Legal

Acceptable Use Policy

Last updated: June 3, 2026

Zippd is a zero-knowledge file-sharing service. Because we cannot see what you upload, we rely on this policy and on community reports to keep the Service usable. Violations result in immediate file deletion, account termination, network ban, and where required, referral to law enforcement.

Prohibited content & uses

You must not use Zippd to upload, store, transmit, or share:

  • Child sexual abuse material (CSAM). Zero tolerance. Reports go directly to NCMEC and the appropriate national authority.
  • Copyrighted material for which you do not hold the rights or a valid licence.
  • Malicious software — viruses, ransomware, exploit kits, RATs, keyloggers, stealers.
  • Stolen credentials, financial data, or PII — credit-card dumps, breached databases, doxx kits.
  • Non-consensual intimate imagery (NCII / “revenge porn”).
  • Content facilitating terrorism, violent extremism, or incitement to violence.
  • Weapons / arms-trafficking material — 3D-printed firearm files, conversion-device blueprints, etc., where prohibited by law.
  • Material that violates export controls or sanctions (e.g. ITAR/EAR-controlled technical data).
  • Personal data of third parties processed in violation of GDPR / applicable privacy law.

Prohibited service abuse

  • Using the Service for indiscriminate hotlinking, bandwidth-leeching, or external CDN-style traffic.
  • Automated mass-uploading from bots, scrapers, or fraud rings.
  • Attempting to circumvent rate limits, quotas, or expiry.
  • Probing, scanning, or otherwise attempting to discover vulnerabilities, except via our security-disclosure process at our contact form (category Security disclosure).
  • Reselling Zippd-hosted links as a paid service.

Reporting violations

If you encounter content that violates this policy:

  • For copyright issues: use the DMCA report form.
  • For CSAM, terrorism, or other urgent harm: email our contact form (category Report abuse) with the full share URL (without the #k= key). We respond to CSAM reports within hours.
  • For other abuse: our contact form (category Report abuse).

Enforcement

We will delete reported ciphertext on substantiated reports, terminate accounts of repeat infringers, and where the law requires, preserve and produce records for law enforcement. We may, at our sole discretion, ban any IP-hash, ASN, or email domain from the Service.

This document is a template. It is not legal advice. Have a lawyer review it before relying on it in your jurisdiction.