Security & Privacy
Learn how Transwerly protects your files and personal data with enterprise-grade security measures.
Encryption
Transwerly uses industry-standard encryption to protect your data at every stage:
- In transit: All data transfers are encrypted using TLS 1.3, ensuring your files cannot be intercepted during upload or download.
- At rest: Files stored on our servers are encrypted using AES-256 encryption, the same standard used by financial institutions and government agencies.
- End-to-end (Enterprise): Enterprise customers can enable end-to-end encryption where files are encrypted on your device before upload and decrypted only by the intended recipient.
Access Control
Transwerly provides multiple layers of access control to ensure only authorized users can access your files:
Password Protection
Set a password on any transfer link. Recipients must enter the correct password before they can view or download files. Passwords are hashed and never stored in plain text.
Download Limits
Restrict the number of times a transfer link can be used. Once the download limit is reached, the link automatically expires. This prevents unauthorized redistribution of your files.
Link Expiration
All transfer links have configurable expiration dates. After expiration, the link becomes inactive and files are no longer accessible. Free plan links expire after 7 days, while Pro and Enterprise plans offer custom expiration periods.
Data Privacy
We take your privacy seriously. Here is how we handle your data:
- Minimal data collection: We only collect data necessary to provide the service. We do not sell or share your personal data with third parties for advertising purposes.
- Data residency: Your data is stored in the region you choose. Enterprise customers can select specific data centers for compliance with local regulations.
- Data deletion: You can delete your files and account at any time. Deleted data is permanently removed from our servers within 30 days.
- Transparency: We provide detailed logs of all data access and processing activities. Enterprise customers receive regular compliance reports.
Infrastructure Security
Our infrastructure is built with security as a foundational principle:
- SOC 2 Type II certified data centers with 24/7 physical security, biometric access controls, and video surveillance.
- Regular penetration testing by independent security firms to identify and address potential vulnerabilities.
- Automated threat detection systems that monitor for suspicious activity and respond in real time.
- Disaster recovery with geo-redundant backups ensuring 99.99% uptime and data durability.
Compliance
Transwerly meets the following compliance standards and certifications:
| Standard | Status | Availability |
|---|---|---|
| GDPR | Compliant | All plans |
| SOC 2 Type II | Certified | All plans |
| HIPAA | Compliant | Enterprise |
| ISO 27001 | Certified | Enterprise |
| CCPA | Compliant | All plans |
Common Questions
Yes. Transwerly is fully GDPR compliant. We process personal data lawfully, provide transparency about data usage, and give users full control over their data including the right to access, rectify, and delete their information.
Files are stored in geo-redundant data centers located in the European Union and the United States. Enterprise customers can choose their preferred data region for compliance requirements.
No. Transwerly employees cannot access your files. All files are encrypted at rest and access is strictly controlled. Only automated systems process files for virus scanning and integrity checks.
When you delete your account, all personal data and uploaded files are permanently removed within 30 days. Active transfer links are immediately deactivated. This process is irreversible.