Privacy Policy

Disposable Secret is designed to protect your privacy, not exploit it. This page explains what data we handle, why, and how it is safeguarded.

Overview

Disposable Secret allows you to share sensitive information securely. We collect and retain the minimum amount of data required to deliver your secret once. After a secret has been viewed or has expired, it and its associated data are permanently deleted. We do not sell, share, or exploit your data in any way.

What we collect and why

Your secret is encrypted in your browser before it is sent to us. We store only the encrypted result - we do not hold the decryption key and cannot read your secret under any circumstances. This is true for all secrets, with or without a passphrase.

If you choose to receive a notification when your secret is viewed, we store your email address temporarily. It is encrypted using our key before being written to the database, and it is permanently deleted the moment the notification is sent, or when the secret expires - whichever comes first. We do not use it for any other purpose.

When a secret is viewed, we determine the approximate city and country of the viewer for the notification feature. This lookup is performed using a local database held on our own servers - no IP address is sent to any external service. The IP address is discarded immediately after the lookup. We do not store it.

We collect anonymous, aggregate page view counts to monitor service stability. This data is non-identifying and contains no IP addresses or personal information.

Cookies and tracking

We do not use third-party advertising, tracking pixels, or invasive analytics. We use a single session cookie to keep the site secure - for example, to prevent form tampering. It contains no personal information and expires when you close your browser. If you have an account, a session cookie keeps you logged in during your visit.

Encryption and security

All data is transmitted over HTTPS. Your secret is encrypted using AES-256-GCM entirely within your browser before it reaches us. The decryption key is embedded in the link you share and never sent to our servers. Even if our database were compromised, your secrets would be unreadable. See our Security page for a full technical explanation.

Data retention

Secrets are permanently deleted after their first view or after 24 hours, whichever comes first. Associated metadata and any notification records are deleted at the same time. We do not archive, back up, or retain secret contents after deletion.

Third-party services

We use a transactional email service to send viewing notifications via SMTP. No secret content is included in these emails - only the secret identifier, the approximate viewer location, and the time of viewing. We do not use any other third-party data processors. Our geolocation lookup is performed locally on our own infrastructure.

Legal basis for processing

Our legal basis for processing personal data under UK GDPR is legitimate interest - specifically, providing a secure and privacy-enhancing communication service. We process only the data strictly necessary to deliver that service.

Your rights

You have the right to request access to or deletion of any personal data we hold about you. In practice, because we retain data only for as long as a secret is active - typically hours - and because we do not log IP addresses, we generally hold no historical data to retrieve by the time any such request is made. To make a request, contact us at the address below.

Contact

For privacy questions or data requests, please contact us at [email protected].

Last updated: July 18, 2026. This policy reflects our commitment to minimal data handling and client-side encryption by default.