KALSU

Privacy Policy

Last updated: January 2025

The short version: KALSU transfers files directly between browsers using WebRTC. Your files never touch our servers. We don't store, access, or analyze any files you transfer.

1. How KALSU Works

KALSU is a peer-to-peer (P2P) file transfer service. When you send a file:

Your file stays on your device until a receiver connects
Files transfer directly from your browser to the receiver's browser using WebRTC
Our servers only facilitate the initial connection (signaling) — they never see or store your files
Once the connection is established, data flows directly between browsers

2. Data We Do NOT Collect

We do not collect, store, or have access to:

Your files — Files transfer directly between browsers via WebRTC
File contents — We cannot see what you're transferring
File names or metadata — This information is exchanged directly between peers
Personal information — We don't require accounts, emails, or any personal data
Usage analytics — We don't track what files you transfer or how often

3. Data That Is Processed

To provide the service, some technical data is necessarily processed:

IP Addresses: Your IP address is visible to the person you're transferring files with (this is inherent to WebRTC P2P connections). Our signaling server temporarily sees IP addresses to facilitate connections but does not log them.
Connection Codes: The random 4-word codes used to connect sender and receiver are temporarily stored in memory during the transfer session (maximum 10 minutes) and are automatically deleted afterward.

4. Cloudflare Turnstile

We use Cloudflare Turnstile to protect against bots and abuse. Turnstile may:

Set cookies necessary for its operation
Collect device and browser information to verify you're human
Process your IP address

This data is processed by Cloudflare according to their Privacy Policy.

5. Cookies

KALSU itself does not set any cookies. However, Cloudflare Turnstile may set cookies necessary for bot protection. These are not used for tracking or advertising.

6. Third-Party Services

KALSU runs on Cloudflare's infrastructure. By using KALSU, you also agree to:

Cloudflare's Privacy Policy

7. WebRTC and IP Addresses

WebRTC (the technology that enables direct browser-to-browser transfers) requires exchanging connection information between peers. This means:

The person you're transferring files with can see your IP address
Your IP address may reveal your approximate geographic location
If you're concerned about IP privacy, consider using a VPN

This is a fundamental aspect of P2P technology and is what allows files to transfer directly without going through our servers.

8. Data Retention

We do not retain any user data. Connection codes exist only in memory during active sessions and are automatically deleted after 10 minutes or when the transfer completes.

9. Children's Privacy

KALSU is not directed at children under 13. We do not knowingly collect any information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date.

11. Open Source

KALSU is open source. You can review our code and verify our privacy practices at github.com/roopen219/kalsu.

12. Contact

If you have questions about this Privacy Policy, please open an issue on our GitHub repository.