CipherDrp
    [HOME]

    PRIVACY POLICY - CIPHERDROP

    LAST UPDATED: JULY 23, 2025

    Welcome to CipherDrop! Your privacy is critically important to us. CipherDrop is designed to provide a secure and ephemeral way to share text-based messages, with a core commitment to protecting your personal information and ensuring the transience of your data. This Privacy Policy explains how we handle information in connection with your use of our service available exclusively at cipherdrop.app.

    [01] OFFICIAL WEBSITE AND SECURITY WARNING

    CipherDrop is only available at https://cipherdrop.app. Please be extremely cautious of any other websites claiming to be CipherDrop or offering similar services under our name. Never share your CipherDrop links on any other platform or with any party you do not explicitly trust. Sharing links on unofficial or public sites may expose your encrypted information to unintended audiences. We are not responsible for any data shared on unofficial or imposter websites.

    [02] INFORMATION WE DO NOT COLLECT

    ▸ User Accounts: CipherDrop does not require user registration or accounts. You can use our service without providing any personal login credentials.
    ▸ Personal Information in Messages: We do not ask for, collect, or store any personal information that you might choose to include within the content of the messages you create.
    ▸ Message Content (in readable form): The content of your messages is encrypted client-side (in your browser) before it is sent to our servers. The decryption key is contained within the unique link's fragment identifier (the part after the '#') and is never sent to or stored on our servers. This means we, the operators of CipherDrop, cannot read the content of your messages.

    [03] INFORMATION WE PROCESS (AND HOW WE PROTECT YOUR PRIVACY)

    IP ADDRESSES & RATE LIMITING:

    Like all internet services, our edge servers see your IP address when you connect. CipherDrop keeps that data private by converting it into a 16-character SHA-256 digest salted with a secret master string and a new random salt every UTC day. We call this value the privacy-safe client ID.

    We use the hashed ID solely to enforce rate limits and detect abusive patterns. The Redis keys that hold these counters expire automatically after the length of the rate-limit window (for core APIs that means 60 seconds; for slower-cadence endpoints such as feedback or inquiry forms the window can be up to one hour).

    MESSAGE METADATA:

    We store minimal metadata associated with the encrypted message, such as its creation time, user-configured expiration settings (e.g., link Time-To-Live before read, message destruction delay after read), and whether it's password-protected. This metadata does not include the decryption key or plaintext content.

    [04] MESSAGE LIFECYCLE AND DELETION

    ▸ Message Retrieval and Deletion: Each link can be opened only once. As soon as the ciphertext is delivered to the first viewer (and, if required, successfully decrypted), the note is permanently erased from our live servers—there is no server-side grace period after viewing. (Your browser may keep the decrypted text in memory until you close the tab.)
    ▸ Link Expiry: If a message is not retrieved before its "SELF-DESTRUCT IF UNREAD (TTL)" (link expiry time you set) expires, it is also permanently deleted from our live operational servers.
    ▸ Irretrievable Deletion from Live Systems: We ensure that deleted messages are irretrievable from our active, live systems. For information on how deleted data might be handled within our infrastructure providers' backup systems, please refer to the "Encrypted Message Data" portion of Section 3.

    [05] COOKIE POLICY

    CipherDrop is designed to use minimal or no cookies for its core functionality.

    ▸ Strictly Necessary Cookies: We do not currently set any CipherDrop application-specific cookies that are strictly necessary for the core message creation/retrieval service to function. Interface preferences, such as theme settings, may use localStorage but not cookies for tracking.
    ▸ Future Use: If we introduce features that require cookies for functionality, this policy will be updated, and we will seek to use them minimally and transparently.

    [06] DONATIONS

    If you choose to support CipherDrop through cryptocurrency donations:

    Donations are entirely voluntary.
    CipherDrop does not collect or store any personal information linked to your donation transaction beyond what is publicly visible on the respective blockchain. For anonymous donations, we encourage the use of privacy-enhancing cryptocurrencies.

    [07] DATA SECURITY

    We implement reasonable technical and administrative measures to protect the information processed by CipherDrop. All communication with our servers is encrypted in transit via HTTPS/TLS (with HSTS). Your note content is encrypted before it leaves your browser using AES-256-GCM. If you set a password, we derive a key with PBKDF2-HMAC-SHA-256 and 600 000 iterations – exceeding current OWASP & NIST recommendations. Because the decryption key is embedded in the link fragment, CipherDrop’s servers never possess plaintext or keys.

    The security of your message ultimately depends on you keeping the unique link (including the fragment) confidential and only using the official site – https://cipherdrop.app.

    [08] THIRD-PARTY INFRASTRUCTURE PROVIDERS

    We utilize reputable third-party providers for hosting our application and for temporary storage of encrypted data. These providers are responsible for the physical security and operational integrity of the underlying infrastructure, including their own backup and data management practices. We select providers known for strong security and privacy standards. While their specific practices are governed by their own policies, we design CipherDrop to minimize the sensitivity of any data they might process or back up on our behalf (e.g., by ensuring message content is always client-side encrypted before reaching our servers).

    [09] CHILDREN'S PRIVACY

    CipherDrop is not intended for use by children under the age of 13 (or the relevant age of digital consent in your jurisdiction). We do not knowingly collect any personal information from children.

    [10] CHANGES TO THIS PRIVACY POLICY

    We may update this Privacy Policy from time to time. We will notify you of any significant changes by posting the changes on this page and updating the "Last Updated" date.

    [END OF TRANSMISSION]