Privacy Policy

Last updated: May 4, 2026

1. Information We Collect

We collect information you provide directly:

  • Account information: Email address, name, and authentication credentials when you sign up via OAuth (GitHub, Google).
  • Uploaded files: Files you upload, including their names, size, type, and any password or expiry settings you configure.
  • Usage data: Pages visited, files viewed or downloaded, and similar usage metrics.
  • Payment information: Handled entirely by Dodo Payments. We do not store your credit card or bank account details.

2. How We Use Your Information

  • To provide, maintain, and improve the Service
  • To process payments via our payment processor (Dodo Payments)
  • To send you account-related communications
  • To detect and prevent fraud or abuse
  • To comply with legal obligations

3. Data Storage and Retention

Files uploaded to the Service are stored on servers operated by Backblaze, Inc. Your account data is stored in a Supabase database. We retain your account information and uploaded files for as long as your account is active, or as needed to provide you services. You may delete your account and all associated files at any time from your dashboard. Files with expired links are automatically deleted.

4. Data Sharing

We do not sell, trade, or rent your personal information to third parties. We may share information with:

  • Service providers: Backblaze (file storage), Supabase (database), Dodo Payments (payments). These providers are contractually bound to protect your data.
  • Legal requirements: When required by law or to protect our rights.
  • Business transfers: In the event of a merger, acquisition, or sale of assets.

5. Cookies and Tracking

We use cookies to keep you logged in and to understand how you use the Service. We use a minimal, privacy-respecting analytics approach. We do not use third-party advertising cookies.

6. Third-Party Services

  • Dodo Payments: Handles all payment processing. Their privacy policy applies to payment data.
  • Backblaze: Handles file storage infrastructure. Their privacy policy applies to stored files.
  • GitHub / Google: Used for OAuth sign-in. Their privacy policies apply to authentication data.

7. Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (TLS/SSL) and access controls on our servers. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

8. Your Rights

Depending on your location, you may have the right to:

  • Access the personal information we hold about you
  • Correct inaccurate or incomplete information
  • Delete your personal information
  • Export your data in a portable format
  • Object to certain processing of your information

To exercise any of these rights, contact us at privacy@drops.codes.

9. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

10. International Data Transfers

Your information may be transferred to and processed in countries outside of your own. We ensure appropriate safeguards are in place for such transfers, including Standard Contractual Clauses where applicable.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page with a revised "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact

For questions or concerns about this Privacy Policy, contact us at:

privacy@drops.codes

Terms of Service →