Legal

Privacy Policy

Last updated: February 25, 2026

FaxDrop ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and protect information when you use FaxDrop at faxdrop.com.

The short version

We never store your documents. Files are deleted from our infrastructure the moment transmission ends. We collect only what we need to operate the service.

Information We Collect

When you send a fax, we collect: your name and email address (for delivery confirmation), the recipient fax number, and the document you upload. We do not store the document. It is streamed directly to our fax transmission provider and immediately deleted from our servers after transmission completes or fails.

How We Use Your Information

We use your email address solely to send delivery confirmation notifications. We use your name and the recipient fax number to generate the cover page. We do not sell, rent, or share your personal information with third parties for marketing purposes.

Document Handling

Your uploaded documents are never stored on FaxDrop servers beyond the duration of a single transmission. Files are transmitted directly to Phaxio (our fax transmission provider) and permanently deleted upon completion. We do not retain copies of your documents.

Cookies and Tracking

FaxDrop uses a session cookie (HttpOnly, first-party) to track your free fax usage across your current session. This cookie does not contain personal information and expires after 30 days. We use Google Analytics to understand aggregate usage patterns. You may opt out via browser settings.

Data Retention

Fax status records (delivery confirmation, timestamps) are retained for up to 24 hours in our Redis store, then automatically deleted. Email addresses associated with freemium usage tracking are stored indefinitely in hashed, non-reversible form only.

Third-Party Services

FaxDrop uses Phaxio for fax transmission, Stripe for payment processing, and Vercel for hosting. Each provider has their own privacy policy. Stripe processes payment information directly. FaxDrop never sees or stores your payment card details.

Security

All data in transit is encrypted using TLS 1.3. Fax transmissions use AES-256 encryption. We do not store raw IP addresses. All rate-limiting data is stored as salted SHA-256 hashes.

Your Rights

You may request deletion of any personal data we hold by emailing hello@faxdrop.com. Because we store email addresses only in hashed form, we cannot look up records by name. Please include the email address used when you sent your fax.

Contact

Questions about this policy? Email us at hello@faxdrop.com.

Security & Compliance

HIPAA Compliant

Signed BAA on file · No document retention

PCI DSS Level 1

Payments secured by Stripe · No card data touches our servers

256-bit SSL

End-to-end TLS 1.2+ encryption in transit

Zero Retention

Files deleted immediately after transmission completes