Skip to content
Tallow

Legal

Privacy Policy

Last updated: February 2026

Zero-Knowledge Architecture

Tallow is designed so that we never have access to your data. All files are encrypted end-to-end on your device before transmission. The relay server only sees encrypted ciphertext and cannot decrypt your files, read filenames, or inspect file contents.

What We Don't Collect

Tallow does not collect personal information, usage analytics, telemetry, crash reports, or any form of tracking data. There are no accounts, no sign-ups, and no cookies. The relay server does not log IP addresses, transfer metadata, or connection timestamps beyond what is required for active session management.

Relay Server

The default relay server facilitates encrypted connections between peers. Room codes are ephemeral and destroyed after use. No transfer history is retained. If you prefer complete infrastructure control, you can self-host your own relay server.

Web Application

The Tallow web app runs entirely in your browser via WebAssembly. Cryptographic keys are generated locally and never transmitted to any server. Session keys exist only in browser memory and are zeroed on disconnect. No data is stored on remote servers.

Open Source Verification

Tallow is open source under the AGPL-3.0 license. You can audit every line of code at github.com/tallowteam/Tallow . Our cryptographic implementation uses well-established libraries from the RustCrypto ecosystem.

Contact

For privacy-related questions, contact us at tallowteam@proton.me or open an issue on our GitHub repository .

In short

  • No analytics, telemetry, or tracking of any kind
  • No accounts, cookies, or personal data collected
  • End-to-end encrypted — relay never sees plaintext
  • Fully open source and auditable