Last updated: February 2026
Applies to patrins.com
Privacy is structural at Patrins — not a setting, not a promise. We are technically incapable of reading your files. This page explains exactly how that works and what little data we do hold. See also our Terms of Service.
We can't read your filesAES-256-GCM client-side encryption. The key never touches our servers.
No selling your dataWe never sell, rent, or trade your personal information. Ever.
No trackingNo analytics, no ad tracking, no behavioral profiling. Essential session cookies only.
Delete anytimeFull account and data deletion on request, permanently.
§ 01
Overview
Patrins is a zero-knowledge, encrypted file hosting platform. We have engineered the service so that even we cannot access the files you upload. Privacy here is a technical property of the system — not a policy choice that can be reversed with a subpoena.
This policy covers all users: anonymous uploaders, registered free accounts, and paid subscribers. It describes every category of data we handle and why.
§ 02
What We Collect
We collect the bare minimum required to operate the service.
Email addressRequired for registered accounts. Used for authentication, billing receipts, and critical service notices only. No marketing without explicit opt-in.
UsernameDisplayed publicly when you share folders (e.g. "Shared by @username").
Password hashbcrypt hash of your password. We never store your plaintext password and cannot recover it.
Encrypted file blobsCiphertext only. We store the encrypted output of your files — never the originals. We cannot decrypt them.
File metadataEncrypted file size, upload timestamp, file ID, and expiry date. No filenames, no file types, no content-derived data.
IP addressLogged at upload time for rate limiting and abuse prevention. Automatically purged after 30 days.
Billing referenceA reference ID and subscription status from our payment processor. Card details never reach our servers.
Session tokenHTTP-only cookie to keep you logged in. Expires on logout or after 30 days of inactivity.
§ 03
What We Don't Collect
File contents — structurally impossible due to client-side encryption.
Original filenames or file types.
Encryption keys — they exist only in the share link, which we never see in full.
Download logs — we do not record who downloads a file or when.
Browser fingerprints, device IDs, or persistent tracking identifiers.
Behavioral analytics, heatmaps, session recordings, or ad tracking data.
Phone numbers or physical addresses.
§ 04
How Encryption Works — Regular Uploads
When you upload a file directly from your browser, this is exactly what happens — step by step:
Browser → Server · Regular Upload
1
Your browser generates a random 256-bit encryption key using the Web Crypto API. This happens locally — the key never leaves your device through the network.
2
The file is split into 2 MB chunks in memory.
3
Each chunk is encrypted individually using AES-256-GCM client-side, with a unique IV per chunk. The output is pure ciphertext — indistinguishable from random noise.
4
Only the encrypted blobs are uploaded to our servers. We receive ciphertext and nothing else.
5
The key is embedded directly in the share URL path — for example patrins.com/d/abc123SuperSecretKeyHere. Browsers never include the URL path's key portion in HTTP requests to our server, so the key is never transmitted to us.
6
Our server only ever sees encrypted garbage. Even with full database access, there is nothing to read.
§ 05
How Encryption Works — Remote Uploads
When you provide a URL and ask Patrins to fetch and host a file on your behalf, the process is slightly different — but the zero-knowledge property is maintained:
URL → Server → Encrypted Storage · Remote Upload
1
Your browser generates the encryption key locally using Web Crypto API — before anything is sent to the server.
2
The key is sent to the server alongside the remote URL as part of the upload request, so the server can encrypt the downloaded file on your behalf.
3
The server downloads the file using aria2c (multi-connection for speed, falling back to single-connection, then native HTTP if needed).
4
The server encrypts the downloaded file using the key you provided, then stores only the ciphertext.
5
The key is immediately discarded after encryption. It is never written to disk, never logged, never stored in any database. The moment encryption is done, it is gone from our systems.
6
The share link is returned with the key embedded in the URL — the same as a regular upload. From this point forward, the server has no record of the key.
Note on remote uploads: During step 2, the key briefly exists on our server in memory for the duration of the encryption operation. It is never persisted to disk or any database. We consider this an acceptable and transparent tradeoff for the convenience of server-side remote fetching, compared to the alternative of downloading large files in your browser.
§ 06
How Downloads Work
Decryption happens entirely in your browser. The server is never involved in the decryption process.
Server → Browser · Download & Decrypt
1
The recipient visits a share link like patrins.com/d/abc123XYZencryptionkeyembeddedhere. The key is embedded directly in the URL path after the file ID — no # fragment, no ?query parameter.
2
The browser sends a request to our server for the encrypted blob. The server only sees the file ID portion of the URL — the key portion is parsed client-side by the browser before any network request is made.
3
The key is extracted from the URL in the browser. It never hits our server.
4
Decryption happens entirely in the browser using the Web Crypto API. The encrypted chunks are fetched and decrypted locally.
5
The original file is reconstructed locally in memory and offered as a download. Nothing decrypted is ever sent back to us.
§ 07
What the Server Stores vs. What It Can't See
Here is a complete and honest split of what exists on our infrastructure:
Server can see
Encrypted blob (useless without key)
File ID
Encrypted size
Upload timestamp
Expiry date
Account email (if logged in)
Password hash (bcrypt)
Server cannot see
File contents
Original filename
File type or MIME
Encryption keys
Who downloads what
Download timestamps
Full share URLs (key portion)
Zero-knowledge in practice: Even if Patrins were compelled by a court order, subjected to a government search, or suffered a complete server breach — decryption of your files is impossible. The keys only ever exist in the share links, which only you hold.
§ 08
How We Use Your Data
AuthenticationEmail and password hash to verify your identity at login.
Account managementStorage usage and plan status to deliver what you've subscribed to.
Service communicationsTransactional emails only: confirmations, resets, billing receipts, critical notices. No marketing without opt-in.
Abuse preventionIP addresses and upload rates to detect automated abuse and rate-limit bad actors.
Service improvementAggregate, anonymized metrics only (e.g. total uploads per day). Never linked to individual users.
We do not use your data for advertising, profiling, ML training, or sale to third parties.
§ 09
Storage & Security
File ciphertext is stored with AES-256 encryption at rest — layered on top of the client-side encryption already applied.
All connections enforce TLS 1.3 and HTTPS-only with HSTS.
Passwords hashed with bcrypt (cost factor ≥ 12). No plaintext, ever.
Session tokens are HTTP-only, Secure, SameSite=Strict.
Breach affecting personal data (email, metadata) will be disclosed to affected users within 72 hours of discovery.
§ 10
Retention & Deletion
Temporary filesPermanently deleted exactly 7 days after upload. No exceptions, no recovery.
Permanent filesRetained until you delete them, your account is deleted, or your plan lapses beyond the grace period.
Account dataDeleted within 30 days of account deletion request. 14-day cancellation grace period applies.
IP logsAuto-purged after 30 days.
Billing recordsRetained 7 years as required by financial law. Covers amounts and dates only — not card details.
CSAM / abuse casesRetained as required by law for reporting to NCMEC and law enforcement. See § 15.
§ 11
Data Sharing
We do not sell, rent, or trade your data. We share only in these narrow circumstances:
Infrastructure providers operating under strict data processing agreements (cloud storage, CDN, payments). They cannot use your data for their own purposes.
Legal compliance — valid court order or applicable law. See § 16 for what we can and can't provide.
NCMEC reporting — CSAM-related data is reported immediately as required by federal law. See § 15.
Business transfer — merger or acquisition, with advance notice and the option to delete your account beforehand.
§ 12
Third-Party Services
CloudflareCDN, DDoS protection, DNS. Sees IP addresses and request metadata in transit.
Payment processorHandles all billing. We never see card details — only a billing reference ID.
Google OAuthOptional sign-in. We receive your email and name only. No access to Drive, contacts, or any other Google data.
Email deliveryTransactional email provider. Receives your email address for delivery purposes only.
We do not use Google Analytics, Meta Pixel, Hotjar, or any behavioral analytics or ad-tracking tools. None.
§ 13
Cookies & Local Storage
Session cookieHTTP-only, Secure cookie to keep you logged in. Contains only a session token. Expires on logout or 30 days inactivity.
Theme preferenceStored in localStorage under the key theme. Device-only. Never sent to our servers.
CSRF tokenShort-lived token to prevent cross-site request forgery. Does not identify you.
No third-party cookies. No ad cookies. No tracking pixels. No persistent identifiers beyond your session.
§ 14
Ads & Download Pages
Free and Standard plan users see ads on download pages — the page a recipient lands on when opening a share link. Ads are never shown in your account dashboard or upload interface.
Ad networks on download pages may set their own cookies and collect data per their own policies. Patrins does not use this data internally. Premium subscribers get fully ad-free download pages with custom HTML and domain support.
§ 15
CSAM — Zero Tolerance
Child Sexual Abuse Material — Absolute Zero Tolerance
We have one rule on this that has no exceptions, no nuance, and no appeals process: CSAM has no place on Patrins. None.
We understand that zero-knowledge encryption means we generally cannot see what's in your files. We have accepted that tradeoff across the board — for everyone's privacy. But CSAM is the one category where we will not hide behind that principle. If we become aware — through a report, a tip, a hash match, law enforcement contact, or any other means — that a Patrins account or share link is associated with child sexual abuse material, here is exactly what happens:
Your account is terminated instantly. No warning, no grace period, no chance to download your data first.
All your files are deleted. Every encrypted blob associated with your account is purged from our infrastructure immediately.
You are reported. We file a report with the National Center for Missing & Exploited Children (NCMEC) as required by 18 U.S.C. § 2258A, and provide all available account data to law enforcement.
No refunds. Any paid subscription balance is forfeited, permanently.
There is no appeals inbox for this. There is no explanation we want to hear. If you are using Patrins for this, you are in the wrong place and you will face consequences.
To report suspected CSAM on Patrins, contact legal@patrins.com or report directly to NCMEC's CyberTipline.
§ 16
Legal Requests
What we can provide if compelled:
Account email and registration date
Upload timestamps and encrypted file sizes (metadata only)
IP address logs (30-day retention window only)
Billing records (amounts and dates, no card details)
What we cannot provide, even if ordered:
File contents — we hold only ciphertext and have no decryption keys
Original filenames or types
Download history — we don't log it
IP addresses older than 30 days (auto-purged)
Where legally permitted, we will notify you before complying so you can seek legal counsel. We challenge overly broad or deficient requests.
§ 17
Your Rights
AccessRequest a copy of all personal data we hold about you.
CorrectionUpdate inaccurate data (e.g. your email) from account settings.
DeletionPermanent deletion of your account and all data. See § 10 for timelines.
PortabilityExport your files and account data at any time.
ObjectObject to any processing you haven't consented to.
Withdraw consentUnsubscribe from any optional communications at any time.
Email privacy@patrins.com to exercise any of these. We respond within 30 days.
§ 18
Policy Changes
Material changes will be emailed to registered users at least 14 days before taking effect. The "Last updated" date above always reflects the current version. Continued use after changes constitutes acceptance.