SimpleSafeCloud
Get Started
Legal

Privacy Policy

Last updated: February 5, 2026

The Most Important Thing to Know

SimpleSafeCloud uses zero-knowledge encryption. We cannot access your encrypted files. Your files are encrypted on your device before they are uploaded. We do not have the encryption keys. We cannot see your file names, file contents, photos, notes, or any other encrypted data.

1. Who We Are

SimpleSafeCloud ("we," "us," or "our") is a U.S.-based company that provides zero-knowledge encrypted cloud storage services. This Privacy Policy explains how we collect, use, and protect your information when you use our website and services (the "Service").

2. Data We Collect

We collect only the minimum information necessary to provide our Service:

Account Information

  • Email address (for account login and communication)
  • Name (optional, for personalizing your account)
  • Password hash (we never store your password in plain text)

Payment Information

  • Payment processing is handled by Stripe, our third-party payment processor
  • We do not store your full credit card number on our servers
  • We receive from Stripe: the last 4 digits of your card, card brand, expiration date, and billing address

Usage Information

  • Storage usage (how much encrypted data you have stored, in bytes)
  • Number of files (count only - names are encrypted)
  • Login timestamps and IP addresses
  • Device information (browser type, operating system, screen resolution) for security and analytics purposes
  • Usage analytics and page views (pages visited, time on page, scroll depth)
  • Marketing attribution data (UTM parameters, referral source, ad click identifiers)
  • IP-based approximate location (city, region, country) for analytics and fraud prevention

3. Data We DO NOT Have Access To

Because of our zero-knowledge encryption architecture, the following data is encrypted on your device before upload and we cannot access it under any circumstances:

  • File contents — your photos, documents, and any uploaded files
  • File names — the names of your files are encrypted
  • Note contents — everything you write in encrypted notes
  • Encryption keys — your encryption key is derived from your password, which we never have
  • Recovery key — generated on your device and never sent to us

4. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process your payments and manage your subscription
  • Send you important account notifications (password resets, security alerts)
  • Respond to your support requests
  • Protect against fraud, abuse, and unauthorized access
  • Comply with legal obligations

We will never sell your personal information to third parties.

5. Data Sharing

We share your information only in the following limited circumstances:

  • Stripe — for payment processing
  • Email service provider — for sending account-related emails (e.g., password resets)
  • Error monitoring — we use Sentry for tracking application errors (no file data is ever included)
  • Law enforcement — if required by law, we will comply with valid legal requests. However, because of our zero-knowledge architecture, we can only provide the limited account information described above. We cannot provide your file contents, file names, notes, or encryption keys because we simply do not have them.

6. Cookies & Local Storage

We use cookies and browser local storage for the following purposes:

  • Authentication cookies — to keep you signed in to your account
  • Security cookies — to protect against cross-site request forgery and other security threats
  • Preference storage — to remember your cookie consent choice and display preferences
  • Analytics storage — to store a visitor identifier and session data for usage analytics (only if you accept cookies via our consent banner)

When you first visit our site, we show a cookie consent banner. You can accept or decline non-essential cookies. If you decline, we will not collect device fingerprints, location data, or detailed analytics. Essential cookies for authentication and security are always used. We do not use advertising cookies or third-party tracking cookies. We do not track you across other websites.

7. Data Security

We take security seriously. In addition to the zero-knowledge encryption of your files, we implement:

  • HTTPS/TLS encryption for all data in transit
  • Encrypted storage for all data at rest on our servers
  • Regular security audits and monitoring
  • Strict access controls for our team (though even with access, your file data remains encrypted and unreadable)

8. Data Retention

  • Active accounts — we retain your data for as long as your account is active
  • Deleted accounts — when you delete your account, we permanently delete all your encrypted data within 30 days
  • Canceled subscriptions — your data is retained until the end of your paid period, then your account reverts to the Free plan

9. Your Rights (GDPR and CCPA)

You have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — update or correct your personal data
  • Deletion — request deletion of your account and all associated data
  • Portability — download all your files at any time from your account
  • Objection — opt out of non-essential communications

To exercise any of these rights, please contact us at [email protected].

10. Children's Privacy

Our Service is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete that information promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you by email and update the "Last updated" date at the top of this page. We encourage you to review this page periodically.

12. Mobile Application

When you use the SimpleSafeCloud mobile application, the following additional privacy practices apply:

  • Camera access — used only when you choose to take a photo for upload. Photos are encrypted before upload.
  • Push notifications — optional. Used for share notifications and storage warnings only.
  • Biometric authentication — optional. Face ID/Touch ID data never leaves your device. We use Apple/Google's secure enclave — we never access your biometric data.
  • Device identifiers — we do not collect IDFA, GAID, or device advertising identifiers.
  • No third-party analytics or advertising SDKs — the mobile app does not contain any third-party analytics SDKs or advertising SDKs.

13. How to Unsubscribe

You can opt out of marketing and promotional emails at any time using any of the following methods:

  • Unsubscribe link — click the "Unsubscribe" link at the bottom of any marketing email we send you
  • Account settings — log in to your SimpleSafeCloud account, go to Settings > Notifications, and turn off marketing emails
  • Email us — send a request to [email protected] with the subject line "Unsubscribe"

We will process your request within 10 business days. Please note that even after opting out of marketing emails, you will still receive essential account notifications such as password resets, security alerts, and billing receipts.

14. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

  • Email: [email protected]
  • Phone: +1 (855) 552-9002
  • Mail: SimpleSafeCloud, Fort Lauderdale, FL