GDPR and data processing
This page describes Shhhs GDPR-oriented processing boundaries. It is not a certification claim and does not replace a signed DPA or formal legal review.
01
Shhhs is designed to minimize personal data. Depending on the feature, Shhhs may act as controller for account, billing, support, security, and abuse metadata, and as a service provider for encrypted payload storage and delivery metadata. Enterprise deployments may require a signed DPA.
02
Shhhs minimizes personal data by allowing anonymous free use, optional billing email for paid use, and metadata-only operations. Secret content is not used for analytics, profiling, indexing, or AI processing.
03
Processing may rely on contract performance for the service, legitimate interests for security and abuse prevention, consent where optional communication is enabled, and legal obligations for billing, tax, and compliance records.
04
Secret content follows configured TTL, view limits, burn actions, request reveal, package expiry, and scheduled cleanup. Operational metadata is retained only for service, abuse, audit, billing, and support needs.
05
Cloudflare provides infrastructure and edge security services. Paddle provides billing. These subprocessors process operational and billing data according to their own contractual and compliance programs.
06
Use the contact form for access, correction, deletion, export, objection, or billing-cancellation requests. Shhhs can act on account and metadata records it controls, but cannot decrypt or recover secret content.
No. There is no AI processing on secret content.
No. Secret recovery would weaken the privacy model.
Support can help cancel billing after billing validation, but cannot restore account access or secret content.