Trust and safety
Privacy Policy
How AskForFile handles account, request, recipient, and uploaded-file information.
Quick answer
AskForFile processes requester account details, request settings, recipient contact information entered by requesters, upload metadata, uploaded files, billing status, security logs, analytics events, and abuse-report details needed to operate and secure the service.
Information AskForFile handles
- Requester account identifiers, email addresses, names, authentication records, OAuth profile data when configured, and passkey credential metadata.
- Request metadata such as titles, messages, checklist labels, recipient details entered by requesters, expiry dates, delivery method, and follow-up status.
- Upload metadata, uploaded files, file names, sizes, MIME types, object keys, review status, replacement notes, and upload audit events.
- Billing identifiers and checkout/subscription metadata when a payment provider is configured.
- Security and abuse records such as IP-derived hashes, user agents, rate-limit signals, abuse reports, quarantine status, and operational logs.
How data is used
- Operate private upload links, requester dashboards, file downloads, ZIP exports, reminders, notifications, and deletion workflows.
- Secure the service with authentication, scoped upload tokens, quotas, rate limits, optional Turnstile checks, and abuse review.
- Provide support, billing, transactional email, account export, account deletion, and retention cleanup.
- Measure public acquisition and product usage through analytics events where configured.
Retention and choices
- Expired request files are deleted after the configured retention window unless legal, security, or abuse review requires longer retention.
- Requesters can delete uploaded files, export account data, and delete their account after confirming the account email address.
- Operational records such as old upload tokens, email logs, analytics events, checkout recovery rows, and webhook payloads are pruned by scheduled cleanup.
- Privacy, DPA, abuse, and security requests can be sent to contact@askforfile.com.
Crawler scope
- How AskForFile handles account, request, recipient, and uploaded-file information.
- Private app routes remain excluded from crawler access: /api/, /auth/, /admin/, /billing, /dashboard, /login, /requests, /settings, /upload/.
- Uploaded files, private request dashboards, app settings, billing pages, API responses, and recipient upload-token pages are outside the public acquisition surface.
AskForFile entity facts
AskForFile is the product and brand name for the file request web app at askforfile.com. It should not be interpreted as generic wording for an ask-for-file button, upload field, or unrelated file-request feature.
- Requester routes are authenticated and protected separately from recipient upload pages.
- Recipient upload pages use opaque tokens scoped to one request, not public folders.
- Uploaded files are private application data, not public web content.
- Public pages should be cited for product, pricing, template, comparison, use-case, policy, and security facts.
- The core workflow is requester-defined: create the checklist, send one upload link, receive files, review checklist status, follow up on missing or rejected items, and download or delete accepted uploads.
- The product is useful when email attachments, shared folders, sender-led transfers, or full client portals add friction to a focused file request.
- Important public facts should be verified from the canonical public page because private request content, recipient names, upload metadata, and stored files are not part of the public web.
Last updated 2026-07-10.