Briefcase ("we," "us," or "our") is a privacy-first cloud storage application for iOS and Android. Our service allows you to store, encrypt, and manage your files using your own Google Drive accounts as backend storage.
By using Briefcase, you agree to the collection and use of information as described in this Privacy Policy.
We do not sell your data. We do not run ads. We do not share your personal information with third parties for marketing purposes.
Account information: When you create a Briefcase account, we collect a username or email address and a hashed account identifier. Your password never leaves your device and is never transmitted to our servers.
Encrypted file data: We store and route encrypted ciphertext on your behalf. This data is mathematically unreadable to us without your encryption key, which only you hold.
Usage data: We may collect anonymised usage statistics such as app version, operating system, crash reports, and feature interaction counts. This data does not identify you personally and is used solely to improve the app.
Google account tokens: When you connect a Google account, we store OAuth refresh tokens on our server so we can upload and manage files in your Google Drive on your behalf. These tokens are stored securely and encrypted at rest. We use them only to perform the actions you explicitly request within the app.
When you connect a Google account to Briefcase, we request the drive.file scope. This scope grants Briefcase permission to:
Briefcase cannot and does not access any files in your Google Drive that were not created by Briefcase. We cannot see your existing photos, documents, or any other pre-existing Drive content.
All files written to your Google Drive by Briefcase are encrypted ciphertext. Google and Briefcase alike cannot read the contents of these files without your device-held encryption key.
We do not use Google user data to serve advertisements, train machine learning models, or share with third parties. Google account data is used solely to provide the core storage functionality of the Briefcase app at your explicit direction.
We use the information we collect to:
We do not use your information to serve targeted advertising, build advertising profiles, or sell data to data brokers or any third party.
Briefcase is built on a zero-knowledge architecture:
Because we do not hold your encryption keys, we cannot decrypt your files under any circumstances — including in response to legal requests. In the event of a server breach, your file contents remain protected by your device-side encryption.
We do not sell, rent, or trade your personal information. We may share limited information only in the following circumstances:
You have the following rights regarding your data:
To exercise any of these rights or for any privacy-related requests, contact us at hello@briefcaseapp.io.
We retain your account information for as long as your account is active. If you delete your account, we will delete or anonymise your personal data within 30 days, except where we are required to retain it by law.
Encrypted files stored in your Google Drive are not deleted when you delete your Briefcase account — they remain in your Drive under your full control.
Briefcase is not directed at children under the age of 13 (or 16 in certain jurisdictions). We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us at hello@briefcaseapp.io and we will delete it promptly.
We may update this Privacy Policy from time to time. When we make material changes, we will notify you through the app or by email at least 14 days before the changes take effect. The "Last updated" date at the top of this page reflects the most recent revision.
Continued use of Briefcase after changes take effect constitutes your acceptance of the updated policy.
If you have any questions, concerns, or requests regarding this Privacy Policy or your data, please contact us:
We aim to respond to all privacy-related inquiries within 5 business days.