Since day one, WeTransfer has cared about privacy and respecting our users. Protecting the data of our users is of the highest importance to us, and we go to great lengths to make sure we keep it safe.
We take your trust and right to privacy seriously and work continuously to keep your digital footprint small and in your control. Nevertheless, to enable you in your flow and to improve and secure our service, we need to process some personal information. For privacy-related questions, please reach out to our Data Protection Officer via dpo@wetransfer.com.
This statement covers the processing activities of the WeTransfer services, software, websites (including browser extensions) and/or applications (together: “Services”). The Services allow you to create, share, collect, capture and/or visualize your ideas, texts, graphics, videos, data, information, files, decks or other content (together: “Content”). The Services may be provided to you online, in the form of a mobile and/or desktop application(s) and/or may be integrated in a third party service. By using any of the Services you agree to have read and understood our Privacy and Cookie Statement as below.
To make sure this Statement is easy to read, each question has a drop down with a short explanation, followed by a more formal statement.
We use cookies to store relevant data to optimise your experience on WeTransfer. You can remove all data within our cookies here.
We store some personal information to make your use of our Services possible. There are several ways in which we may collect personal information from you: you may submit it or we will collect it automatically through our Services. Different types of personal information may be collected depending on the way you use our Services and which Services you use. Please check the section “What are your rights as a user” to find out how you can change, access or delete your personal information.
WeTransfer collects, processes or hosts personal information you provide.
The uploader or creator(s) is responsible for the legitimacy of the Content and needs to follow our Terms of Service, WeTransfer only processes it to provide its Services. If you upload, send or create personal information via one of our Services, you may ask for a Data Processing Agreement by sending an email to legal@wetransfer.com.
WeTransfer also collects and uses personal information by automated means while you use our Services.
In some cases we receive personal information from third parties, such as:
We use your personal information in order to provide and improve our Services, to comply with legal obligations and to advertise our Services and to keep our Services safe and secure. Please find below how we use your personal information specifically and on what legal grounds we base the use of your personal information.
Each processing activity has a valid legal ground, which is described below.
WeTransfer has several partners to operate and improve its Services. Furthermore, we may share or allow you to share your information as part of some of the Services.
We’re a global business, which means we might share or store personal information in countries outside of the European Economic Area (“EEA”). Those countries have different data protection laws in place. However, when we transfer- and host data globally, we will make sure that appropriate safeguards are in place in order to ensure your personal information enjoys a similar level of protection as it would within the EEA. For example, we will verify that the receiving partner is certified under EU-US Privacy Shield or we will sign EU Standard Contractual Clauses.
EU-US Privacy Shield
Our subsidiary in the United States, WeTransfer Corp, complies with the EU-US Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the use and retention of personal information transferred from the European Economic Area and the United Kingdom to the United States.
WeTransfer Corp adheres to the EU-US Privacy Shield principles and is subject to oversight by the U.S. Federal Trade Commission. If you have any complaints regarding the transfer of your personal information to the US, please first file them directly at us via legal@wetransfer.com. The panel of EU Data Protection Authorities (DPA Panel) acts as the independent recourse mechanism for complaints regarding EU-US Privacy Shield complaints. The examination of such complaints is free of charge to you. You can find the contact information of your local DPA here. In case your concern still isn’t addressed by the DPA Panel, you may be entitled to invoke binding arbitration under the EU-US Privacy Shield Principles, find out more here.
As explained under section "What parties do we share personal information with", we sometimes provide personal information with third parties to perform services on our behalf. If we transfer personal information received under the Privacy Shield to a third party, the third party’s use of the personal data must also comply with our Privacy Shield obligations. In such a case we will remain liable under Privacy Shield for any failure to comply by the third party, unless we prove we’re not responsible for the event giving rise to the damage.
You can find our certification here. To learn more about EU-US Privacy Shield visit: https://www.privacyshield.gov.
We place cookies with the intention of making WeTransfer even better. We work hard to make our Services safe, beautiful and unobtrusive. Feel free to block cookies, but this may affect how well our Services work.
We place several cookies (or similar technologies, like pixels or web beacons) on your device for the purpose of facilitating your use of the Service and to find out how the Service may be improved. We or our advertising partners also place cookies on our website(s). Being a global service, these partners can vary per country. When our advertising partners place cookies, these cookies can process personal information to measure the effectiveness of the campaign.
Cookies are small text files that are stored on your computer by your browser when you visit a website. Examples of cookie purposes are: your language preferences, logging into an account, remembering login details, serving you personalised advertisements and acceptance of the Terms of Service and Privacy & Cookie Statement. Our website can place these cookies for the following purposes:
We have an extensive cookie list available here, which we will update at least four times a year. Due to the changing nature of our Service, this may result in the cookie list not being fully up to date at times. If you would want to remove certain cookies, or block them from being stored in your browser, it is possible to arrange this through your browser settings for cookies. You can find these settings under the Privacy tab in the Preferences section of most browsers. Here you can specify your cookie preferences or remove cookies. Please note that if you remove or refuse WeTransfer cookies, the Service might not function in optimal form.
We treat your Content with respect. We don’t provide any public search function, catalogue or listing to find Content. We trust you understand that in order to fulfill our moral responsibility to reduce the spread of Child Sexual Abuse Imagery (CSAI), we do use automated systems to to detect such Content. Finally, we’re obliged to delete your Content when we receive a Notice-and-takedown/DMCA-request or when we receive a legal request.
Please be mindful when distributing download/ access links - whoever it is passed on to or has access to a download/access link can access or download the Content. For extra security and confidentiality you might want to use our feature to protect your files with a password (if available).
The retention period for your personal information depends on which Service you use and it depends on which category of personal information we’re talking about. Always check out the website(s) or app(s) of the Service(s) for the specific information on retention periods.
Personal information
WeTransfer retains your personal information as long as its necessary to provide our Services to you (e.g. upholding your user account), to conduct our business activities and fulfill our legitimate interests, such as providing safe and secure services, to fix bugs and to reach out to you, to comply with applicable laws (e.g. retaining financial information for 7 years for tax purposes) and legal requests and to resolve (legal) disputes.
Files you transfer
When using WeTransfer File Sharing your Content will be deleted after 7 days, unless you have a Pro account in which case your transfer data is stored by default for 28 days or until the expiry date you set manually. After this period, a file is automatically deleted from our servers. The personal information that accompanies your transfer is kept for a maximum of 12 months. Such personal information is only accessible to very few people within WeTransfer, those that need it to perform their job, for example to provide you with support. When data is older than 12 months, we scrub it from the database, pseudonymise or anonymise it for analysis. Pseudonomising your personal information means that we do not use your email address or IP address for analytical purposes, but create a random pseudonym for both and use that pseudonym instead. That way we don’t have to handle directly identifiable personal information, which is privacy-friendly.
Content you create, use, store or share through the Services other than file sharing
The Content you create, use, store or share on our Services, other than our File Sharing Service, is, in principle, retained until you stop interacting with our Service(s), when you delete your Content from the Service(s), when you delete the Service(s) from your device(s) or when you delete your account. Always check out the website(s) or app(s) of the Service(s) you use for specific information.
WeTransfer takes technical and organisational measures to protect your personal information against loss or other forms of unlawful processing.
We make sure that personal information is only accessible by those who need access to do their job and that they are properly authorised. That means we keep logs of who has access to personal information, we limit the amount of people that have access and we make sure that personal information can only be read, copied, modified or removed by properly authorised staff. We monitor internal activity to ensure the safety and accuracy of personal information.
WeTransfer staff is required to conduct themselves in a manner consistent with the company’s guidelines regarding confidentiality, ethics, and appropriate usage of personal information. Staff is required to sign a confidentiality agreement.
During an upload, while it's stored on our servers and during a download, Content is encrypted and only sent over a secure connection (https). The servers we use to store your Content for you are GDPR compliant and secure.
You are only allowed to use our website, apps and/or Services when aged 16 and over. When you’re younger than 16 you may use our website, apps and/or Services only after parental approval or approval of your legal representative. Minors under the age of 13 in the USA are not allowed to use our Services.
If you need more info on your personal information, please let us know. We may ask for proof of identity. If you change your mind and no longer want us to process your personal information, let us know.
You can ask WeTransfer to:
You can do this by sending an email to legal@wetransfer.com Please state clearly in the subject that your request concerns a privacy matter and more specific whether it is a request to access, correction or deletion. Bear in mind that under circumstances WeTransfer requests for additional information to determine your identity.
You have a right to object to our use of your personal information, for instance when the legal base for processing is based on one of our legitimate interests (see subsection “Legal grounds”). If you inform us that you do not longer wish us to process your personal information or to be approached, WeTransfer will move your personal information to a separate file. Your personal information will no longer be used for the above mentioned purposes, unless our legitimate interest, for example safety & security, outweighs your right to objection. You can request this via legal@wetransfer.com. Please state clearly that your request concerns a privacy matter and more specifically that you exercise your right to object.
If you think we have infringed your privacy rights, you can lodge a complaint with the relevant supervisory authority. You can lodge your complaint in particular in the country where you live, your place of work or place where you believe we infringed your right(s).
When you’ve provided your consent for us to process your personal information, you can withdraw your consent at any time, without affecting the lawfulness of processing activities based on consent before its withdrawal. If you withdraw your consent, we will no longer process the personal information which we’ve received based on your consent.
Subject to certain limitations under California Civil Code § 1798.83, if you are a California resident, you may ask us to provide you with (i) a list of certain categories of personal information that we have disclosed to certain third parties for their direct marketing purposes during the immediately preceding calendar year and (ii) the identity of certain third parties that received personal information from us for their direct marketing purposes during that calendar year. We do not, however, share your personal information with marketers, subject to the above statute.
Our support team is available via support@wetransfer.com. If you have any questions, please email us in English, to make sure we can help you in the best way. If you have questions about the way WeTransfer processes your personal information or the personal information WeTransfer stores about you, please contact WeTransfer by sending an email with your question to legal@wetransfer.com We speak Dutch & English. If you need to contact our Data Protection Officer, please do so via dpo@wetransfer.com.
Note that WeTransfer may revise this Privacy & Cookie Statement from time to time. Each revised version shall be dated and posted on the website. WeTransfer recommends that you review the website from time to time and take note of any changes. If you do not agree with the Privacy & Cookie Statement, you should not or no longer access or use the website and/or service. By continuing to use the website and/or service you accept any changes made to the Privacy & Cookie Statement.
We couldn't load some important parts of our website. They may have been blocked by your firewall, proxy or browser set-up. Try refreshing the page or get in touch through our help center.