Privacy Policy

Privacy Policy

Effective date: September 6, 2025

Privacy at a glance

  • We provide two ways to share files: P2P (peer‑to‑peer) and Temporary Cloud Upload.
  • P2P/Relayed P2P: file data flows between you and the recipient; we operate relay/coordination services but do not store file contents.
  • Temporary Cloud Upload: files you choose to upload are stored only until expiry or deletion, then removed from our systems.
  • Recipients don't need an account; links are random and served over HTTPS.
  • We don't sell personal information and collect only what's needed to run, secure, bill and improve the service.

This Privacy Policy explains how FastFileLink ("we", "us", "our") collects, uses, and protects information when you use our websites, apps, and related services (collectively, the "Service"). Please read it carefully. If you don't agree, you may stop using the Service.

1. Who we are & how to contact us

Controller: FastFileLink
Contact: support@fastfilelink.com

2. What we do

FastFileLink lets you create an instant HTTPS link to share large files via encrypted P2P transfer or an optional temporary cloud upload. Recipients can download using the link without registering an account.

3. Modes of transfer and what they mean for privacy

3.1 P2P (direct)

  • Your device connects directly to the recipient's device (typically via WebRTC or a similar technology).
  • File contents are transmitted between peers and are not stored on our servers.
  • We operate signaling services to set up the connection (e.g., session identifiers, NAT traversal information). These services may temporarily process IP addresses and technical metadata necessary to establish and maintain the session.

3.2 Relayed P2P (when direct connection isn't possible)

  • Encrypted traffic may be relayed through our infrastructure to traverse networks.
  • The relay forwards packets and does not persist file contents.
  • We may temporarily process minimal connection metadata during the session setup but do not retain this information after the transfer completes.

3.3 Temporary Cloud Upload

  • You may choose to upload files to our servers to generate a share link that works while you're offline.
  • Files are stored until the retention period you select during upload (default: 3 hours). After expiry or deletion, we immediately remove the files from our systems.
  • We may process limited metadata (e.g., file name you provide, size, checksum, link/token, download count, IP address/time of access) to operate the Service and prevent abuse.

Important: Anyone with the share link can access the file while it's valid. Keep links private and share only with people you trust.

4. Information we collect

We aim to collect the minimum necessary:

  • Service metadata: IP address, device/browser information, language, timestamps, error logs, and interaction events needed to run and secure the Service.
  • Link/transfer metadata: link IDs/tokens, transfer status, volume counters, and download counts for troubleshooting, capacity planning, and billing.
  • Account & license data (senders only): email, license key, purchase history and settings if you activate a paid license. Recipients typically do not provide personal data.
  • Payment data: handled by our payment processors Pixiu and PayPal (we don't store full card details). We receive limited records such as transaction ID, amount, and status. See their privacy notices for details: PayPal Privacy Policy.
  • Support communications: content of emails or messages you send us.

5. Why we process information (purposes & legal bases)

  • Provide the Service: set up connections, generate links, deliver/relay data, and store files (when you choose cloud upload).
  • Security & abuse prevention: detect spam, malware, denial‑of‑service, and misuse; maintain rate limits and quality of service.
  • Billing & licensing: verify licenses, calculate credit usage, process payments, and provide receipts.
  • Diagnostics & improvement: fix bugs, measure performance, and improve features.
  • Legal compliance: respond to lawful requests and enforce our Terms.

Where applicable law (e.g., GDPR) requires a legal basis, we rely on contract (to provide the Service), legitimate interests (security, diagnostics), consent (where required for analytics/optional cookies), and legal obligations.

6. Sharing of information

We share information only with:

  • Service providers / processors: hosting, relay, signaling, content delivery, payments (Pixiu, PayPal), customer support, analytics/crash reporting (if used). They process data under our instructions.
  • Legal & safety: to comply with law, enforce terms, or protect rights, safety, and property.
  • Business transfers: in a merger, acquisition, or reorganization, your information may be transferred subject to this Policy's protections.

We do not sell your personal information.

7. Cookies and similar technologies

  • Essential cookies operate core functions (e.g., session, load balancing). These cannot be switched off.
  • Analytics: We use Google Analytics (GA4) and Umami for usage analytics. These may set cookies or use local storage. Where required by law, we load analytics only after your consent. You can withdraw consent at any time in our cookie settings.

8. Data retention

  • P2P/Relayed P2P: file contents are not stored on our servers. We do not retain session records or connection metadata.
  • Temporary Cloud Upload: stored until the retention period you select (default: 3 hours); files are immediately deleted upon expiry.
  • Account, billing, and support records: kept as long as you maintain an account and as required by applicable tax and business laws (typically 5-7 years).

9. Security

We use industry‑standard protections to safeguard information in transit (e.g., HTTPS/TLS). For stored files, we apply access controls and other safeguards proportionate to risk. No system can be 100% secure; protect your devices and keep share links confidential.

10. International data transfers

Our services operate globally with infrastructure in regions including the US, EU, and Asia-Pacific. If we transfer data across borders, we use appropriate safeguards (e.g., Standard Contractual Clauses) where required by law.

11. Your rights

Depending on your location, you may have rights to access, correct, delete, restrict, or object to processing, and to port your data. You can contact us to exercise these rights. We respond to validated requests within 30 days (extendable as permitted by law). You also have the right to complain to your local data protection authority.

12. Children's privacy

The Service is not intended for children under 13 (or as defined by local law). We do not knowingly collect personal data from children.

13. Changes to this Policy

We may update this Policy from time to time. We will post the new version with an updated "Effective date." Material changes will be highlighted reasonably in advance where required.

14. Contact

Questions or requests? Email us at support@fastfilelink.com.

15. Law enforcement and transparency

We require valid legal process before providing any user data to law enforcement and review all requests narrowly to ensure they meet legal requirements. We provide data only to the extent legally required and will notify users when permitted by law.

Short summary

FastFileLink helps you share big files via P2P or a temporary cloud link. In P2P modes we forward traffic and don't store file contents. If you choose cloud upload, we store files only until they expire or you delete them. We don't sell your data, we use HTTPS, and we keep only the minimum information needed to run and secure the service. For questions or data requests, contact support@fastfilelink.com.