Privacy Policy
Effective date: 4 June 2026 Last updated: 4 June 2026
Oten Drive ("Oten Drive", the "App", "we", "us", or "our") is a zero-knowledge encrypted file storage service operated by Silver Tiger. This Privacy Policy explains what information we collect, how we use it, and the choices you have. By using Oten Drive, you agree to this Policy.
The short version: Your files are encrypted on your device before they ever leave it. We store only encrypted data and we never hold the keys needed to read it. We cannot view, decrypt, or hand over the contents of your files — not to anyone, including ourselves.
1. Our zero-knowledge principleOten Drive is built on end-to-end, zero-knowledge encryption:
Every file is encrypted on your device before it is uploaded or synced.
Our servers store only ciphertext (encrypted data). They never receive your files in readable form.
The encryption keys are derived from your password and credentials and are held only by you. They are never transmitted to us unprotected and are never stored on our servers in a form we can use.
As a result, we cannot read your file contents, file names, or folder structure, and we cannot recover them if you lose your password and Recovery Key.
This design is intentional. It means your most sensitive data stays private even in the event of a server breach, a legal demand, or a compromised device.
2. Information we collectBecause of our zero-knowledge architecture, we collect very little. The data below is what we can access:
a) Account informationEmail address — to create and authenticate your account (via Oten Identity single sign-on).
Name — if you provide it, for account and support purposes.
Account / user identifier — a unique ID associated with your account.
b) Usage and diagnostics dataUsage data — anonymous or pseudonymous product-interaction events (e.g. which features are used, frequency of use), collected through analytics tools to help us improve the App.
Crash and diagnostic data — technical logs and crash reports used to detect, diagnose, and fix problems.
Device and technical information — app version, operating system version, device type, and similar technical details.
c) Information we do NOT collectThe contents of your files, file names, folder names, or vault contents. These are end-to-end encrypted and inaccessible to us.
Your encryption keys, passwords, PINs, or Recovery Keys. We never receive these in a usable form.
3. How we use informationWe use the limited data we collect to:
Provide, operate, and maintain the App and its sync functionality;
Authenticate you and secure your account;
Provide customer support and respond to your requests;
Diagnose, fix, and prevent technical problems and abuse;
Understand how the App is used so we can improve it;
Comply with legal obligations.
We do not use your data for advertising, and we do not sell your personal information.
4. TrackingWe do not track you across other companies' apps or websites for advertising purposes. We do not use third-party advertising identifiers for cross-app tracking.
5. How information is sharedWe share data only in limited circumstances:
Service providers — we use trusted third parties to operate the service, including:
Cloud infrastructure providers that store encrypted data only;
Analytics and crash-reporting providers (for example, Google Firebase) that process usage and diagnostic data on our behalf. These providers are bound by contract to use the data only to provide services to us.
People you choose to share with — if you use sharing features, the encrypted content you share is made accessible to the recipients you designate, under the access rules (password, expiration, role) you set.
Legal requirements — we may disclose information if required by law. Note that because of our zero-knowledge design, we are technically unable to produce the plaintext contents of your files, regardless of any request.
We do not sell, rent, or trade your personal information.
6. Data retentionAccount data is retained for as long as your account is active.
Encrypted file data is retained until you delete it or close your account. When you delete data, the corresponding ciphertext is removed from our systems.
Usage and diagnostic data is retained for a limited period consistent with the purposes described above.
You may delete your data or request account deletion at any time (see Section 8).
7. SecurityWe protect your information using strong, industry-standard cryptography, including AES-256-GCM for data encryption, ML-KEM-768 (FIPS 203) for post-quantum key encapsulation, Ed25519 for signatures, and Argon2id for password-based key derivation. Encryption keys are stored in your device's secure hardware-backed storage (Apple Keychain).
Important: Because only you hold the keys, you are responsible for safeguarding your password and Recovery Key. If you lose both, your data cannot be recovered by anyone, including us.
8. Your privacy rightsDepending on where you live, you may have rights to:
Access the personal data we hold about you;
Correct inaccurate data;
Delete your data ("right to be forgotten");
Object to or restrict certain processing;
Data portability;
Withdraw consent where processing is based on consent.
To exercise these rights, contact us at the address in Section 12. We will respond in accordance with applicable law (including the GDPR and the CCPA where they apply).
9. International data transfersOten Drive operates internationally. Your information may be processed in countries other than your own. Where required, we use appropriate safeguards for such transfers. As always, file contents remain end-to-end encrypted in transit and at rest.
10. Children's privacyOten Drive is not directed to children. We do not knowingly collect personal information from children under the age required by your jurisdiction (generally 13, or 16 in some regions). If you believe a child has provided us with personal information, please contact us and we will delete it.
11. Changes to this PolicyWe may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above and, where appropriate, notify you within the App. Your continued use of Oten Drive after changes take effect constitutes acceptance of the updated Policy.
12. Contact usIf you have questions about this Privacy Policy or your data, contact us at:
Email: support@oten.com
Operator: Oten
Support: https://docs.oten.com/drive-support
Last updated