Proton Drive - Privacy policy

This sub-policy is an integral part of the Proton Privacy Policy. It details the data processing activities specifically related to the creation and activity of your Proton Account when you use Proton Drive.

Account Activity: All files in Proton Drive are protected with end-to-end encryption and Proton does not possess the ability to decrypt end-to-end encrypted data and therefore cannot share them with third parties. Furthermore, metadata such as filenames, folder names, thumbnail previews are also end-to-end encrypted. We also only store the size of the encrypted files, and not the size of the original unencrypted file, which is therefore obfuscated in our system. In addition to end-to-end encryption, all content is also cryptographically signed. This means that you can always check the signature of any content you receive from our servers, which protects you from forgery (e.g. by a malicious actor). In order to operate the service and support some of the required features, we do have access to file/folder creation and modification times, permissions, and the username that created or uploaded a particular file (required in order to perform cryptographic signature checks in order to verify file authenticity).

When sharing URLs, we have access to the creation and last access time, the number of times the URL was accessed to and its creator. However, we do NOT have access to file contents, file and folder names, and thumbnail previews. Such data is end-to-end encrypted. We can only access the contents of a shared file or folder if a sharing URL is sent to us by a third party that themselves has access to the shared file, along with the access password (if enabled). This can happen from time to time, for instance, if the third party is reporting abuse to us.

Note, if you trash a file, it is not actually deleted until you permanently delete it from trash. Furthermore, if Proton Drive's file versioning feature is activated, overwriting a file will not delete the previous version, which will remain available until it is permanently deleted by the user.

Data security: All servers used in connection with the provision of the Services are wholly owned and operated by Proton or our subsidiaries. Access to our infrastructure and servers is tightly controlled: only employees of Proton have physical or other access to the servers. Data is always stored in encrypted format on our servers, which are exclusively located in Switzerland, Germany or Norway, under the protection of some of the world's strongest privacy laws. Offline backups, which may be stored periodically, are also encrypted. We cannot decrypt any user encrypted content on either the production servers or in the backups. Backups are kept for up to 30 days.