Privacy Policy

Filvacy (filvacy.com, filvacy.ca, filvacy.eu) is a secure document collection and sharing service designed for professionals. The service is operated from Quebec, Canada.

This privacy policy describes how we collect, use, retain, and protect your personal information and that of your clients. It forms an integral part of our Terms of Use.

For any questions regarding this policy: contact@filvacy.com

2.1 Professional Accounts

• Name, email address, phone number, organization name
• Login password (stored as a hash, never in plaintext)

2.2 End Clients

• Name, email address, and phone number (optional) — used only for authentication and portal-related notifications

Filvacy does not use end clients' contact information for any purpose other than the operation of the portal for which they were invited.

2.3 Documents

• Files submitted by clients through their client space
• Files shared by the professional with their clients
• These documents are encrypted and accessible only to the relevant professional and, where applicable, the intended client (see Section 7 — Security and Encryption)

2.4 Technical Data

• IP address, browser type, operating system
• Timestamps of actions (audit log)
• Performance and error data (aggregated and anonymized)

Depending on the nature of the processing, your information is processed on the following bases:

• Performance of contract: service delivery, authentication, billing, portal-related notifications
• Consent: activation of the Recovery Service (transfer of private key to Filvacy), optional communications
• Legitimate interest: service improvement, aggregated usage analytics, fraud and abuse prevention
• Legal obligation: compliance with applicable personal information protection laws

Your information is used exclusively to:

• Provide, maintain, and improve the Filvacy service
• Authenticate users and end clients
• Send portal-related notifications (document submissions, confirmations, reminders)
• Bill subscriptions
• Comply with our legal obligations regarding personal information protection
• Analyze site usage in an aggregated and anonymous manner

We never sell, rent, or share your information for commercial or advertising purposes.

Your data and documents are never used for the training of artificial intelligence models.

Filvacy acts solely as a technical intermediary. It is not responsible for the content of documents submitted to the platform, for the use you make of them after download, or for any harm resulting from the use of documents in a manner that does not comply with applicable laws.

5.1 Documents

Documents submitted through client spaces are automatically deleted after the retention period freely configured by the professional, following the completion or expiration of the collect request.

It is the professional's responsibility to download necessary documents before their automatic deletion.

5.2 Account Data

Account data is retained for the duration of the active subscription. Upon termination, a 15-day grace period is granted to export your data (see Section 8 — Portability). After this period, the data is permanently deleted.

This grace period applies to account data only. Documents submitted through the portals continue to follow the retention period configured by the administrator and are not extended by the termination.

5.3 Audit Logs

Audit logs associated with a portal are anonymized as soon as that portal is deleted (identifying information is removed; only actions are retained). Anonymized logs are then automatically deleted after a maximum of 12 months.

To operate the service, we use specialized subprocessors. Each is bound by contractual confidentiality obligations and processes your data only within the strict scope of the service provided.

6.1 Named Subprocessors

• Supabase: database, authentication, and file storage. The hosting region is chosen by the professional when creating their account.
• Stripe: secure credit card payment processing. Stripe is PCI-DSS Level 1 certified. Filvacy does not store any credit card data.

6.2 Other Subprocessor Categories

• Transactional emails: sending client space notifications (confirmations, reminders, alerts)
• Application hosting: deployment and delivery of the web application

We do not transfer any personal information for advertising, profiling, or resale purposes.

The complete and up-to-date list of our subprocessors is available upon request at contact@filvacy.com.

7.1 General Measures

• All communications are encrypted via HTTPS (TLS)
• Files are stored encrypted at rest
• Portal access is protected by a secure authentication mechanism
• An audit log records all actions on files
• Multi-factor authentication (MFA) via TOTP is available

7.2 Zero-Knowledge Architecture

By default, Filvacy uses a zero-knowledge encryption architecture:

• Each organization has its own unique RSA key pair.
• Documents are encrypted server-side with the organization's public key.
• The private key is protected by an encryption password that only the user knows.
• Filvacy does not have access to the encryption password in plaintext and therefore cannot decrypt documents.

This means that, by default, even Filvacy cannot read your documents.

7.3 Recovery Service (Exception to Zero-Knowledge)

The user may activate an optional Recovery Service that allows Filvacy to restore access in the event of loss of both the encryption password and the recovery key.

Important: Activating this service means Filvacy stores an encrypted copy of your private key for recovery purposes. Filvacy has the technical means to decrypt it in order to perform the recovery. This constitutes an explicit exception to the zero-knowledge model.

This service is activated only with the explicit consent of an administrator and can be deactivated at any time (the backup copy is then deleted). For full details, see Section 4 of our Terms of Use.

You may download your documents, templates, and configurations at any time from your dashboard, in a standard and readable format.

After the termination of your account, a 15-day grace period is granted to export your data. A reminder will be sent to you by email before this period expires.

In accordance with applicable personal information protection laws in your jurisdiction, you have the right to:

• Access the personal information concerning you
• Request the correction of inaccurate information
• Request the deletion of your information
• Withdraw your consent at any time (including for the Recovery Service)
• Obtain the portability of your data in a structured format (see Section 8)
• File a complaint with the competent personal information protection authority in your jurisdiction

We commit to responding to any request within 30 days.

To exercise these rights: contact@filvacy.com

Filvacy uses only cookies that are strictly necessary for the operation of the service:

• Authentication and session maintenance
• Language and interface preferences

We do not use any tracking, advertising, or behavioral analytics cookies.

The Filvacy service is intended exclusively for professional use. We do not knowingly collect personal information from minors. If you become aware that a minor has provided personal information through the service, please contact us at contact@filvacy.com so that we may proceed with its deletion.

We may modify this policy at any time. In the event of a significant change, you will be notified by email at least 30 days before the changes take effect.

Continued use of the service after that date constitutes your acceptance of the modified policy. If you do not accept the changes, you may terminate your account before they take effect.

Person responsible for the protection of personal information:

Filvacy — contact@filvacy.com