What do you mean by client-side encryption?

Your private data is encrypted in your computer, before sending it to our servers. This way, it is impossible for anyone without the password/decryption key to decipher your data. Even for us!

More specifcally, how is encryption performed in practice?

Through Javascript libraries. We use JSEncrypt's as the underlying implementation for symmetric cryptography, and Stanford Javascript Crypto Library's for asymmetric cryptography.

How do you use asymmetric encryption to encrypt an arbitrary length of plaintext?

We randomly generate a symmetric encryption key and encrypt the plaintext message with it. Then, encrypt this symmetric key with RSA. Both the symmetrically encrypted text as well as the asymmetrically encrypted symmetric key are transmitted and stored in our servers. An user then decrypts the symmetric key with its asymmetric decryption key, allowing the symmetrically encrypted text to be decrypted.

Sounds complex? It is not! Fear not, this machinery is completely transparent from an user perspective.

How long do you store the data? When does a link expire?

Links generated by non-registered users are kept 30 days after its last access, which means that they can be kept forever as long you keep accessing them.

Links generated by registered users are kept forever independently of last access time.