Your data stays private: Files and chats are isolated to your session only
Zero data retention: All AI providers have strict zero data retention policies - your data is never stored, logged, or used for training
Sandboxed processing: All AI agents run in isolated containers with strict security
You control your data: Delete files, sessions, or your entire account anytime
Invite-only access: Only approved emails can use FileSurf (no public registration)
Enterprise security: TLS 1.2+ encryption, HttpOnly cookies, and secure data storage
At FileSurf, we take your privacy seriously. We've built our platform with security and data protection as core principles. This policy explains how we handle your data and the measures we take to keep it safe.
All AI agents run in isolated, sandboxed containers. This ensures that processing happens in a secure environment with strict access controls, preventing unauthorized access to your data.
We use a carefully selected mix of AI providers to deliver the best models at affordable prices. Given the fast pace of AI development, our provider selection may change over time to ensure you always have access to the best AI capabilities.
Current providers:
Zero Data Retention Guarantee:
Learn more about our providers' data protection policies: AWS Bedrock | Fireworks AI | Cerebras
Each user session is completely isolated. Your files and conversations are only accessible to you and cannot be viewed by other users.
We use invite-only authentication. Only pre-approved email addresses can access the platform. Secure, HttpOnly cookies with 365-day expiration protect your session.
AI Processing - Zero Data Retention: Your prompts and AI responses are processed in real-time and are never retained by our AI service providers. We configure all providers to explicitly disable data logging and retention.
Session Data: Your uploaded files are stored in your workspace until you explicitly delete them. Conversation data (chat messages) is kept in short-term storage for retrieval during your session. Conversations older than 1 day are automatically wiped by a scheduled daily cleanup job — there is no long-term retention of conversation history beyond that window.
Account Data: Your email and user ID are retained for the lifetime of your account unless you request deletion.
You have the following rights regarding your data:
FileSurf operates on an invite-only basis. This means:
TLS 1.2+ Encryption
All data in transit is encrypted
HttpOnly Cookies
Protected from XSS attacks
Container Isolation
AI agents run in sandboxes
Secure Data Storage
Industry-standard encryption
When you connect your own AI subscriptions (such as ChatGPT Plus/Pro, Kimi Coding Plan, Z.ai Coding Plan, or Minimax Coding Plan) to FileSurf, your messages and prompts are sent directly to those third-party services for processing.
Important: Messages processed through your connected AI subscriptions are subject to the privacy policies and data handling practices of those third-party providers. FileSurf cannot control what data these services collect, store, or use. Please review the privacy policies of the respective AI providers before connecting your accounts.
We may update this privacy policy from time to time. When we do, we'll update the "Last updated" date at the top of this page. We encourage you to review this policy periodically to stay informed about how we protect your information.
If you have any questions about this privacy policy or how we handle your data, please contact the administrator.