Privacy Policy

Effective Date: 2/24/26

  1. Introduction

Zoof  (“we,” “us,” or “our”) is committed to protecting your privacy. This policy explains how we handle your information in our peer-to-peer (P2P) file delivery application. Our service is designed with Privacy by Design principles, ensuring we process only the minimum data necessary to facilitate your transfers.

  1. Data We Collect (And Data We Don’t)
  • The Files: We never see, store, or have access to the files you send. Files are encrypted end-to-end and move directly from your device to the recipient’s device.
  • Metadata (Logged): To provide your transfer history and manage your subscription, we log:
    • File names and sizes.
    • Timestamps of the transfer.
    • Account identifiers (email/username/first name/last name).
  • Technical Data: We temporarily process IP addresses to “handshake” the P2P connection. This data is not stored longer than necessary to maintain the connection.
  1. Legal Basis for Processing (GDPR Article 6)

We process your metadata based on:

  • Contractual Necessity: To provide the file delivery service you subscribed to.
  • Legitimate Interests: To prevent fraud, ensure network security, and manage service load.
  1. Data Residency and Security
  • European Hosting: All metadata and account information are stored on secured servers located within the European Union.
  • Encryption: While we cannot see your files (due to end-to-end encryption), the metadata on our servers is also encrypted at rest using industry-standard protocols.

Zero Third-Party Sub-Processors: We do not engage third-party sub-processors to facilitate your primary service for the file transfers. We do have sub-processors for handling our email traffic.

  1. Your Rights Under GDPR

As a user in the EEA/UK, you have the following rights:

  • Right to Access: You can request a copy of the metadata we have logged for your account.
  • Right to Erasure (“Right to be Forgotten”): You may request the deletion of your account and all associated transfer logs.
  • Right to Portability: You can request your transfer history in a machine-readable format.
  • Right to Object: You can object to our processing of your data for legitimate interests.
  1. Data Retention

We retain meta data and account details for the life-time of your account. Relevant and required meta data will be held in retention for a maximum of 5 years after account closure and creation of that meta data, after which it will be deleted.

  1. Contact & Data Protection Officer (DPO)

For any privacy-related inquiries or to exercise your rights, please contact our Data Protection Officer:

DPO Name/Department: Can be contacted via privacy@zoof.one