← Back to Home

Security & Privacy

Your files are yours alone. We built BurritoShare with privacy as the foundation.

Our Security Principles

🔐

Zero-Knowledge Architecture

We literally cannot see your files. They travel directly from sender to receiver through encrypted peer-to-peer connections. Our servers never touch your data.

🛡️

End-to-End Encryption

All file transfers are encrypted using industry-standard protocols. Even if someone intercepts the connection, they can't decrypt your files.

🚫

No Data Retention

We don't store your files, ever. Once a transfer completes, there's no trace left on our servers. We only know a transfer happened, not what was transferred.

🔒

Secure by Default

No configuration needed. Every transfer is automatically secured with the strongest available encryption. Privacy isn't an option - it's built in.

Technical Security Details

WebRTC Security

We use WebRTC's built-in DTLS (Datagram Transport Layer Security) encryption for all peer-to-peer connections. This provides the same level of security as HTTPS.

Connection Establishment

Connection details are exchanged through our signaling server using encrypted WebSocket connections. Once peers connect directly, our server is completely out of the loop.

No JavaScript CDNs

All our code is served from our own servers. We don't use third-party JavaScript CDNs that could be compromised or track users.

Open Source Friendly

While our specific implementation is proprietary, the underlying technologies (WebRTC, STUN/TURN) are open standards that have been thoroughly vetted by security researchers.

How We Compare

Privacy Feature BurritoShare Cloud Services
Files stored on servers ❌ Never ✅ Always
Can read your files ❌ Impossible ✅ Technically possible
Tracks file contents ❌ No ✅ Often for "features"
Requires account ❌ No ✅ Usually
Sells your data ❌ No data to sell ⚠️ Check their policy

What We Do Know

In the interest of complete transparency, here's everything we can see:

  • 📊 A bundle was created (not the files in it)
  • 📏 The total size of the bundle
  • 🏷️ The name you gave the bundle
  • 🔗 When someone accesses the download link
  • ✅ Whether a transfer completed successfully

That's it. We can't see filenames, file contents, or who you're sharing with.

Security Best Practices

🔑 Share Links Securely

Send your BurritoShare links through secure channels. If you're sharing sensitive files, use encrypted messaging.

⏱️ Time-Sensitive Sharing

Since transfers happen in real-time, coordinate with your recipient. Links expire after 24 hours for security.

🔐 Additional Encryption

For ultra-sensitive files, you can encrypt them before sharing. BurritoShare's encryption then becomes a second layer.

Privacy-First File Sharing

Experience what file sharing should be - private, secure, and under your control.

Start Secure Sharing →