Privacy Policy

Last Updated: January 2025

                🇨🇦 Canadian Privacy Commitment: FileWalla Controlled Delivery is a Canadian company committed to protecting your privacy while maintaining legal compliance with Canadian law. We use server-side encryption to balance security with our responsibility to prevent criminal abuse.            

1. Information We Collect

We collect the following information:

Account Information: Email address, username, password (Bcrypt hashed), group number
Payment Information: Processed securely by Stripe (we do not store credit card details)
File Data: Files you upload (encrypted with AES-256-CBC), filenames, file sizes, upload timestamps
Usage Data: Login history, IP addresses, browser information, audit logs
Messages: Encrypted messages you send within groups

2. How We Use Your Information

We use your data to:

Provide secure file sharing and group collaboration services
Process payments and manage subscriptions
Send account notifications and service updates
Maintain platform security and prevent abuse
Comply with legal obligations and law enforcement requests
Scan files for illegal content (CSAM, pirated material, etc.)

3. Server-Side Encryption & Access

                Important: FileWalla uses server-side encryption (NOT end-to-end encryption). This means:                Your files are encrypted and protected from unauthorized access
Our administrators CAN access files when legally required
We scan files for illegal content to protect our platform and comply with law
We cooperate with law enforcement investigations when legally required

            

4. Data Sharing & Disclosure

We may share your information:

With Law Enforcement: When legally required by court order or to report illegal content
With Authorities: To report CSAM to NCMEC, Cybertip.ca, and Canadian law enforcement
With Service Providers: Stripe (payments), email providers, hosting providers
Never Sold: We NEVER sell your data to third parties

5. Data Retention & Deletion

Files are automatically deleted after 14 days (Advanced) or 30 days (Premium+)
Messages are automatically deleted after the same retention period
Account data is retained while your subscription is active
Audit logs may be retained for legal compliance purposes
You can request account deletion at any time via support@filewalla.ca

6. Security Measures

We protect your data with:

AES-256-CBC encryption for files and messages
Bcrypt password hashing
Two-Factor Authentication (Google Authenticator)
Brute force protection and IP lockout
SQL injection prevention
Secure session management
Comprehensive audit logging

7. Your Rights

You have the right to:

Access your personal data
Request data correction or deletion
Export your files before they expire
Cancel your subscription at any time
Opt-out of marketing emails (service emails are required)

8. HIPAA Compliance

FileWalla meets HIPAA compliance standards for healthcare organizations. We sign Business Associate Agreements (BAA) with healthcare customers upon request.

9. Cookies & Tracking

We use essential cookies for authentication and session management. We do not use third-party tracking or advertising cookies.

10. Changes to Privacy Policy

We may update this Privacy Policy periodically. Continued use of the service after changes constitutes acceptance.

Contact Us

For privacy questions or data requests, please contact us here.