LEGAL

Privacy Policy

Last updated: July 17, 2026

Overview

SealedCitadel is built on a simple premise: we collect only what is absolutely necessary to provide the service, and nothing more. We do not sell your data. We do not share your data with advertisers. We do not build profiles on our users.

This policy explains what we collect, why we collect it, how we store it, and under what circumstances it might be disclosed.

What We Collect

Account Information: When you apply for access, we collect your name, email address, and the information you provide in your application. This is used solely to review your application and contact you if approved.

Authentication Data: We use zero-knowledge authentication (SRP). We do not store your password or any derivative of it. We store only the data required to verify that you know your password โ€” without learning it.

File Data: Files are encrypted client-side. We store only encrypted ciphertext. We cannot access, read, or analyze your file contents.

Connection Data: We do not log IP addresses or connection timestamps. Connections via our Tor hidden service are inherently anonymous at the network level.

What We Don't Collect

  • โœ— IP addresses
  • โœ— Browsing behavior or analytics
  • โœ— Device fingerprints
  • โœ— File names, sizes, or metadata
  • โœ— Access patterns or timestamps
  • โœ— Third-party tracking data

Data Sharing

We do not sell, rent, or share your personal data with third parties for commercial purposes.

We may be required to disclose data in response to valid legal orders. However, due to our technical design, what we are able to disclose is extremely limited โ€” we do not have your password, cannot decrypt your files, and do not log your IP address or access patterns. We will disclose only what we actually have.

We will notify users of legal requests to the extent permitted by law.

Data Retention

Application data (name, email, use case) is retained for up to 90 days after rejection or account closure, then permanently deleted.

Encrypted file data is retained for the duration of your subscription, plus a 30-day grace period after cancellation. After that, it is permanently and irreversibly deleted.

Your Rights

You have the right to request deletion of your account and associated data at any time. Given our zero-knowledge design, deleting your account deletes data that even we could not read.

Contact us at [email protected] for any data requests.

Changes to This Policy

We will notify active users of material changes to this policy. Continued use of the service after notice constitutes acceptance.