TrunktransferTrunktransfer

Privacy Policy

Last updated: March 2026

1. What we collect

When you use Trunktransfer, we collect only what is necessary to provide the service:

  • Account data — email address and password (hashed) if you create an account.
  • Transfer metadata — file name, file size, upload timestamp, expiry date, and download count. We do not read file contents.
  • Usage data — IP address (for rate limiting), browser type, and pages visited. This data is not sold or shared.
  • Payment data — handled entirely by Polar. We never see or store your card details.

2. How we use it

  • To operate the file transfer service.
  • To enforce plan limits and rate limits.
  • To send transactional emails (account confirmation, password reset).
  • To process subscription payments via Polar.

We do not use your data to train AI models. We do not sell your data to third parties.

3. File storage

Files are stored on private, secure object storage. All download links are temporary and expire within 15 minutes of generation. Transfer links expire based on your plan (7 days free, 30 days Pro). After expiry, files are permanently deleted.

4. Third-party services

  • Supabase — authentication and database (EU region).
  • Object storage provider — file storage.
  • Polar — subscription billing.
  • Vercel — hosting and edge functions.

5. Your rights

You can delete your account and all associated data at any time from the Settings page. For data requests or questions, contact us at hello@trunktransfer.com.

6. Cookies

We use only a single session cookie to keep you logged in. We do not use advertising cookies or tracking pixels.

7. Changes

We may update this policy occasionally. Significant changes will be communicated via email to account holders. Continued use of the service after changes constitutes acceptance.