Legal

Privacy & Data Protection

Last updated: 15 November 2025

ShareNow.space is designed as a privacy‑first, peer‑to‑peer (P2P) file transfer tool. Files are transferred directly between devices using WebRTC encrypted data channels – they are not stored on our servers.

1. Data Controller

For the purposes of applicable data protection laws (including the EU/UK General Data Protection Regulation – GDPR), the operator of ShareNow.space is the data controller for the limited personal data described in this notice.

Contact: privacy@sharenow.space

2. What data we process

The app has been intentionally built to minimise data collection. In particular:

  • File contents are never uploaded to or stored on our servers. They are transferred directly between browsers using end‑to‑end encrypted WebRTC data channels.
  • Session identifiers (short random IDs used to connect two peers) are processed on the signaling server purely to route WebRTC offers/answers and ICE candidates. These session records are automatically deleted after a short expiry window (typically within 1 hour).
  • Technical logs (such as error logs on the signaling server) may be stored for a limited period to secure the service and debug issues. These logs may contain IP addresses and user‑agent strings.

3. Analytics and tracking

We use lightweight analytics (for example, Vercel Analytics) to understand overall usage of the app (page views, performance metrics, device types). These tools are configured, where possible, to avoid tracking individuals and to use aggregated or pseudonymous data.

We do not use third‑party advertising cookies, cross‑site tracking, or sell your data to anyone.

4. Legal bases for processing (GDPR)

Under GDPR, we rely on the following legal bases to process your personal data:

  • Performance of a contract – to provide the core P2P file transfer functionality you request when you use the app.
  • Legitimate interests – to keep the service secure, monitor aggregate usage, prevent abuse, and improve performance. We balance these interests against your rights and expectations.
  • Consent – for any optional cookies or analytics that are not strictly necessary (if and when such features are added, we will ask for your consent first).

5. Cookies and local storage

ShareNow.space primarily uses browser storage and service workers to provide PWA and offline features. For example, your installation status or UI preferences may be stored locally on your device. This data does not leave your device unless your browser vendor synchronises it as part of its own services.

If we introduce optional cookies or analytics that are not strictly necessary, we will present a clear consent prompt and give you control over your choices.

6. Data retention

  • Session metadata on the signaling server is automatically deleted after expiry (around 1 hour).
  • Technical logs are kept only as long as necessary for security, troubleshooting, and legal compliance, and are then deleted or anonymised.
  • Files and file contents are never stored on our servers; they exist only on the devices participating in the transfer.

7. Your rights (EU/UK GDPR)

Where GDPR applies, you have the following rights in relation to any personal data we process about you:

  • Right of access – to request a copy of your personal data.
  • Right to rectification – to correct inaccurate or incomplete data.
  • Right to erasure – to ask us to delete your data where there is no longer a lawful basis.
  • Right to restriction – to request that we limit how we use your data.
  • Right to object – to object to processing based on our legitimate interests.
  • Right to data portability – to receive your data in a structured, commonly used format where technically feasible.

To exercise any of these rights, contact us at privacy@sharenow.space.

8. International transfers

Our infrastructure and analytics providers may operate in different countries. Where personal data is transferred outside the EU/UK, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent protections offered by our processors.

9. Security

All P2P connections use WebRTC with DTLS encryption built in. We also apply industry‑standard security practices on our infrastructure to protect signaling metadata and logs from unauthorised access.

10. Contact & complaints

If you have questions about this policy or how we handle your data, please email us at privacy@sharenow.space.

You also have the right to lodge a complaint with your local data protection authority if you believe that we have violated applicable data protection laws.

This page is provided for transparency and to help you understand how ShareNow.space works from a privacy and GDPR perspective. For details about the technical architecture, see the description on ourhomepage.

Privacy-friendly analytics only

We use lightweight, anonymised analytics to understand usage and keep ShareNow running smoothly. No ads, no cross-site tracking, and your files never touch our servers. You can learn more in ourPrivacy & GDPR policy.