Updated at: 2026-04-28.
Effective Date: April 25, 2026
This Privacy Policy explains how SSLFile.com collects, uses, stores, protects, and discloses information when users access or use SSLFile.com, including file uploads, file transfers, downloads, shared links, account features, paid features, and related services. SSLFile.com is a subsidiary of Dot Coms, Inc.
SSLFile.com is designed to support secure file transfer workflows, including workflows that may involve protected health information, also known as PHI, when used by covered entities, business associates, healthcare providers, behavioral health providers, substance use treatment providers, clinics, organizations, and authorized users who are responsible for handling sensitive information.
By using SSLFile.com, creating an account, uploading files, downloading files, sharing transfer links, or using any feature of the service, you acknowledge that information may be collected, processed, protected, retained, and disclosed as described in this Privacy Policy.
SSLFile.com may collect information that you provide directly, information generated through your use of the service, and technical information automatically collected by the platform. This may include account information, contact information, uploaded file information, transfer activity, download activity, payment-related information, device information, browser information, IP addresses, access logs, security logs, audit logs, and other data necessary to operate, secure, monitor, and improve the service.
When you create an account or use account-based features, SSLFile.com may collect information such as your name, email address, username, password credentials, account settings, subscription status, plan information, billing status, user role, access permissions, and related account activity. Passwords are intended to be stored using secure technical methods and are not intended to be visible in plain text.
Users may upload, transmit, receive, or store files that contain PHI, personally identifiable information, confidential business information, clinical records, financial information, legal information, or other sensitive content. SSLFile.com does not require users to upload PHI, but when PHI is uploaded by or on behalf of a covered entity or business associate, SSLFile.com will handle that information according to applicable service terms, applicable Business Associate Agreement requirements, and the privacy and security safeguards described in this Privacy Policy.
When SSLFile.com creates, receives, maintains, or transmits PHI on behalf of a covered entity or another business associate, SSLFile.com may function as a business associate under HIPAA. In those circumstances, use of the service for PHI may require an executed Business Associate Agreement before PHI is uploaded, transmitted, stored, or shared through the service. Users are responsible for determining whether they are covered entities, business associates, or otherwise subject to HIPAA or other privacy laws.
When you upload or share files, SSLFile.com may collect and process information related to those transfers, including file names, file sizes, file types, transfer names, transfer messages, transfer links, expiration settings, password-protection settings, download limits, upload times, download times, transfer status, user permissions, recipient access activity, and related metadata necessary to operate and secure the service.
Uploaded files are processed to provide file transfer, storage, download, access control, password protection, expiration, secure deletion, audit logging, and related service functions. SSLFile.com may store, transmit, copy, restrict, delete, or otherwise process uploaded files as necessary to operate the service, maintain security, enforce the Terms and Conditions, comply with applicable agreements, respond to abuse reports, comply with lawful requests, or protect users, SSLFile.com, Dot Coms, Inc., and third parties.
SSLFile.com uses administrative, technical, and physical safeguards intended to protect information handled through the service. These safeguards may include HTTPS/TLS encryption during transmission, encryption at rest where files are stored, password-protected transfers, unique user identification, user-based access controls, audit logging, retention controls, secure deletion controls, account authentication, monitoring of suspicious activity, server security controls, restricted administrative access, and other security measures designed to protect against unauthorized access, use, disclosure, alteration, or destruction of information.
SSLFile.com is designed to support unique user accounts and user-based access controls. Users are responsible for maintaining accurate account information, protecting login credentials, assigning access appropriately, limiting access to authorized persons, and ensuring that transfer links, passwords, and shared files are provided only to intended recipients.
SSLFile.com may maintain audit logs, access logs, transfer logs, download logs, administrative logs, security logs, and related records to support account security, system integrity, operational review, incident investigation, abuse prevention, compliance review, and legal obligations. These logs may include user identifiers, IP addresses, timestamps, browser and device information, file transfer activity, login activity, access activity, download activity, deletion activity, and other security-relevant events.
SSLFile.com may collect information when a transfer link is viewed or a file is downloaded. This information may include IP address, date and time of access, browser type, device type, operating system, country or approximate location derived from technical data, referrer information, transfer viewed, file downloaded, user account associated with the action, and related access activity.
SSLFile.com may automatically collect technical information from users and visitors, including IP address, browser type, browser version, operating system, device type, screen information, language settings, referring pages, visited pages, timestamps, error information, session data, cookies, and similar technical identifiers.
SSLFile.com may use cookies, session cookies, local storage, and similar technologies to keep users logged in, remember preferences, support security features, prevent abuse, measure service performance, process account activity, and improve the user experience. Users may control cookies through browser settings, but disabling cookies may affect login, file transfer, payment, security, or other service features.
If SSLFile.com offers paid plans or premium features, payment information may be processed by third-party payment providers. SSLFile.com may receive limited billing-related information, such as payment status, transaction identifiers, plan type, subscription status, renewal status, billing email, and payment confirmation. SSLFile.com does not need to store full payment card numbers when payments are handled by third-party processors.
SSLFile.com may use collected information to operate the service, create and manage accounts, process uploads and downloads, generate transfer links, authenticate users, manage user access, provide customer support, process payments, maintain security, detect abuse, prevent fraud, enforce the Terms and Conditions, investigate technical problems, monitor system performance, support audit logging, communicate with users, comply with applicable legal obligations, and protect the confidentiality, integrity, and availability of information handled through the service.
When SSLFile.com handles PHI as a business associate, SSLFile.com may use or disclose PHI only as permitted by the applicable Business Associate Agreement, as necessary to provide the service, as required by law, or as otherwise permitted under applicable privacy and security requirements. SSLFile.com does not use PHI for advertising, marketing, resale, or unrelated commercial purposes.
SSLFile.com supports limited and controlled access to sensitive information. Administrative access to files, transfer data, account data, logs, or other sensitive information is intended to be limited to authorized personnel or service providers who need access for operational, security, legal, support, abuse-prevention, or compliance purposes.
SSLFile.com may use information, including logs and technical identifiers, to identify suspicious activity, unauthorized access, malware distribution, phishing, spam, fraudulent activity, excessive usage, prohibited content, account compromise, attacks against the service, and other security or abuse concerns. SSLFile.com may restrict, disable, remove, suspend, delete, or preserve files, transfers, or accounts when necessary to protect the service and its users.
SSLFile.com may use, preserve, or disclose information when reasonably necessary to comply with applicable laws, regulations, legal processes, lawful requests, subpoenas, court orders, enforcement actions, rights complaints, abuse reports, security investigations, or applicable contractual obligations. SSLFile.com may also preserve information when necessary to establish, exercise, or defend legal rights.
SSLFile.com may share information with service providers, payment processors, hosting providers, storage providers, infrastructure providers, email providers, security providers, content delivery providers, professional advisors, law enforcement, legal authorities, or other parties when necessary to operate the service, process payments, maintain security, respond to abuse, comply with law, protect rights and safety, or fulfill service obligations.
SSLFile.com may rely on third-party service providers and subcontractors for hosting, storage, infrastructure, email delivery, payments, analytics, security, backups, monitoring, content delivery, and other operational functions. When required for PHI-related services, SSLFile.com will use appropriate agreements or contractual protections with subcontractors that create, receive, maintain, or transmit PHI on behalf of SSLFile.com.
Files shared through transfer links may be accessible to anyone who possesses the link unless additional protections are enabled. Users are responsible for deciding who receives transfer links and whether password protection, expiration limits, download limits, account-based access, or other available safeguards should be used. SSLFile.com is not responsible for access caused by a user’s disclosure, forwarding, publication, weak password selection, failure to enable safeguards, or mismanagement of transfer links.
SSLFile.com may retain account information, file information, transfer information, logs, payment records, security records, and related data for as long as necessary to operate the service, maintain accounts, provide transfers, comply with legal obligations, resolve disputes, enforce agreements, prevent abuse, maintain backups, support audit and security review, and protect the security and integrity of the service.
Files may be deleted when transfers expire, when users delete transfers, when account limits require deletion, when accounts are closed, when files violate the Terms and Conditions, or when SSLFile.com determines that removal is necessary for legal, security, abuse-prevention, compliance, or operational reasons. SSLFile.com uses deletion controls intended to remove files from active systems when deletion is requested or triggered. Deleted files may remain temporarily in backups, logs, or residual storage until ordinary backup, retention, and deletion cycles are completed.
SSLFile.com may maintain backups, system copies, security records, and recovery data as necessary to support service continuity, data integrity, legal compliance, security investigation, disaster recovery, and operational reliability. Backup data is intended to be protected by appropriate security safeguards and retained according to applicable operational and retention requirements.
SSLFile.com maintains processes intended to identify, investigate, respond to, and document suspected security incidents involving unauthorized access, use, disclosure, alteration, or destruction of information. Where required by law or applicable agreement, SSLFile.com will provide notifications regarding reportable breaches or security incidents involving PHI or other protected information.
Users who upload, transmit, receive, or store PHI or other sensitive information are responsible for using the service appropriately, limiting uploaded information to what is necessary, verifying recipient identity, selecting appropriate transfer settings, using strong passwords, protecting account credentials, maintaining required authorizations, complying with applicable privacy laws, and ensuring that their own policies, procedures, workforce practices, and legal obligations support compliant use of the service.
Organizations that intend to use SSLFile.com to upload, transmit, receive, maintain, or store PHI may be required to execute a Business Associate Agreement before using the service for PHI. Requests regarding Business Associate Agreements may be submitted through the contact page or other contact method provided on SSLFile.com.
Users may be able to access, update, correct, or delete certain account information through account settings or by contacting SSLFile.com. Users may also control some transfer settings, such as expiration dates, passwords, access permissions, and download limits, where those features are available. Some information may be retained where required for legal, security, billing, backup, fraud-prevention, compliance, audit, or operational purposes.
When PHI is handled through SSLFile.com on behalf of a covered entity or business associate, requests by individuals to access, amend, restrict, obtain an accounting of disclosures, or exercise other rights regarding PHI should generally be directed to the covered entity or organization responsible for the PHI. SSLFile.com may assist covered entities or business associates with such requests as required by an applicable Business Associate Agreement.
SSLFile.com may send service-related emails, including account notices, password reset emails, transfer notifications, security alerts, payment notices, administrative messages, and important service updates. Users should avoid placing unnecessary PHI or highly sensitive information in email subject lines, transfer messages, or other unstructured text fields unless appropriate safeguards and organizational policies permit it. Marketing emails, if used, may include an unsubscribe option where required by applicable law.
SSLFile.com may process, store, or transmit information through servers, providers, or infrastructure located in different jurisdictions. By using SSLFile.com, you understand that information may be transferred to and processed in locations where privacy and data protection laws may differ from those in your location. Users are responsible for determining whether their use of the service is permitted under laws that apply to their organization, clients, patients, or data.
SSLFile.com is not intended for children under the age required to consent to online services in their jurisdiction. Users who are not legally able to use the service independently must not use SSLFile.com without appropriate authorization. SSLFile.com may remove accounts or information if it determines that the service has been used by a person who is not permitted to use it.
SSLFile.com uses safeguards intended to protect information and support secure file transfer. However, no online service, storage system, transmission method, or security control can be guaranteed to be completely secure. Users are responsible for protecting passwords, transfer links, sensitive files, account access, authorized recipient lists, and devices used to access the service.
SSLFile.com does not sell PHI. SSLFile.com does not use PHI uploaded, transmitted, received, maintained, or stored through the service for advertising, marketing resale, data brokerage, or unrelated commercial profiling.
If SSLFile.com, Dot Coms, Inc., or any portion of their business, assets, ownership, or operations is sold, transferred, merged, reorganized, or assigned, user information, files, transfer data, and related records may be transferred as part of that transaction or evaluation process, subject to applicable law, applicable agreements, and any required protections for PHI or other protected information.
Depending on your location, you may have rights to request access, correction, deletion, restriction, portability, or objection regarding certain personal information. Requests may be submitted through the contact page or other contact method provided on SSLFile.com. SSLFile.com may require verification before processing a request and may deny or limit requests where permitted by law, where the information is maintained on behalf of another organization, or where retention is required for legal, security, compliance, audit, or operational purposes.
California residents may have additional rights under applicable California privacy laws, including the right to request access to certain personal information, request deletion of certain personal information, request correction of inaccurate information, and receive information about categories of personal information collected, used, disclosed, or shared. SSLFile.com does not sell personal information in the traditional sense. If advertising or analytics tools are used in a way that may be considered a sale or sharing under applicable law, SSLFile.com will provide any required choices or notices.
Some browsers offer “Do Not Track” signals. SSLFile.com may not respond to all browser-based Do Not Track signals because no uniform industry standard has been adopted for such signals. Users may manage cookies and similar technologies through browser settings where available.
SSLFile.com may update this Privacy Policy at any time. Updated versions may be posted on the website with a revised effective date. Continued use of SSLFile.com after an updated Privacy Policy is posted means you acknowledge the updated policy.
Questions, privacy requests, HIPAA-related requests, Business Associate Agreement requests, legal notices, abuse reports, security concerns, or concerns regarding this Privacy Policy may be submitted through the contact page or other contact method provided on SSLFile.com. SSLFile.com may require sufficient information to identify the relevant account, transfer, file, issue, or request before taking action.