SecurityBuilt so we can’t read your documents
FileSeal is zero-trust by design. Your files are encrypted on your own device before they ever reach us, opened once, then deleted. The most private mode keeps the key out of our hands entirely.
Zero-trust, not “trust us”
Most tools ask you to trust that they will keep your files safe on their servers. FileSeal is built so that trust is not required.
Encrypted on your device
Files are encrypted in your browser with AES-GCM-256 before they leave your device. The unencrypted document never travels over the network.
The server only sees ciphertext
Our servers store and move encrypted data. They never hold the plaintext of your document, so a server breach exposes files no one can read.
Opened once, then gone
Links are one-time. Once the recipient downloads, the file is permanently deleted from storage. Nothing lingers in an inbox or on a server.
Two ways to share, both encrypted
Every transfer is AES-GCM-256 encrypted. The difference is who holds the key, and you choose on every send.
Get a link
Most privateThe encryption key lives only in the link itself, in the part after the # that your browser never sends to a server. We store ciphertext we genuinely cannot open. You share the link yourself, so the key stays between you and your recipient.
- True zero-knowledge: the key never reaches FileSeal
- Even we cannot decrypt the file
Email them
Convenient defaultWe encrypt the file and email your recipient a working link, so there is nothing for them to copy or paste. Because we generate that link, the key is held on our server for that one transfer. Still AES-GCM-256 encrypted and safe from outsiders, just not hidden from us.
- Encrypted in transit and at rest
- The recipient just clicks, no link to mishandle
We show this trade-off on every send, so the choice between maximum privacy and maximum convenience is always yours.
What happens to your files
Sealed once. Opened once. Then gone.
Encrypt and seal
A unique key encrypts the file in the browser. You choose how long the link stays open, anywhere from 24 hours to 7 days.
Download once
The recipient opens the link and the file is decrypted in their browser. Every access is recorded in an audit trail.
Delete automatically
The moment the download completes, the ciphertext is removed from storage. If the link expires unused, it is cleared too.
A lost key can never destroy the only copy
When you collect documents in zero-knowledge mode, FileSeal confirms before it burns. Files are only deleted after the recipient’s browser confirms it has decrypted and saved every one. A missing or wrong key lists the files but deletes nothing, so a client’s only copy is never lost at the moment of collection.
Defence in depth
Encryption is the foundation. These checks sit on top of it.
Malware and file-type checks
Uploads are screened for malware and validated by file signature, not just their extension, so a renamed executable cannot slip through.
Integrity and limits
Supported formats (PDF, DOC/DOCX, TXT, JPG, PNG) up to 10MB are checked for integrity, keeping the transfer predictable and clean.
Audit logging
Who uploaded, who downloaded, and when, all recorded. When you need to evidence due diligence, the trail is already there.
Protected accounts
Dashboard access is gated by authenticated, route-level protection, so your collected documents are only reachable by you and your team.
Your data stays in the UK
Every part of the platform that touches your documents is hosted in the United Kingdom: application and file delivery in London, the database in the London region, and encrypted file storage in the UK. Your sensitive files do not leave the country.
That keeps you firmly inside UK GDPR and the Data Protection Act 2018, with automatic deletion satisfying the storage-limitation principle without any manual housekeeping.
See it for yourself in 30 seconds
Send a document securely, no account needed, or start a free trial to collect documents from your clients.
GDPR compliant · UK data only · No credit card required