Sharedrop is a platform for publishing AI-generated files — HTML, MHTML, Markdown, PDF, and images — and sharing them with the people who need to see them. The service is operated by scottowen.com.au(“Sharedrop”, “we”, “us”) at the domain sharedrop.cloud. This policy explains what personal information we collect, why, how we hold it, and who we share it with.
We are based in Australia and aim to handle personal information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). We have written this in plain language; if anything is unclear, email support@sharedrop.cloud.
This is the most important promise in this policy. We do not read the contents of the files you upload or share. The one exception is automated security processing: for certain file types — such as HTML and MHTML — we run an automated scan that detects and strips malicious code, so that content renders safely inside our sandboxed viewer. That is an automated safety measure applied as the file is processed; it is not a person reading your content.
A person at Sharedrop inspects the content of a specific page only when:
Our moderation model is report-based (notice-and-action). It is described in full in our Acceptable Use notice and our Terms & Conditions.
We use the following third-party processors to operate Sharedrop. Each one only receives the data needed for its function, and we do not sell your personal information.
cdn.sharedrop.cloud. Sees: the contents of pages you upload.us-east-1. Sees: page metadata, comments, access grants, audit events, and synced user records.We may also disclose personal information to courts, regulators, or law-enforcement authorities where we are required or authorised to do so by law.
Some of our processors store and process data outside Australia. Primary infrastructure runs in United States regions — Neon defaults to us-east-1and Vercel deploys to its default region. Cloudflare R2 is globally distributed, and traffic may transit other regions through Cloudflare's network in the course of delivery. By using Sharedrop you acknowledge that your personal information and uploaded content may be stored and processed overseas, primarily in the United States.
We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access. Measures include encryption in transit, sandboxed rendering of uploaded content on a separate origin, strict Content-Security-Policy headers, signed short-lived viewer tokens for private and shared pages, and rate limiting. No system is perfectly secure, but we work to limit and contain risk.
You can request access to, correction of, deletion of, or a copy of your personal information by emailing support@sharedrop.cloud. We will respond within a reasonable period. There is no self-serve export endpoint yet — we'll add one and link it here when it ships. If we decline a request, we will tell you why and how to complain.
We maintain processes to detect and respond to data breaches. Where a breach is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches scheme in the Privacy Act 1988 (Cth).
If you have a privacy complaint, email support@sharedrop.cloud and we will investigate and respond. If you are not satisfied with our response, you can escalate to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
Sharedrop is not directed to anyone under 16. We do not knowingly collect personal information from children. If you believe a child has created an account, email support@sharedrop.cloud and we will remove it.
This policy works alongside our Terms & Conditions and our Acceptable Use notice. For security disclosures see /security.
Privacy questions and requests: support@sharedrop.cloud.
We will update the “Effective” and “Last updated” dates at the top of this page when this policy changes. Material changes will be announced via email to the address on your account.