Encryption at rest
All files stored on Sinosend are encrypted using AES-256 (Advanced Encryption Standard with a 256-bit key). AES-256 is the same encryption standard mandated by financial regulators and government agencies worldwide — sometimes called “bank-grade” encryption.AES-256 Standard
Every file is encrypted with a unique 256-bit key before being written to storage. The encryption key is itself stored separately and protected.
Global Data Centers
Encrypted storage applies across all of Sinosend’s global data centers. You can choose which region stores your data — encryption is always on.
No Employee Access
Sinosend infrastructure staff cannot read your file contents. Encryption keys are managed at the system level; no individual employee holds them.
Encrypted Metadata
Transfer metadata — including file names and recipient information — is also encrypted at rest, not just the file payload itself.
Encryption in transit
All data moving between your browser, the Sinosend platform, and your recipients travels over TLS 1.2 or higher (Transport Layer Security). TLS creates a private, authenticated tunnel between two endpoints so that no one on the network path — including internet service providers, Wi-Fi operators, or malicious actors — can read or modify the data in flight.Sinosend enforces a minimum of TLS 1.2. Connections attempting to negotiate older protocol versions (TLS 1.0, TLS 1.1, or SSL) are rejected outright.
Bank-grade end-to-end encryption for teams
When you share files with team members inside Sinosend, the transfer uses end-to-end encryption (E2EE). This means the file is encrypted on your device before upload, transmitted in encrypted form, and can only be decrypted by the authorised recipient. At no point does the Sinosend platform hold an unencrypted copy during the transfer. This is the same model used by secure messaging applications and banking portals, and it protects against scenarios where even a legitimate infrastructure component is compromised.What this means for you
| Threat scenario | How Sinosend protects you |
|---|---|
| A file link is intercepted in transit | TLS 1.2+ encrypts the data channel; an intercepted link reveals nothing without the transfer session |
| A storage server is physically accessed | AES-256 encryption at rest renders file contents unreadable without the decryption key |
| A recipient forwards a download link | Access controls (password, expiry, revocation) prevent unauthorised use of a forwarded link |
Password-protected transfers
On top of encryption, you can add a password to any transfer. A password acts as a second authentication factor for the recipient: the download link is only activated after the correct password is entered. Passwords are a separate layer from encryption. They do not replace AES-256 protection — they add an additional gate that must be passed before a recipient can access the download.Add a password when creating a transfer
Change or remove a password after sending
Sinosend’s Dynamic File Management lets you update security settings on a transfer at any point after it has been sent, without needing to re-upload files or send a new link.Changes take effect immediately. Recipients who try to access the transfer after you save will encounter the new password requirement (or no password if you removed it).