Security & Trust Center

Security & Trust Center

A transparent, technical reference for how beTransfer.eu protects your files — from the encryption algorithms we use to the European data centers where your data lives, and the retention policies that delete it automatically.

Hosting: European Union Encryption: AES-256-GCM Architecture: Zero-knowledge Compliance: GDPR

Zero-knowledge

Files are encrypted in your browser before they reach our servers. For passwordless transfers the decryption key never leaves your device — it is embedded in the share link's URL fragment, which servers never see.

AES-256-GCM

Authenticated encryption with a 256-bit key, 96-bit IV, and 128-bit authentication tag per file. Tampering is cryptographically detectable and rejected at decryption time.

EU-hosted

All file storage is hosted exclusively within the European Union. We do not replicate or transfer file data to regions outside the EU.

Auto-expiring

Transfers expire automatically — 24 hours by default on the free tier — and a cleanup job removes expired objects from storage every 10 minutes.


Cryptography

Encryption implementation

beTransfer.eu uses authenticated symmetric encryption on the client, with optional post-quantum key encapsulation for users who want long-term confidentiality against future quantum computers.

AES-256-GCM (default)

The primary cipher for file encryption. Each file gets a fresh random 96-bit initialization vector (IV) and a 128-bit GCM authentication tag, so any modification to ciphertext is detected on decryption.

Algorithm
AES-256-GCM
Key length
256 bits
IV / nonce
96 bits (random per file)
Auth tag
128 bits
Key derivation
PBKDF2 (password mode)

Post-quantum (ML-KEM)

Optional hybrid encryption using ML-KEM (NIST FIPS 203, formerly CRYSTALS-Kyber). A PQC key encapsulation mechanism derives a shared secret that is then fed into AES-256-GCM, protecting files against "harvest now, decrypt later" attacks.

Algorithms
ML-KEM-512 / 768 / 1024
Standard
NIST FIPS 203
Hybrid cipher
ML-KEM + AES-256-GCM
KDF
scrypt (per-file random salt)

Key derivation (PBKDF2)

In password-based mode, the encryption key is derived from your passphrase using PBKDF2 with a salt and many iterations, making brute-force guesses computationally expensive even for weak passwords.

Passwordless (link-key) mode

When no password is set, a random encryption key is generated in the browser and placed in the URL fragment (#…). Browsers never send fragments to servers, so the key stays between you and your recipient.

What this means in practice: for passwordless and password-protected client-side transfers, beTransfer.eu cannot decrypt your files. We do not hold the decryption key, so we cannot read file contents — even if compelled by a legal request, there is nothing to hand over but encrypted ciphertext.


Infrastructure

Server locations & storage

File data is stored with two European providers, routed automatically by file size. No file content is stored outside the EU.

Primary storage — Supabase Storage

Provider
Supabase
Used for
Files ≤ 50 MB
Region
European Union
Role
Default object store

Large-file storage — OVHcloud Object Storage (S3)

Provider
OVHcloud
Used for
Files > 50 MB
Endpoint
s3.eu-west-par.io.cloud.ovh.net
Region
Paris, France (EU)
Role
Large-object store

The 50 MB threshold between providers is defined as FILE_LIMITS.SUPABASE_MAX_SIZE in our shared constants. Application servers and the PostgreSQL database (via Supabase pooler) are also EU-based, keeping the full request path within the EU.


Data retention

Retention & automatic deletion

We do not keep your files forever. Every transfer has an expiration time, and expired data is purged on a fixed schedule.

ArtifactDefault retentionMaximumCleanup cadence
File transfers (free tier)24 hours72 hours (3 days)Every 10 minutes
File transfers (Pro tier)7 days30 daysEvery 10 minutes
Access logs30 daysDaily at 02:00
User sessions24 hours24 hoursEvery 6 hours
Rate-limit counters15-minute window15 minutesEvery 12 hours

Manual deletion: senders can delete a transfer at any time before it expires. Two reconciliation jobs also run on schedules to remove orphaned objects in storage and to mark missing-in-storage records as deleted — so storage and our database stay consistent even after infrastructure faults.


Platform security

Application & transport security

TLS in transit

All traffic is served over HTTPS/TLS. HSTS is enabled with includeSubDomains; preload.

Password hashing

Account passwords are hashed with bcrypt at cost factor 12. Plaintext passwords are never stored or logged.

Rate limiting

Per-endpoint rate limits on uploads, downloads, and authentication attempts mitigate brute-force and abuse.

File-type allowlist

Uploads are filtered against a MIME-type allowlist and validated before they are accepted into storage.

Verified delivery (OTP)

For sensitive deliveries, recipients can be required to authenticate via one-time passcode (email, SMS, or crypto challenge) before downloading.

No third-party tracking

We do not sell user data and do not embed intrusive third-party trackers. Our privacy policy describes data minimization in detail.


Compliance

GDPR & EU data protection

beTransfer.eu is operated as a European service, with data minimization as a design principle.

For privacy requests (access, rectification, deletion), contact privacy@betransfer.eu. For other questions, support@betransfer.eu.

Ready to send a file the secure way?

Encrypted in your browser, hosted in the EU, deleted automatically. No account required to start.