Privacy Policy

1. General Provisions

This Privacy Policy describes how the administration of the Filest.one website at https://filest.one/ ("Operator", "we", "Service") processes personal data when users visit the website, upload files, download files, sign in, contact support, or use related Service features.

The Policy is published to comply with applicable personal data rules, including principles similar to those set out in Federal Law No. 152-FZ "On Personal Data" where such rules apply to the user.

2. Operator and Contact Details

• Operator: administration of the Filest.one internet resource.
• Website: https://filest.one/.
• Privacy contact: [email protected].
• Support contact: [email protected].

3. Key Terms

• Personal data means any information relating directly or indirectly to an identified or identifiable person.
• Processing means any action with personal data, including collection, recording, storage, use, transfer, blocking, deletion, and destruction.
• User means any visitor, account holder, uploader, downloader, or person contacting support through the Service.

4. Purposes, Categories of Data, Subjects, and Legal Bases

4.1 Website Access and Security

• Subjects: website visitors and users.
• Data: IP address, User-Agent, browser and operating system data, approximate country by IP address, timestamps, request logs, technical identifiers, anti-abuse signals.
• Purpose: website operation, security, abuse prevention, troubleshooting, and fraud prevention.
• Legal basis: Service operation, legitimate security needs, performance of user-initiated actions, and compliance with applicable law.

4.2 Account, Email Sign-In, and Google Sign-In

• Subjects: users who create an account or sign in.
• Data: email address, username, authentication tokens/codes, confirmation status, Google account identifier, Google email and basic profile data received during OAuth sign-in.
• Purpose: account creation, authentication, access confirmation, prevention of unauthorized access, and user support.
• Legal basis: user consent expressed by continuing sign-in/registration, and performance of a user-initiated agreement to use the Service.

4.3 File Uploading, Storage, and Downloading

• Subjects: users who upload or download files.
• Data: file name, file size, file type, generated link/code, upload and download timestamps, download statistics, downloader type, browser fingerprint used for anti-fraud checks, IP address, country, platform, and browser data.
• Purpose: storing files, generating download links, delivering files, calculating service statistics, preventing abuse, and protecting other users.
• Legal basis: performance of a user-initiated agreement to use the Service, security needs, and compliance with applicable law.

4.4 Support and Communications

• Subjects: users who contact support or use the online chat.
• Data: contact details provided by the user, message text, technical chat metadata, IP address, page URL, browser data, timestamps, and service cookies.
• Purpose: responding to user requests, resolving incidents, preventing abuse, and improving support quality.
• Legal basis: user request and consent, including consent given when accepting the Tawk.to notice before the chat is loaded.

4.5 Partner, Referral, Payout, and Anti-Fraud Features

• Subjects: registered users who use statistics, referral, payout, or monetization features.
• Data: balance, role, referral relationships, payout settings voluntarily provided by the user, download/install statistics, anti-fraud markers, and administrative status records.
• Purpose: operating account statistics, referral accounting, payout administration, anti-fraud checks, and Service administration.
• Legal basis: performance of a user-initiated agreement to use these features and compliance with applicable law.

5. Cookies, Local Storage, and Tawk.to

The Service uses technical cookies and local/session storage for authentication, language selection, security, and stable operation. We do not sell personal data and do not use cookies for advertising profiling.

The Tawk.to chat widget is used only for support. On pages where the Tawk.to notice is shown, the widget is loaded after the user accepts the notice. Tawk.to may process the minimum technical data needed to provide the chat: IP address, browser data, page URL, timestamps, chat messages, and service cookies.

6. Processing Actions and Methods

The Operator may collect, record, systematize, accumulate, store, clarify, update, modify, retrieve, use, transfer where legally permitted, block, delete, and destroy personal data. Processing may be automated or non-automated.

7. Retention Periods and Deletion

• Account data: retained while the account exists and for the period needed to protect rights, maintain security records, or comply with law.
• Uploaded files: retained until deleted by the user, by the administrator under Service rules, or when storage is no longer necessary.
• File metadata and statistics: retained while needed for Service operation, reporting, anti-fraud checks, and protection of rights.
• Access and security logs: generally retained for up to 12 months unless a longer period is required for an incident, dispute, or legal duty.
• Support messages: retained while needed to process the request and protect the rights of the user or Operator.

Personal data is deleted, anonymized, or destroyed after the processing purpose is achieved, consent is withdrawn where consent is the applicable basis, or another legal basis for deletion occurs, unless storage is required by law or needed to protect rights.

8. Disclosure and Processors

We do not sell personal data. Data may be disclosed only where necessary for Service operation, user requests, security, legal compliance, or protection of rights.

• Hosting and infrastructure providers may process data needed to operate the Service.
• Google may process data when the user chooses Google OAuth sign-in.
• Tawk.to may process data when the user accepts the chat notice and uses the support chat.
• Authorities may receive data where required by applicable law and a valid request.

9. Cross-Border Processing

The Service infrastructure is hosted by Hetzner Online GmbH in Germany. Personal data may therefore be processed outside the user's country of residence where this is necessary for Service operation, authentication, support, security, hosting, backups, or user-requested Service functions. The Operator applies reasonable contractual, organizational, and technical measures to protect such data.

10. Data Security Measures

• Access to personal data is limited to authorized persons who need it for Service operation.
• Technical and organizational measures are used to reduce unauthorized access, alteration, disclosure, deletion, and abuse risks.
• Security, anti-fraud, and access records may be maintained to detect and investigate incidents.
• No internet service can guarantee absolute security, but the Operator applies reasonable protective measures.

11. User Rights

Subject to applicable law, the user may:

• request information about processing of their personal data;
• request clarification, blocking, deletion, or destruction of inaccurate or unlawfully processed data;
• withdraw consent where processing is based on consent;
• request deletion of uploaded files where technically and legally possible;
• contact the Operator at [email protected].

12. Children

The Service is not intended for children under 13. We do not knowingly collect personal data from children under 13.

13. Changes to This Policy

The Operator may update this Policy. The current version is published on this page with the revision date.