Privacy & Terms of Use

• ·We do not collect personal information, IP addresses, user agents, or cookies.
• ·We do not require accounts, authentication, or logins.
• ·We do not store unencrypted content.
• ·All data is encrypted in your browser before being sent — we cannot decrypt it.
• ·You may split decryption keys with Shamir Secret Sharing (n-of-t); each share remains client-side and is never transmitted to our servers.
• ·Stored content self-destructs after first access or a user-defined expiration.

By using GhostDrop, you agree not to use the platform for:

• ·Illegal activities under applicable law
• ·Sharing or distributing malware, stolen data, or abusive content
• ·Harassment, threats, or abuse of individuals or systems
• ·Attempting to overload, exploit, or reverse-engineer the service
• ·Sharing screenshots of your crypto portfolio to flex on your broke friends

We may update this policy as the platform evolves. Major changes will be reflected here with a new effective date.

• ·Data is encrypted using AES-256-GCM with PBKDF2 (210,000 iterations)
• ·Encryption keys are generated in your browser and never transmitted
• ·Optional Shamir key shares (n-of-t) are encoded in URL fragments and combined client-side
• ·Optional image metadata cleaning strips EXIF/IPTC/XMP from supported images before encryption
• ·Server storage uses Redis with automatic TTL expiration
• ·No logs are kept of file contents or access patterns

For abuse reports or legal inquiries: ghostdrop@tutamail.com