GhostFile

Privacy Policy

Last updated: November 2025

1. Introduction

GhostFile ("we," "us," "our," or the "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (collectively, the "Service"). Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

We collect information in the following ways:

  • Account Registration Information: Name, email address, phone number, and password
  • Vault Content: Documents, media, messages, and any other data you choose to upload
  • Beneficiary Information: Names, contact information, and relationship details of individuals you designate
  • Payment Information: Billing address, payment method details (processed securely by third-party providers)
  • Device Information: Device type, operating system, unique device identifiers, and mobile network information
  • Usage Information: Log files, access times, and features you interact with
  • Location Information: With your permission, approximate location based on IP address
  • Cookies and Tracking: We use cookies and similar technologies to enhance user experience

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, maintain, and improve our Service
  • To process transactions and send related information
  • To send promotional communications (you can opt-out at any time)
  • To respond to your inquiries and customer support requests
  • To detect, investigate, and prevent fraud and abuse
  • To comply with legal obligations
  • To analyze usage patterns and improve user experience
  • To verify beneficiary identity when necessary

4. Data Security

GhostFile takes data security very seriously. We implement industry-standard encryption, secure servers, and multi-factor authentication to protect your information. Your vault contents are encrypted both in transit and at rest using AES-256 encryption. However, no security system is completely impenetrable, and we cannot guarantee absolute protection.

5. Data Retention

We retain your personal information for as long as your account is active. Upon account deletion, we will securely delete your data within 30 days, except where we are required by law to retain it. In the event of your death, your vault will be retained and made accessible to your designated beneficiaries according to your configuration.

6. Third-Party Sharing

We do not sell your personal information to third parties. We may share your information with:

  • Service Providers: Cloud hosting providers, payment processors, and analytics services bound by confidentiality agreements
  • Legal Requirements: Law enforcement or government agencies as required by law
  • Business Transfers: In the event of merger, acquisition, or asset sale (with notice to you)
  • Beneficiaries: When your vault is accessed after your designated trigger events

7. Your Rights and Choices

You have the right to:

  • Access your personal information
  • Correct inaccurate data
  • Request deletion of your account (subject to legal retention requirements)
  • Opt-out of marketing communications
  • Disable cookies in your browser settings
  • Request a copy of your data in a portable format

To exercise these rights, contact us at privacy@ghostfileapp.com.

8. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know, delete, and opt-out of the sale of personal information. GhostFile does not sell personal information. For more information about your CCPA rights, contact us at privacy@ghostfileapp.com.

9. European Privacy Rights (GDPR)

If you are a resident of the European Union or European Economic Area, you have rights under the General Data Protection Regulation (GDPR), including the right to access, rectify, erase, and restrict processing of your personal data. Our legal basis for processing your data is your consent and performance of our service agreement. For data processing inquiries, contact our Data Protection Officer at dpo@ghostfileapp.com.

10. Children's Privacy

GhostFile is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will delete such information and terminate the child's account.

11. Beneficiary Verification

When your designated beneficiaries request access to your vault, we will verify their identity through third-party verification services. This may involve collecting additional identification documents. We maintain strict confidentiality regarding beneficiary verification processes.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last Updated" date. Your continued use of the Service constitutes your acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

Email: privacy@ghostfileapp.com
Website: ghostfileapp.com

© 2025 GhostFile. All rights reserved.