Industrial-Grade Security.

TempFileLink is built on a Zero-Knowledge architecture. We use the Web Crypto API to ensure your files are encrypted locally before they leave your device.

AES-256-GCM Encryption

When you upload a file, it is chunked and encrypted in your browser using the AES-256-GCM algorithm. A unique encryption key is generated locally and embedded into the final shareable link (after the `#`). Because the hash fragment (`#key`) is never sent to our servers, we cannot decrypt your files.

Zero-Knowledge Proof

We do not require an account, we do not log IP addresses to uploaded files, and we do not store encryption keys. Our database only contains metadata (file size, expiration time) necessary to manage the lifecycle of the encrypted payload.

Cloudflare R2 Purge

All encrypted payloads are stored on Cloudflare R2 object storage. We utilize native lifecycle rules to guarantee that files are permanently purged from all edge nodes exactly 24 hours after upload. Storage is liability; we destroy it.

Compliance Roadmap

TempFileLink is engineered to meet the strictest data governance standards. While our zero-knowledge architecture inherently protects data privacy, we are actively pursuing formal certifications to validate our infrastructure.

SOC2 Type II In Progress

Auditing our security controls, availability, and processing integrity principles.

GDPR / CCPA Compliant

Full compliance with right-to-erasure (guaranteed via 24h purge) and data minimization.