPR-compliant • Zero-Knowledge

Security & Data Privacy

End-to-end encrypted. Data in the EU. We cannot see your files – by design.

XChaCha20-Poly1305
Encryption
Zero-Knowledge
No Server Access
EU & DSGVO
100% Compliant
TOTP 2FA
Account Protection
Protection Layers

Layered Security

End-to-End Encryption

All your files are encrypted with XChaCha20-Poly1305 before they ever reach our servers.

  • Encryption in the browser (client-side)
  • We cannot view your content
  • Your private key remains private
  • Modern AEAD encryption (XChaCha20-Poly1305)

Account Security

Multiple layers of protection for your account.

  • Two-Factor Authentication (TOTP)
  • Recovery codes for emergency access
  • Password policy: min. 12 chars, upper/lowercase, numbers, special characters
  • Manage and individually revoke active sessions

Secure File Sharing

You decide who has access to your files.

  • Token-based links (random, 32+ characters)
  • Password protection for links
  • Set expiry date
  • Download limits per link
  • Revoke links at any time

Data in the EU

GDPR-compliant, no critical data transfer to third countries.

  • Object Storage in Sweden (EU)
  • 100% GDPR-compliant
  • Payments via Stripe – no card data on our servers
  • No critical data transfer outside the EU
Technical Details

Technical Security Details

Encryption

Algorithms

  • XChaCha20-Poly1305 for data encryption (libsodium)
  • Key derivation in the browser
  • BLAKE2b for hash values (via libsodium)

Key Management

  • Keys are generated in the browser
  • Zero-Knowledge: server does not know your keys
  • Keys remain with the user

Transport Security

Connection

  • HTTPS/TLS for all connections
  • HSTS with Preload (Strict-Transport-Security)

Security Headers

  • X-Frame-Options (Clickjacking protection)
  • X-Content-Type-Options
  • Referrer-Policy
  • Permissions-Policy

Abuse Protection

Rate Limiting

  • Login attempts limited
  • Upload limits per session
  • API throttling
  • CSRF protection on all forms

Traffic Qualification

  • Bot detection for analytics
  • Suspicious referrer filtering

Content Moderation

DMCA / DSA

  • DMCA takedown system implemented
  • Counter-notice / dispute procedure
  • Repeat infringer policy (escalation levels)
  • DSA (Digital Services Act) compliant

Note

Since all files are end-to-end encrypted, we cannot view content server-side. We respond to DMCA reports according to applicable law.

Privacy

Transparency & Privacy

What We Store

We store only the minimum:

  • Account data: Email, username, password hash
  • Upload metadata: File size, upload date (not the content)
  • Logs: IP addresses and timestamps for security purposes (14-day retention)
  • Payments: Processed via Stripe – we do not store card data
  • Storage location: Object Storage in Sweden (EU)

What We Do Not Store

  • File contents: Stored encrypted only, unreadable to us
  • Encryption keys: Remain client-side with the user
  • Tracking profiles: No tracking cookies without consent; pseudonymized security and operational logs

Your Rights (GDPR)

  • Access: Find out what we store about you
  • Deletion: Completely delete account and all data
  • Data export: Download your data from the dashboard
  • Correction: Correct data at any time
  • Objection: Object to processing

Privacy requests: privacy@cryptfiles.cloud

Related Guides

Explore More Topics

💰 Passive Income from File Uploads – Upload Once, Earn Forever Learn more 🔐 Secure File Upload – XChaCha20 E2E, Zero-Knowledge Learn more 🔍 Cloud Storage Without Google – Private, EU, Zero-Knowledge Learn more 📦 Cloud Storage Up to 100 TB – Scalable & Encrypted Learn more 📂 Share Files Privately – only with the right people Learn more 🇪🇺 GDPR File Sharing – Fully Compliant & E2E Encrypted Learn more 📂 Free File Sharing – simple link-based sharing without friction Learn more 🔐 Share ZIP Files Online – encrypted & secure Learn more
Related Guides

Security Features In Depth

🕵️
Zero-Knowledge Storage Learn more
🔒
Encrypted File Sharing Learn more
🔐
Private Cloud Storage Learn more
🛡️
Secure Upload With Account Learn more
📜
EU GDPR Cloud Storage Learn more
🔄
Dropbox Alternative (Encrypted) Learn more

Report a Security Vulnerability

Have you found a security vulnerability? Please report it responsibly.

security@cryptfiles.cloud

Get started with cryptfiles.cloud

Share files securely and earn money – without sacrificing your privacy.

Register now

We use technically necessary cookies for the security and functionality of the platform. Further information can be found in our Privacy Policy.