Privacy Policy (RGPD)

Data Controller

Drop is operated by the Tom Vanobbergen and freely given to the community. Contact: privacy@isitsafe.be.

Data We Collect

• File metadata (filename, size, expiration) stored temporarily to serve downloads.
• Logs (IP address, timestamp, user agent) retained for security & abuse prevention.
• Donations via Ko‑fi: we only receive a total amount and donor username if publicly shared.

Purpose & Legal Basis

• Service delivery: to allow secure file transfers (Art. 6.1.b GDPR).
• Security: to detect and prevent abuse or attacks (Art. 6.1.f GDPR).
• Consent: for optional features (e.g., cookies) when you agree in the cookie banner.

Data Retention

Uploaded files and metadata are automatically deleted after the configured expiration (default 2 h). Logs are purged after 30 days.

Cookies & Tracking

We use minimal cookies for session management and performance. No analytics or third‑party tracking scripts are loaded by default.

Third‑Party Services

• OVHcloud (hosting in the EU).
• Ko‑fi (donation processing).
• Google Fonts (web fonts only).

Your Rights

• Access to personal data we hold about you.
• Rectification of inaccurate or incomplete data.
• Erasure (“right to be forgotten”) of logs linked to your IP.
• Restriction or objection to processing for non‑essential purposes.
• Data portability where applicable.

To exercise your rights, contact us at privacy@isitsafe.be.

Changes to This Policy

We may update this policy; the effective date will appear at the top. We recommend reviewing it periodically.