We can't read your data.
By design.
Everything is encrypted on your device before it reaches our servers. We don't have your keys. We can't decrypt your data. Nobody can — except you.
We never see your data
All encryption and decryption happens in your browser. Our servers store only encrypted blobs they cannot read. Even our team has zero access to your content.
Your keys stay on your device
Encryption keys are derived from your PIN and a secret unique to your device. They are never transmitted to any server in any form.
Military-grade encryption
AES-256-GCM authenticated encryption with Argon2id key derivation (64 MB memory-hard). The same standards used by banks and governments.
See it in action
Watch your data get encrypted in real-time — right in your browser
Your data journey
End-to-end encrypted — we never see the content
How your vault is protected
From your PIN to encrypted storage — every step happens in your browser
You enter your PIN
A 6-digit PIN you choose. Combined with your device secret, it creates a unique master key.
Keys are derived locally
Argon2id (64 MB, 3 iterations) derives your encryption key. This is intentionally slow to prevent brute-force attacks.
Data is encrypted in your browser
AES-256-GCM encrypts your files, credentials, and notes before they leave your device. Each item has its own encryption key.
Only encrypted data is stored
Our servers receive and store encrypted blobs. Without your PIN and device secret, this data is meaningless.
Multi-device access
Your device secret is stored locally by default. You can optionally enable encrypted cloud backup for multi-device access — your secret is encrypted with your PIN before upload, and the backup server stores only an encrypted blob it cannot read.
How secure sharing works
Recipients don't need an account. The server never sees the decryption key.
You click Share
A unique 6-character access code is generated in your browser. This code is the decryption key.
Content is re-encrypted
Your content is decrypted locally, then re-encrypted with a key derived from the access code (PBKDF2, 600,000 iterations).
Recipient enters the code
They open the link, type the 6-character code. Decryption happens entirely in their browser — the server never sees the code.
Link self-destructs
After expiration or max views, the encrypted data is permanently deleted. You can also revoke access instantly at any time.
What our servers can see
Spoiler: almost nothing useful
Technical specifications
For the engineers and security auditors
Open-source cryptography
Our encryption layer is open-source and available for review. We believe security should be verifiable, not just claimed. You can inspect every line of our cryptographic implementation.
Certifications & compliance
Security standards verified by our infrastructure providers
Infrastructure
EU-hosted servers
All data stored on European servers (EU-West). Your data never leaves the EU.
GDPR & CCPA compliant
We collect minimal data, encrypt everything, and honor GDPR and CCPA rights. You can delete your account and all data at any time.
SOC 2 infrastructure
Built on Supabase (SOC 2 Type II) and Cloudflare (SOC 2 Type II) infrastructure.
HIPAA-ready infrastructure
HIPAA-ready infrastructure for handling Protected Health Information (PHI). Zero-knowledge encryption and granular access controls support healthcare, legal, and finance workflows that touch PHI.
No third-party tracking
No ads, no data brokers, no selling your information. Your data is yours.
Regular security audits
We continuously audit our codebase for vulnerabilities and follow OWASP security guidelines.
Right to be forgotten
Delete your account and all encrypted data is permanently removed. No backups, no traces.
“I needed to send my ID, tax returns, and pay stubs to a landlord — and email felt wrong. In France, identity theft from leaked rental documents is a real crisis. People send their most sensitive files over email every day: ID cards, bank statements, tax notices. With that information, a hacker can open bank accounts in your name, take out loans, destroy your credit.
I wanted a way to send these files securely, watermark them so they can't be reused, and revoke access once the recipient is done. That's exactly what Digital Shell does.”
Need a security brief for your IT team?
We'll send you a tailored document covering our encryption, infrastructure, and compliance for your specific use case. Usually under 24h.
Ready to share confidentially?
Start sharing encrypted documents in minutes. Free plan, no credit card.
Learn more about Digital Shell: