TrustedFileHub Ltd · Last updated: 1 January 2026
TrustedFileHub Ltd ("TrustedFileHub", "we", "us") provides encrypted business file storage and secure document sharing services to enterprise clients. This platform is not available to the general public — access is granted exclusively by your organisation. We act as a Data Processor under EU GDPR, processing files solely on behalf of and under instruction from our enterprise clients (the Data Controllers).
When you access files via TrustedFileHub on behalf of your organisation, we may process:
We do not access, read, or process the content of files stored on behalf of your organisation. All file content is encrypted at rest using AES-256.
Processing is carried out under our contractual obligations to your organisation (GDPR Article 6(1)(b)) and our legitimate interest in maintaining platform security and integrity (Article 6(1)(f)). Your organisation is the Data Controller and is responsible for the lawful basis for storing files on this platform and for any personal data contained within those files.
Access logs are retained for 90 days and then automatically deleted. File data is retained for the duration of your organisation's service agreement and deleted within 30 days of contract termination.
All data in transit is protected by TLS 1.3. Files are encrypted at rest with AES-256. Access to platform infrastructure is restricted to authorised TrustedFileHub personnel under strict need-to-know controls. We conduct regular third-party security assessments.
As TrustedFileHub acts as a Data Processor, data subject rights requests (access, erasure, rectification) must be directed to your organisation, which is the Data Controller for your data. Your organisation will coordinate with us where technically required.
For service-level enquiries, contact your organisation's IT or compliance team. Direct end-user enquiries cannot be handled — please route requests through your employer.