Krypton.is
Back to Home

Privacy Policy

Last updated: January 18, 2026

1. Information We Collect

We collect the following types of information:

  • Account Information: Name, email address, and authentication credentials
  • Usage Data: File uploads, access codes, download activity, and audit logs
  • Technical Data: IP address, browser type, device information
  • Payment Data: Billing information (processed securely via Stripe)

2. How We Use Your Information

We use your information to:

  • Provide and improve our Service
  • Process transactions and send billing information
  • Send technical notices and support messages
  • Maintain security and prevent fraud
  • Comply with legal obligations

3. Data Security

We implement industry-standard security measures to protect your data:

  • AES-256 encryption for all files at rest and in transit
  • Encrypted databases with role-based access control
  • Annual SOC 2 Type II audits
  • Regular penetration testing
  • Background checks on all employees with data access

4. File Storage and Retention

Your files are stored securely and automatically deleted based on your plan's retention policy. Once deleted, files are permanently purged from our systems and cannot be recovered.

Retention by Plan:

  • • Free Plan: 7 days
  • • Pro Plan: 30 days
  • • Enterprise: Custom retention

5. Audit Logs

Krypton maintains comprehensive audit logs of all file access, including:

  • File uploads and deletions
  • Access code generation and usage
  • File downloads (including IP address and timestamp)
  • Account authentication events

Audit logs are retained for 1 year and are available for export by account owners.

6. Data Sharing

We do not sell your data. We only share data in the following circumstances:

  • With Your Consent: When you explicitly authorize sharing
  • Service Providers: With trusted partners who operate our infrastructure
  • Legal Requirements: When required by law or court order
  • Business Transfer: In connection with a merger or acquisition

7. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your data
  • Opt-out of marketing communications

To exercise these rights, contact us at privacy@krypton.is

8. Compliance

Krypton complies with major data protection regulations:

  • GDPR: EU General Data Protection Regulation
  • HIPAA: Health Insurance Portability and Accountability Act (Business Associate Agreements available)
  • SOC 2: Service Organization Control 2 Type II
  • CCPA: California Consumer Privacy Act

9. Children's Privacy

Our Service is not intended for children under 13. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will take immediate steps to delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes via email or through the Service. Your continued use after changes constitutes acceptance.

11. Contact Us

For privacy-related questions or requests, please contact us at privacy@krypton.is