Security & privacy

Delivered. Downloaded. Gone.

Encrypted in transit and at rest, alive exactly as long as you decide, and deleted for real when time's up. No AI training. No data selling. No fine print.

Get started

Deliver with confidence

Share a link, set the expiry, add a password if it's sensitive. ZappFiles handles the guardrails so you can hand off the work and move on.

Everything guarding your files

TLS in transit

Every byte between you, us, and your client travels encrypted. Nothing leaves your device until you hit send, and nothing travels in the open.

AES-256 at rest

Stored files are encrypted on Cloudflare R2 with the same standard banks rely on. Your work never sits in storage unprotected.

Signed URLs

Transfer links are unguessable and every download runs through a signed URL that expires within minutes. A leaked link goes stale before it can travel.

Password protection

Lock any transfer on Pro or Max. Recipients see a lock screen and nothing else until they enter the password. The password is hashed, so even we can't read it.

Delete after download

Flip one switch on Pro or Max and the files remove themselves the instant the first download starts. Made for sensitive client handoffs.

Download tracking

See who downloaded what, and when. If a link ends up somewhere it shouldn't, you'll know, and you can delete the transfer on the spot.

See pricing

Encrypted, always

TLS on every transfer, AES-256 on every stored file. Encryption isn't a plan feature. It's on for every plan, every upload, by default.

Expires on your schedule

Every link has a shelf life, from 10 days to a full year. Want it tighter? Flip on delete after download and the files vanish the instant your client pulls them.

Lock it with a password

Add a password on Pro or Max and recipients see nothing. No file names, no previews, no sizes. The lock screen stays until they type it in.

Under the hood

Boring infrastructure. By design.

Files live on Cloudflare R2 and travel over Cloudflare's global edge. Downloads use signed URLs that expire within minutes, so a screenshot of a link can't be passed around days later and still work. The actual download happens directly between your recipient and the storage layer, not through us.

Your move

Nothing uploads until you hit send

Some tools start streaming your files in the background the moment you drop them in, just in case. We don't. Your files leave your device the moment you tell them to and not a second sooner.

The short version

What's always on. What never happens.

No security tiers, no toggles buried in settings. One list runs on every transfer by default. The other stays empty forever.

Always on

Every plan. Every transfer. Nothing to configure.

  • TLS in transit

    Every transfer is encrypted the moment it leaves your device.

  • AES-256 at rest

    Files sit encrypted on Cloudflare R2 until they expire.

  • Signed download URLs

    Every download link goes stale within minutes.

  • Real deletion

    Expired files are wiped from storage, caches and edge nodes.

Never happening

Not in the fine print. Not anywhere.

  • AI training

    Your files never train a model. Ours or anyone else's.

  • Data selling

    We don't sell, share or mine your data. Full stop.

  • Shadow copies

    No backups of expired files, no leftover thumbnails.

  • Snooping

    We don't open, scan or look at what you send.

Your files, your region

We route to the closest region by default for speed. On Pro and Max you pin each transfer to Eastern USA, Western USA, Europe, or Asia and it stays there. Useful when a client contract says data has to stay on a particular continent.

The life of a transfer

1. Upload over TLS

Nothing leaves your device until you hit send. Then your files travel over TLS and land on Cloudflare R2, encrypted at rest with AES-256.

2. Set the guardrails

Pick an expiry, add a password, pin a storage region. Thirty seconds of settings. Or skip them entirely, because the safe defaults are already on.

3. Share one link

Your client clicks, previews, downloads. No account, no app, no signup wall. Each download runs through a signed URL that expires within minutes.

4. Gone for real

When the link expires, the files are deleted from storage. No shadow copies, no backups of expired files, no leftover thumbnails. Gone means gone.

The honest comparison

The usual ways don't hold up

Email attachments and shared drive folders were never built for client deliveries. Here's how they stack up against a transfer that protects itself.

Email attachmentCloud drive folderZappFiles
Size limitCaps out around 25MBWhatever storage is leftUp to 250GB on Max
Link expirySits in inboxes foreverUntil someone remembers10 days to a year, automatic
Encrypted at restDepends on the inboxUsuallyAES-256, every file
Password protectionAccount walls for clientsOne password, no account needed
Delete after downloadOne switch
Download trackingLimitedWho downloaded what, and when
AI training on your filesCheck the fine printCheck the fine printNever
Privacy

No AI training. Not now, not ever.

We don't train models on your files, sell your data, or mine your transfers for insights. The only thing we do with the bytes you upload is move them to your recipient, then delete them on schedule.

FAQs

Can’t find the answer you’re looking for?
Reach out to our customer support team.

Every transfer travels over TLS and every stored file is encrypted at rest with AES-256 on Cloudflare R2. Downloads run through signed URLs that expire within minutes, so an old or leaked URL simply stops working. All of this is on by default, on every plan, including free.

Yes. By default we route your upload to the closest region for speed. On Pro and Max you can pin a transfer to Eastern USA, Western USA, Europe, or Asia, and it stays there for the life of the transfer. Useful when a client contract says data has to stay on a particular continent.

Every transfer has an expiry. Without an account it's 10 days, free accounts get 14 days, Pro goes up to 60 days, and Max up to a full year. On Pro and Max you can also enable delete after download, which removes the files the moment the first download starts.

On Pro and Max you can lock any transfer with a password. Recipients hit a lock screen before they can see anything. No file names, no previews, no downloads. The password is hashed before we store it, so even we can't read it. For best results, share the password through a different channel than the link itself.

The files are removed from storage, including caches and edge nodes shortly after. We don't keep shadow copies, backups of expired files, or leftover previews. The download link stops working and the files are gone.

No and no. We don't train models on your files, we don't scan or analyze their contents, and we don't sell personal data. The only thing we do with the bytes you upload is move them to the person you sent them to, then delete them on schedule.