XSeal

Privacy Policy

Effective date: 30 June 2026. XSeal is operated by Website Holding.

XSeal is built so that your documents stay yours. This policy explains exactly what we collect, what we never collect, and the rights you have over your data.

What we never collect

We do not receive, transmit, or store the contents of the files you seal. When you seal a file, its SHA-256 hash is computed and only that digest leaves your browser. The bytes of your document are never sent to or held by XSeal.

What we store

Data retention

Seal records and account data are kept for as long as your account is active, so your seal history stays verifiable; you can delete individual seals at any time, and closing your account removes your account data. Support messages are kept while we handle your request and for a reasonable period afterwards. Operational logs are rotated on a short cycle. We keep only the minimum needed to run the service and meet our legal obligations.

Third-party processors

We share data only with the processors that help us run XSeal:

Cookies

We use a single, strictly necessary session cookie to keep you logged in. We do not use advertising or third-party tracking cookies.

Payments

Paid plans are billed by Website Holding as merchant of record. Card details are handled by the payment processor and are never stored by XSeal.

Your rights

Under the GDPR you can request access to, correction of, or deletion of your account data and seal history. You can delete individual seals from your dashboard at any time, or contact us to close your account.

Contact

Questions about privacy? Reach us via the contact page and we will respond promptly.

Privacy Policy — XSeal