Privacy.

FastShared is a utility for making temporary, shareable links to files. This policy describes, in plain English, what data we process, why, for how long, and who we share it with. The short version: there are no accounts, no tracking, and nothing to leak.

Who is the controller

The controller for any personal data processed by FastShared is Matheus Kindrazki, acting as an individual developer, reachable at privacy@fastsha.red. When a legal entity takes over the service, this page will be updated with its details.

What we process

We process the following, and nothing else:

• → The bytes of files you upload. Stored in a private Cloudflare R2 bucket, accessed only via short-lived signed URLs. The bucket has no public hostname, no public ACL, and no direct read path.
• → Retention metadata. For each upload we store its filename, MIME type, size, sha256 hash, creation time, expiry time, and a delete-after timestamp. Stored in Neon Postgres.
• → A per-device token. When the app first launches, it mints a random token and registers it with our API. We store a salted HMAC of that token on the server to authorise upload, history, and revoke calls. Your device holds the raw token in the Keychain; we never see it again after the first request.
• → Operational request logs. Cloudflare records HTTP method, path, response code, latency, and the client IP address for every request, for rate-limiting and abuse response. These logs are retained for up to 30 days.

We do not process your name, your email, an account identifier, a cross-site advertising ID, or any browsing history. There are no accounts to create. We do not ask for contacts, location, or notifications beyond what iOS requires for Live Activities.

Legal basis

Under the GDPR and equivalent laws, our legal bases are:

• → Your action of sharing a file (Art. 6(1)(b) GDPR — performance of the contract you ask us to perform). Uploading a file through FastShared is a request to store it and publish a temporary link to it.
• → Legitimate interest (Art. 6(1)(f)) in operating a safe, rate-limited, abuse-resistant service. This covers the operational request logs described above.

How long we keep your data

Every upload has a deletion deadline. By default the link expires 24 hours after upload, and the file is hard-deleted from R2 24 hours after that. You can choose any retention window between 5 minutes and 30 days; the deletion schedule follows. The absolute ceiling is 90 days, enforced by an R2 lifecycle rule as a safety net in case the scheduler fails.

Retention metadata about a deleted file (filename, size, timestamps — not the bytes) survives as a tombstone for 30 days, so that the history view in your app can show "this link was here, it has been deleted" without us having to keep the file itself. After 30 days the tombstone is pruned.

Operational request logs are retained for up to 30 days, rolling. Per-device tokens live for as long as the device is registered; when you uninstall the app or rotate the token, the old hash is deleted.

Cross-device sync (Pro)

If you are a Pro subscriber, FastShared can sync your link-history metadata (token, filename, MIME type, timestamps, and link state — live, expired, revoked, or removed) across your Apple devices using Apple's CloudKit private database, scoped to your Apple ID's personal iCloud container. We never see this data — it lives in your own iCloud storage, covered by Apple's privacy terms, and we have no API to read or modify it.

When you downgrade from Pro to Free, sync stops. The records already in your private iCloud container remain there for up to 30 days, after which iCloud prunes them naturally according to its own retention rules. If you want to remove them sooner, iOS Settings → Apple ID → iCloud → Manage Account Storage → FastShared → Delete from iCloud. Nothing about that flow touches our servers.

This sync covers metadata only. The underlying file bytes always live on Cloudflare R2 with the lifecycle described above — they are never mirrored into iCloud.

Sub-processors

We use the following sub-processors to run the service. Each is a commercial data-processing agreement consistent with GDPR Art. 28.

• → Cloudflare, Inc. — Workers (API compute), R2 (object storage), KV (rate limits and short-lived reservations). Acts on our instructions; data is stored in Cloudflare's global edge network.
• → Neon, Inc. — Postgres database for retention metadata and device records.
• → Apple Inc. — App Store distribution, TestFlight, push notifications for Live Activities. Apple handles this data under its own published policies.

We do not use third-party analytics SDKs, advertising networks, crash reporters, or CRM tools. We will update this page and bump its version number if that ever changes.

International transfers

Cloudflare is a United States company with a global edge network. Your file may be cached or stored briefly on an edge node close to you, and will ultimately rest on the primary R2 region we configure. For EU and UK users, transfers are covered by Cloudflare's Standard Contractual Clauses and its UK International Data Transfer Addendum.

Subscription data (Pro)

When you purchase Pro, we store one server-side record that maps your device ID to Apple's transaction identifier, the tier you bought (monthly, annual, lifetime), its current status (active, expired, refunded), and its expiry timestamp. We use this to decide whether your device can upload under Pro limits.

No billing information ever touches our servers. Apple handles the payment end-to-end: card, tax, receipt, refund. We only receive the transaction identifier from the App Store Server API, over a signed, authenticated channel. If you request a refund through Apple, Apple notifies us via server-to-server notifications and we revoke your Pro access within minutes.

Subscription records are retained for as long as the associated device is registered, plus 90 days after cancellation, for audit and dispute resolution. After that, the record is pruned.

Your rights

You can:

• → Delete an upload at any time. From the history view, open the link and tap Revoke. The file is queued for immediate deletion and the link returns 410 Gone on the next access.
• → Request deletion of all your data by emailing privacy@fastsha.red with your device's token identifier (shown in the app's About screen). We delete the associated device row, token hash, and any live uploads within 30 days.
• → Request access to the data we hold about you. Because we do not hold accounts, we can only return what is attached to the device token you identify. We cannot identify you across devices.
• → Complain to your local data protection authority if you believe we mishandle your data. In Brazil that is the ANPD; in the EU it is your national DPA.
• → Cancel or manage your Pro subscription at any time through iOS Settings → Apple ID → Subscriptions, or at apps.apple.com/account/subscriptions. Apple processes the cancellation; we revoke Pro access when we receive Apple's server-to-server notification.

No tracking

We do not track you across the web. The app embeds no analytics SDK, no advertising ID, no fingerprinting heuristic, no crash reporter other than Apple's built-in one. Links that FastShared generates respond with X-Robots-Tag: noindex, nofollow, Referrer-Policy: no-referrer, and Cache-Control: no-store so tokens stay out of search indices, referrer chains, and caches.

The landing page at www.fastsha.red is static HTML served from Cloudflare Pages and does not set any cookies or load any third-party scripts beyond the Google Fonts CDN for the Bricolage Grotesque and JetBrains Mono typefaces.

Children

FastShared is not intended for children under 13 (or under 16 in jurisdictions where that threshold applies under the GDPR). We do not knowingly collect data from children. If you believe a child has uploaded a file through FastShared, contact us and we will delete it promptly.

Changes to this policy

We will update this page when the product changes in a way that affects data handling. Changes are versioned at the top of the page. Material changes will be announced inside the app before they take effect.

Contact

Questions, deletion requests, or disputes: privacy@fastsha.red.