— Privacy policy
How privacy works here.
PageGate is a tool for sharing a single HTML page. This page explains what we collect, why we collect it, and what happens to it.
Anonymous uploads use a password-derived key. Account and Pro uploads are encrypted at rest with a server-wrapped page key so dashboard recovery, password reset, public pages, and Pro editing can work.
What we collect
When you upload a page, we store the encrypted page file, original filename, file size, creation time, expiration time, total view count, last-viewed time, optional custom URL, public/private setting, tier at creation, and a one-way password hash when the page has a password gate.
If you create an account, we store your email address, Clerk user ID, subscription status, and the pages connected to your account.
If you use Pro, billing is handled by Stripe. We store the Stripe customer and subscription identifiers needed to know whether Pro features are active.
What we don’t do
- We do not sell your data.
- We do not share your data with advertisers or data brokers.
- We do not use uploaded page contents for advertising or model training.
- We do not run analytics scripts inside your uploaded HTML. Uploaded pages render in a sandboxed iframe without same-origin access to PageGate.
We do not intentionally inspect uploaded page contents except where needed to operate PageGate, debug or secure the service, respond to abuse, comply with law, or protect PageGate and its users.
Encryption
Anonymous pages use an AES-256-GCM key derived from the page password with PBKDF2. We do not store the page password. If you lose it, we cannot recover the page for you.
Account and Pro pages use a random per-page key wrapped by a server-held master key. This is what makes password reset, dashboard recovery, public pages, and Pro edit-in-place possible. It is not the same zero-knowledge guarantee as anonymous uploads.
Public pages skip the password prompt, not encryption. Anyone with the link can view a public page until it expires or is deleted.
Analytics and logs
We may use privacy-friendly aggregate analytics in the PageGate shell to understand product usage, such as uploads, unlocks, failed unlocks, page paths, file names, or file sizes. We do not place analytics code inside the uploaded HTML itself.
We may keep limited technical logs for security, abuse prevention, debugging, and reliability. Those logs may include ordinary request metadata such as timestamps, IP addresses, user agents, routes, and error details. We do not use those logs to build viewer profiles.
Retention
Anonymous pages expire after 1 day. Free account pages expire after 7 days. Pro pages can use custom expirations, including “never,” subject to account status and the service continuing to operate.
When a page expires, PageGate removes the active database record and encrypted file through scheduled cleanup. That cleanup runs periodically, so removal after expiry may not be instant.
When an owner deletes a Pro page, PageGate removes the active database record and encrypted file immediately. Limited records may remain temporarily in logs, backups, provider systems, or records we reasonably need for security, billing, abuse prevention, or legal compliance.
Service providers
We host PageGate and encrypted page files on Railway. We use Clerk for sign-in and Stripe for billing. We currently use Plausible for aggregate product analytics in the PageGate shell.
These providers process data for us according to their own terms and privacy policies. If we add another major provider, we will update this page.
Legal requests and abuse
We may disclose, preserve, or review information if required by law, subpoena, court order, or other valid legal process.
We may also preserve, disclose, or review information if we believe it is reasonably necessary to investigate abuse, prevent harm, debug security issues, or protect PageGate, our users, or the public.
Contact
Questions, deletion requests, abuse reports, or privacy requests can go to [email protected]. We will do our best to respond within 30 days.