Privacy Policy
At AetherDrop ("we", "us"), we believe your data is yours. This Privacy Policy outlines our "Privacy by Architecture" approach. Because AetherDrop is a peer-to-peer (P2P) utility, we have designed the system so that we physically cannot access your files.
1. Zero-Knowledge & Zero-Persistence Architecture
AetherDrop is built on a direct Peer-to-Peer (P2P) architecture. When you transfer files using our service:
- Direct Streaming: Your files stream directly from your device to the receiver's device. No intermediate copies are created.
- End-to-End Encryption (E2EE): All data is secured using AES-256 encryption before it leaves your device. The keys are generated on your local hardware.
- No Server Storage: Your files never touch our servers. We do not host, store, or cache your data. We have no "database" of your shared content.
- Zero Access: We mathematically cannot see, intercept, scan, or use your files for any purpose, including AI training or analytics.
2. Role of the Relay Servers
If a direct P2P connection cannot be established (e.g., due to strict corporate firewalls), your transfer will automatically route through our encrypted Relay Servers. However:
- The relay servers act purely as blind pipes shuttling encrypted packets between devices.
- They never hold the decryption keys.
- The data passing through the relays remains completely unreadable to us.
3. Information We Collect
To provide our services, we may collect minimal information:
- Account Information: If you register for an account (Free or Pro), we collect your email address and basic profile information.
- Payment Information: For Pro and Founder's Edition users, payment processing is handled securely by our Merchant of Record. AetherDrop does not store or process your credit card numbers or CVV codes. All payment-related data is subject to the Merchant of Record’s Privacy Policy.
- Signaling Metadata: To connect devices, our signaling server temporarily processes ephemeral connection data (like IP addresses and connection codes). This data is held in memory only for the duration of the connection handshake and is not logged permanently.
- Usage Metrics: We may collect anonymous, aggregated usage data (such as transfer success rates or error codes) to monitor system health and improve the service. This data cannot be linked to your identity or files.
4. How We Use Your Information
We use the collected information strictly for the following purposes:
- To provide, maintain, and improve the AetherDrop service.
- To process payments and manage your subscription tier.
- To communicate with you regarding updates, security alerts, and support.
5. Sharing Your Information
We do not sell, rent, or trade your personal information. We only share information in the following circumstances:
- Service Providers: With trusted third-party vendors (like payment processors or hosting providers) who perform necessary services on our behalf, under strict confidentiality agreements.
- Legal Requirements: If required by law, subpoena, or to protect the rights and safety of AetherDrop or others. Note: Because of our zero-knowledge architecture, we cannot provide your file contents to authorities even if requested.
6. Your Rights
You have the right to access, correct, or request the deletion of your personal information (like your account email). Contact us to exercise these rights.
7. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the new policy on this page or through other communication channels.
8. Contact Us
If you have any questions or concerns about this Privacy Policy or our practices, please contact us via our support channels.