Let’s get one thing straight: GDPR is important. It was a decent attempt to force companies to stop being shady with your personal data.
But here’s the thing—we don’t have any of your data. Not your name, not your email, not your IP address. Nothing.
So when someone asks if we’re GDPR compliant, our answer is simple:
“Sure. But it’s kind of pointless.”
Most services collect your data, encrypt it (maybe), then promise not to misuse it. BareSend takes a different approach:
We never even see your message. You encrypt it yourself before it leaves your device. The decryption key? You keep it. We don’t want it, can’t see it, and will never store it.
The result?
We’d love to help. Really. But we can’t give what we don’t have. There’s no database to search. No account to tie to an identity. No key to decrypt anything.
Technically, BareSend is GDPR compliant. But the real flex is this:
We built something so private that GDPR doesn’t even apply.
No consent banners. No dark patterns. No sneaky T&Cs.
Just encryption, expiry, and your own key.
That’s not a loophole. That’s how privacy should work.