Privacy Policy

Last updated: March 2026

1. Zero-Knowledge Architecture

SecureBin.ai employs a zero-knowledge encryption model. This means:

• All encryption and decryption happens entirely in your browser using the Web Crypto API.
• Your data is encrypted with AES-256-GCM before it is transmitted to our servers.
• The encryption key is derived client-side and is never sent to our servers. It is included only in the URL fragment (the part after the #), which browsers do not transmit in HTTP requests.
• We have no technical ability to read, decrypt, or access the contents of your pastes.

2. No Account Required

SecureBin.ai does not require you to create an account, provide an email address, or supply any personal information to use our service. You can create and share encrypted pastes completely anonymously.

3. Information We Do Not Collect

We do not collect:

• Names, email addresses, or any personally identifiable information
• The unencrypted contents of your pastes
• Encryption keys or passwords used to protect your pastes
• IP addresses for tracking purposes
• Browsing history or behavioral profiles

4. Client-Side Encryption

All cryptographic operations are performed in your browser using industry-standard algorithms:

• AES-256-GCM for symmetric encryption of paste content
• PBKDF2 for key derivation when password protection is used
• Web Crypto API for all cryptographic operations, ensuring hardware-accelerated, auditable security

The encryption key never leaves your device. Even if our servers were compromised, your data would remain encrypted and unreadable.

5. Hosting and Infrastructure

SecureBin.ai is hosted on Cloudflare Workers, a serverless edge computing platform. Cloudflare may process standard connection metadata (such as IP addresses) as part of delivering the service. Cloudflare's handling of this data is governed by Cloudflare's Privacy Policy.

We chose Cloudflare for its strong privacy practices, global edge network, and commitment to not selling user data.

6. Cookies and Local Storage

SecureBin.ai does not use cookies for tracking or advertising purposes. We use only:

• localStorage to save your theme preference (light or dark mode). This data never leaves your browser and is not transmitted to any server.

No third-party tracking cookies are set by SecureBin.ai itself.

7. Google Analytics

If Google Analytics is enabled on SecureBin.ai, it may collect anonymized usage data such as:

• Page views and navigation patterns
• Browser type, operating system, and screen resolution
• Approximate geographic location (country/region level)
• Referral source (how you found SecureBin.ai)

Google Analytics does not have access to the contents of your pastes or encryption keys. If enabled, we use Google Analytics with IP anonymization turned on. You can opt out of Google Analytics by using a browser opt-out extension.

8. Google AdSense

SecureBin.ai may display advertisements served by Google AdSense. Google AdSense may use cookies and web beacons to serve ads based on your prior visits to this and other websites. Specifically:

• Google uses the DoubleClick cookie to serve ads based on your browsing history.
• You may opt out of personalized advertising by visiting Google Ads Settings.
• You may opt out of third-party vendor cookies by visiting aboutads.info.

Advertisements displayed on SecureBin.ai have no access to the encrypted contents of your pastes or any encryption keys.

9. Data Storage and Retention

Encrypted paste data is stored in Cloudflare KV (a global key-value store). Important details:

• All stored data is encrypted client-side before storage. We store only ciphertext.
• Pastes are automatically deleted according to the expiration time (TTL) you select when creating a paste.
• "Burn after reading" pastes are permanently deleted after a single view.
• We do not create backups of paste data beyond Cloudflare KV's standard replication.
• Once a paste expires or is burned, it is permanently and irrecoverably deleted.

10. Data Sharing

We do not sell, rent, trade, or otherwise share your data with any third parties. Since we operate under a zero-knowledge model, we do not possess any readable user data to share.

We may be required to comply with valid legal requests. However, because all stored paste data is encrypted and we do not hold decryption keys, we can only provide encrypted ciphertext, which is unreadable without the key held solely by the paste creator.

11. Developer Tools

All processing performed by our free developer tools (hash generators, Base64 encoders, JSON formatters, etc.) happens entirely in your browser. No input data from any tool is transmitted to our servers.

12. GDPR Compliance

For users in the European Economic Area (EEA), SecureBin.ai is designed with privacy by design and by default:

• Data minimization: We collect no personal data.
• Purpose limitation: Any technical data processed is used solely to deliver the service.
• Right to erasure: Pastes are automatically deleted per your chosen TTL. No personal data is retained.
• Right to access: Since we collect no personal data, there is no personal data to provide.
• Data portability: You can decrypt and download your paste content at any time before expiration.

13. CCPA Compliance

For California residents under the California Consumer Privacy Act (CCPA):

• We do not collect personal information as defined by the CCPA.
• We do not sell personal information to any third party.
• We do not discriminate against users who exercise their privacy rights.

14. Children's Privacy

SecureBin.ai is not directed at children under 13. We do not knowingly collect personal information from children. Since we collect no personal information from any user, this applies universally.

15. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Your continued use of SecureBin.ai after changes are posted constitutes acceptance of the revised policy.

16. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:

Email: privacy@securebin.ai