1. Introduction

At FileFortress, we take your privacy seriously. This privacy policy explains how we handle your data and protect your privacy when you use our file encryption service.

2. Zero-Knowledge Encryption

Our service operates on a zero-knowledge principle, which means:

• All encryption and decryption processes happen entirely in your browser
• Your files are never uploaded to our servers
• We never have access to your unencrypted files or passwords
• Your encryption keys are generated locally and never transmitted

3. Data Collection

We collect minimal data to provide our service:

• Browser type and version (for compatibility)
• Operating system information
• Screen resolution (for UI optimization)
• Theme preference (stored locally)

Web Analytics: We use Vercel Analytics to collect anonymous usage data about our website. This helps us understand how users interact with our service and improve the user experience. The analytics data collected includes:

• Page views and navigation patterns
• Time spent on the site
• Referral sources
• General geographic location (country/region level only)

This analytics data is anonymized and used solely to improve our service. No personally identifiable information is collected through our analytics system, and your files and encryption activities remain completely private.

4. Local Storage

We use your browser's local storage to:

• Remember your theme preference (light/dark mode)
• Store temporary encryption progress
• Cache UI state information

This data is stored locally on your device and can be cleared at any time through your browser settings.

5. Biometric Authentication

FileFortress offers biometric authentication as an optional security feature:

• Biometric authentication uses the Web Authentication API (WebAuthn)
• Your biometric data is stored securely on your device and never transmitted to our servers
• We only store a credential ID in your browser's local storage to verify your identity
• Biometric authentication is required for both encryption and decryption when enabled
• You can enable or disable biometric authentication at any time

This feature is available on devices that support platform authenticators such as Windows Hello, macOS Touch ID, or mobile device biometric sensors.

6. Security Measures

We implement several security measures to protect your data:

• Content Security Policy (CSP) to prevent XSS attacks
• X-Frame-Options to prevent clickjacking
• Secure file handling with Web Crypto API
• Strong encryption algorithms (AES-GCM-256)
• Secure key derivation (PBKDF2 with 200,000 iterations)

7. File Handling

Our file handling process:

• Files are processed entirely in your browser's memory
• No file data is stored on our servers
• Encrypted files are downloaded directly to your device
• Maximum file size limit of 10MB for optimal performance

8. Third-Party Services

We use the following third-party services:

• Tailwind CSS for styling
• Font Awesome for icons
• Google Fonts for typography
• Vercel Analytics for anonymous usage statistics

These services are used for UI enhancement and service improvement only. They do not have access to your files or encryption/decryption processes. Vercel Analytics collects anonymous usage data as described in section 3.

9. Updates to Privacy Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated revision date.