Cloud Storage Privacy Grades
3 companies analysed · Sorted by privacy score
Mainstream cloud drives optimise for collaboration and recovery, which usually means the provider holds keys and can comply with lawful access requests. Zero-knowledge providers flip that: ciphertext leaves your device, so a breach or subpoena against the vendor still should not expose file contents—at the cost of stricter key hygiene and often slower sharing workflows. Pay attention to whether thumbnails, search indexes, and link shares are also E2EE, and whether mobile clients ever decrypt in the cloud for “preview” features. Corporate customers should review admin recovery, DLP, and audit logging, which can reintroduce visibility. We compare these services on the same four pillars as every other analysis; details are on the About page.
| # | Company | Grade | Score | In plain English | |
|---|---|---|---|---|---|
| 1 | A | 91/100 | Ente is an end-to-end encrypted photo and file storage service where only you hold the decryption ke…Ente is an end-to-end encrypted photo and file storage service where only you hold the decryption keys — the company genuinely cannot read your files even if ordered to; no cookies, no usage analytics, biometric processing happens on-device, and all 19 third-party providers are named; the main caveats are US/Delaware incorporation, PostHog analytics on the website, and some US-based storage and email infrastructure. | → | |
| 2 | B+ | 83/100 | Tresorit is an encrypted cloud storage service based in Switzerland that genuinely cannot access you…Tresorit is an encrypted cloud storage service based in Switzerland that genuinely cannot access your files; it holds ISO 27001 certification, stores data primarily in the EEA, and gives 30 days' notice of material policy changes — but it records and transcribes sales calls with AI bots, uses Facebook and Google for ad targeting, collects app usage analytics, and business-plan admins can access employees' encrypted files via a recovery master key. | → | |
| 3 | B- | 68/100 | pCloud is a Swiss cloud storage service that does not sell data, lets you choose EU or US server sto…pCloud is a Swiss cloud storage service that does not sell data, lets you choose EU or US server storage, and requires only an email address to sign up — but standard pCloud is not end-to-end encrypted by default, meaning pCloud can technically access your stored files; the privacy policy was last updated in March 2023 (over three years ago) and accepts policy changes via continued use with no advance notice commitment. | → |