Keeping your data secure

Discover how we keep your data and files secure with state-of-the-art security practices.

Infrastructure

Our service is built on several cloud service providers, including Amazon Web Services (AWS) and Linode. These providers have robust security mechanisms to protect our infrastructure.

All communications are performed through end-to-end HTTPS encryption. We frequently and consistently review our SSL configuration and make appropriate updates in the unlikely case new SSL vulnerabilities are discovered.

Our inbound and outbound traffic is monitored and controlled using web application firewall Cloudflare, which also protects us from Distributed Denial of Service (DDoS) attacks.

Our servers are secured using Fail2Ban, Firewalls, and port-blocking software.

We use separate environments for testing and production.

Your data

Your data is hosted in Europe (Germany) and your files are stored in Ireland.

All our user data is encrypted at rest using AES 256-bit encryption algorithm.

We usually store your files for 30 days. If you want your files to be automatically deleted you can activate this feature in the dashboard

File Request Pro does not share your data with anyone. If you decide to cancel your account, we make it easy for you to download all your data.

How we keep your data secure

At File Request Pro we value your privacy and the confidential nature of your information, so we take the following precautions:

  • We can't access your account unless you explicitly say we can.
  • We don't keep a backup of uploaded files for more than 30 days. They are then deleted.
  • Your files are encrypted both at rest and in transit.
  • Files are kept on an encrypted disk, separate from the main server.
  • When you generate a download link, the link is not guessable and is valid for a limited period of time (7 days).

Redundant protection against data loss

We regularly make backups of File Request Pro’s databases, as well as full-disk images of File Request Pro’s servers (excluding uploads). These backups are saved and encrypted on storage services off-site, then systematically tested for integrity. Sensitive data like passwords and credit card numbers are never logged.

Your Credit Card Data is Safe

Your credit card data is never stored on our servers. It is securely submitted directly from your browser (without touching our servers) to a leading, fully PCI-compliant (PCI Service Provider Level 1) payment provider.

People

We require all employees and freelancers to sign a confidentiality agreement and comply with our cybersecurity policy.

By default, our employees and freelancers don't have access to user data. Exceptions can be made for customer support.

Reporting Incidents

Please send urgent and/or sensitive security reports directly to . Please let us know how we can securely contact you.