🔐 SendSecure

Privacy Policy

Effective date: 2026

This Privacy Policy describes how Lakeland Holding Ltd. (“Lakeland”, “we”, “us”, “our”) handles information when you use SendSecure (the “Service”). SendSecure is designed so that message contents remain private by default through client-side encryption.

Zero-Knowledge Design

SendSecure is designed as a zero-knowledge platform. We do not have access to your plaintext messages, your password, or the decrypted contents of any attached file. Encryption and decryption occur in your browser.

What We Store

The Service stores only the minimum data required to deliver the Service:

• Encrypted messages (ciphertext only).
• Encrypted file blobs, if you attach a file (maximum 25 MB).
• Random salts and initialization vectors (IVs) required for client-side decryption.
• Basic metadata such as creation time, expiry time, and one-time view/burn settings (if enabled).

Your password is never transmitted to us and is not stored anywhere on our servers. Without your password, stored content remains cryptographically unreadable.

How Your Data Is Protected

• Encryption and decryption happen entirely in your browser using the WebCrypto API plus a browser-side Argon2id implementation for key derivation.
• Messages and files are encrypted using AES-GCM with 256-bit keys.
• Encryption keys are derived from your password using Argon2id, a modern, memory-hard key derivation function designed to resist GPU/ASIC cracking attempts.
• Each message and each file encryption uses its own unique, randomly generated salt and IV, ensuring identical content does not produce identical ciphertext.
• After a message (and any attached file) is successfully decrypted, the stored encrypted content is permanently deleted from our servers.
• If never accessed, encrypted data is automatically deleted after its configured expiry (1 to 7 days, depending on your selection).

Cookies and Tracking

SendSecure does not use advertising cookies, analytics trackers, or third-party marketing scripts. We do not track you across sites, build user profiles, or sell behavioral data.

Third-Party Disclosure

We do not sell, rent, or share your encrypted content with third parties. The Service does not integrate with advertisers, social networks, or analytics providers.

Transport Security

We use HTTPS to protect data in transit between your browser and the Service. Even in the unlikely event of a server compromise, any stored message or file would remain cryptographically unreadable without the user’s password.

Your Consent

By using SendSecure, you agree to this Privacy Policy. If changes are made, they will be reflected on this page along with an updated effective date.

Contact

If you have questions about this Privacy Policy or about SendSecure, you may contact us using the information below:

Mail:
Lakeland Holding Ltd.
196 Taylor Rd, Bracebridge
Ontario, P1L 1J9 Canada

Telephone:
705-789-5442

Email:
[email protected]