Where is my data stored?

In the EU am Main, on ISO-27001-certified EU cloud infrastructure with EU jurisdiction. No US corporate parent, no extraterritorial disclosure obligations (no CLOUD-Act risk). Our product is not itself ISO-27001-certified, the underlying infrastructure is.

What exactly does Zero-Knowledge mean?

In zero-knowledge mode, your browser encrypts the file before it reaches our server. The key is never transmitted. Even under lawful disclosure we could only hand over ciphertext, technically useless. Many providers market as E2E but derive the key server-side from the password. That isn't zero-knowledge. Ours is.

How does the passwordless retrieval work?

On the first download, the recipient verifies with a password. Their device receives a tenant-bound trust token, valid for 12 months. Follow-up transfers from the same sender to the same recipient on the same device arrive without a password. Safer than emailing passwords, more convenient than any alternative. Admin and user can revoke the token at any time.

Can I also receive files, not only send?

Yes. Pool folders let your team create a secure upload space and invite externals by email. Clients, patients, applicants or suppliers upload encrypted, no account, no software, no email size limit. Notifications run through SecureFiles, files are virus-scanned before release.

How does SecureFiles integrate with Outlook?

The SecureFiles add-in runs in classic Outlook (COM), new Outlook, and Outlook on the Web. It's rolled out centrally via Microsoft 365 Admin Center. Users work as usual, one click replaces the attachment with an encrypted link. No training required.

A public REST API is planned for Q3 2026 (Phase 2). Today, we can already provide webhooks and CLI-based integrations on request.

How much does SecureFiles cost?

SecureFiles is billed per user per month, with a Standard and an Enterprise tier (the latter with a higher per-file size cap, plus extended branding and compliance features). Contact us for an individual quote.

Is there a public link I can share freely?

Yes. Alongside the addressed transfer and the Secure Inbox, there's the public share link: a single link you can distribute via email, intranet, or social media. Anyone with the link can download (download-only, no reply channel). Protected by a hard total-download cap, tightened IP and link rate-limiting, and an optional password. Tenant admins enable the feature explicitly.

New · Available now

Securefile transfer,without limits.

Send and receive encrypted, straight from Outlook. Hosted in the EU, GDPR-compliant, no US cloud. For teams exchanging sensitive data who'd rather not worry about it.

Request a demo Learn more

Sending files today vs. secure file transfer with SecureFiles.

Why 25 MB attachment caps, forced cloud logins and consumer filesharing aren't an answer to GDPR-compliant file exchange.

Without SecureFiles

25 MB attachment limit caps every larger file.
Cloud shares force recipients to log in to the provider.
Consumer filesharing caches in the US. GDPR grey zone.
FTP requires CLI knowledge and plaintext passwords.

Sharing modes

Three ways to share files securely.

Every use case asks for a different kind of share. SecureFiles ships all three out of one product, without tier upcharges.

By email

To specific recipients

Encrypted transfer to named email addresses. Every recipient gets their own download budget. A reply channel can be enabled for return uploads.

Shared folder

Secure inbox

Your team creates a shared pool folder and invites externals by email. Clients, patients and suppliers deliver files without an account, without installing software.

Sicherheit

End-to-end encryption, malware scan and audit log by default

The security controls GDPR Art. 32 and NIS-2 demand run quietly in the background, no extra click.

Zero-Knowledge end-to-end

Optionally client-side encrypted, we cannot technically decrypt your data. Not derived from the password, true zero-knowledge.

securefiles.app/transfer/9f2a

Im Browser

vertrag.pdf

Klartext

Auf dem Server

ihrefirma.de/sendto/max-mueller

Dateien an Max Müller senden

Ihre Firma GmbH · Verschlüsselte Übertragung

Datei hier ablegen

oder klicken zum Auswählen

gutachten-2026.pdf14 MB

Passwordless-Abruf

Secure file sharing without password ping-pong: passwordless retrieval for returning recipients

On the first retrieval, the recipient verifies with a password. For 12 months, their device remembers the trust relationship. The second, third, tenth transfer arrives without the password ping-pong, more secure than emailed passwords, more convenient than any alternative.

Device-bound trust (12 months)
Revocable by admin or user at any time
Rate-limited + IP-hashed against abuse

MacBook Pro · Chrome

vertraut seit 03. Feb. 2026

Neue E-Mail. Outlook

Senden

Anfügen

Signieren

SecureFiles

Anmax@kunde.de

BetreffVertragsentwurf + Baupläne

GDPR-compliant file transfer from the EU, NIS-2 ready

No marketing seals, just verifiable facts under GDPR Art. 32 and NIS-2 Art. 21.

GDPR Art. 32

Encryption, pseudonymization, integrity control. SecureFiles meets GDPR's technical and organizational measures by default.

NIS-2 ready

Audit log, access control, retention policies and incident response hooks cover the minimum requirements of Art. 21 NIS-2.

ISO-27001 infrastructure

Hosted on ISO-27001-certified Cloudflare EU infrastructure in the EU. Our product is not itself certified, we say that openly instead of buying seals.

SecureFiles vs. other secure file exchange providers

What others charge extra for, or can't do at all, SecureFiles ships by default.

	SecureFilesRecommended	Other providers
Max. file size	No per-file size limit	Often 1–20 GB
Zero-Knowledge (E2E)	Yes, client-side encrypted

FAQ: secure file transfer with SecureFiles

What is SecureFiles?

SecureFiles is the secure way to send large files by email, including a secure inbox for external uploads. Files of any size are encrypted in transit, stored in the EU, and automatically deleted after the configured retention period. Integrated with Outlook (classic, new, and Web) as well as a web client.

How large can files be?

No hard per-file size limit, up to 50 files per transfer. That comfortably covers CAD drawings, video production, database exports, and medical imaging, up to multi-terabyte scenarios.

Is SecureFiles GDPR-compliant?

Yes. SecureFiles meets the technical and organizational measures of GDPR Art. 32 by default: encryption (in-transit + at-rest + optional zero-knowledge), access control, integrity control, processing control, and logging via audit log. A ready-to-sign DPA is available on request.

Enterprise-Ready

Fügt sich in Ihren Stack, nicht umgekehrt.

Native Integration in die Tools, die Ihr Team heute nutzt. Und die Compliance-Siegel, die Ihr Einkauf verlangt.

Microsoft 365

Exchange Online

Classic Outlook

COM Add-in

New Outlook

Web & Desktop

Entra ID

Ready for secure file transfer?

Set up in 5 minutes. Free pilot phase.

No lock-in, no CLOUD-Act exposure, hosted in the EU.

Start free trial Contact

Discover WeTransfer alternative Cryptshare alternative Send large files from Outlook

Securefile transfer,without limits.