Privacy first
Security & Privacy
How Snow protects your files and your privacy.
Zero-knowledge architecture
Your files are encrypted in your browser before they ever leave your device. Snow servers never see your unencrypted data, your encryption keys, or your file contents.
The pipeline
How it works
Encrypt
Your browser generates a unique AES-256 encryption key and encrypts your file locally.
Shard
The encrypted data is split into 4 separate shards for defense in depth.
Upload
Shards are uploaded and stored temporarily. The encryption key stays in the URL fragment.
Share
You share the link. The recipient's browser downloads and decrypts everything locally.
Transparency
Data transparency
What we store
- Encrypted file shards (unreadable)
- Expiry timestamp
- Download count
- Hashed access codes (not plaintext)
What we never see
- Your files or their contents
- Encryption keys
- File names (encrypted)
- Your raw IP address (hashed for abuse prevention)
Under the hood
Technical details
AES-256-GCM
Industry standard authenticated encryption
Multi-layer encryption
Up to quantum-safe ML-KEM (FIPS 203)
File sharding
Split across 4 separate shards
Auto-deletion
Files permanently deleted at expiry
Minimal tracking
No analytics or tracking cookies. Device limits use hashed identifiers.
Open architecture
Transparent, auditable security model
Ephemeral by design
Auto-deletion
Files are automatically and permanently deleted when they expire. There is no archive, no backup, and no way to recover them. Choose your expiry time based on how long the recipient needs to download.