Privacy Policy

1. Information We Collect

UploadFish collects minimal data to operate our service:

  • Temporary file metadata (file name, size, type, upload time, expiry time)
  • Server logs containing IP addresses and request information
  • Essential cookies for CSRF protection

We do not collect personal information beyond what's necessary to provide the service.

2. Client-Side Encryption

When you enable client-side encryption, your files are encrypted in your browser before being uploaded to our servers. We do not have access to the encryption keys, which are only shared in the URL fragment (#) and never sent to our servers.

3. How We Use Your Information

We use collected information solely to:

  • Provide the file hosting service
  • Enforce our file expiration policies
  • Prevent abuse of our service
  • Improve service reliability and performance

4. Data Retention

All uploaded files and associated metadata are automatically deleted when they expire (1 to 72 hours after upload, as selected by you). Server logs are retained for 7 days for technical and security purposes.

5. Security

We implement reasonable security measures to protect your data during transmission and storage. However, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

6. Changes to This Policy

We may update this privacy policy from time to time. We will notify users of any changes by updating the date at the top of this page.

7. Contact Us

If you have questions about this privacy policy, please contact us through our GitHub repository.

View on GitHub | Terms of Service | Privacy Policy | Upload Fish