Privacy

Privacy Policy

Dropshark stores uploaded file metadata, secure random link IDs, expiration settings, download counts, and access log timestamps. Passwords are hashed with bcrypt and are never stored in plain text.

Files are served through application routes instead of public storage paths. In production, operators should configure HTTPS, managed PostgreSQL, encrypted object storage, backups, and retention jobs that delete expired files.

Access logs may include IP addresses for abuse prevention and auditability. Remove or anonymize logs according to your organization's legal and retention requirements.