About Pact

Pact.online is a simple and highly secure file transfer service. It is free to use, decentralized, immutable, and offers optional end-to-end encryption. Currently, the service allows for the transfer of files up to 1GB. The recipient can download the file(s) for 3 days. Please reach out to us if you need to share even bigger files (info[at]pact[dot]care).

If you choose end-to-end encryption, we recommend using two separate channels: 1) for sharing the file link and 2) for the password link. To maximize security, consider using a channel you are confident only the intended receiver has access to. Usually, using email for the file link and WhatsApp for the password link works fine.

The Technology

The files are uploaded on IPFS and uploads, as well as downloads, are logged on IOTA. This way files are transfered immutable and decentralized on IPFS. IOTA makes sure that nobody can delete or alter the logs. Furthermore, you can use the Web Crypto API (AES256-GCM) to fully encrypt the files inside your browser before they get even uploaded.

The upload page itself is hosted on different servers, which you can also access directly in case someone starts to blog our service. If you open pact.online you will see a random select version of the upload page. Uploaded files can be download from any IPFS gateway or simply under the generated link.


If you wish to participate you can simply set up your own IPFS node with a writeable Gateway. You need to allow a maximum upload size on your server of 1GB. Lastly, reach out to us at info[at]pact[dot]care so we then can integrate your side on our main page. Currently, we share the IOTA donations equally among all participants at the end of every month. For transparency, you can track all donations under the current IOTA donation address. In the future, we might set up an advertising model to make it more attractive for IPFS nodes to participate.

Who We Are

Pact.online was developed by Pact Care, a young startup based in Amsterdam, the Netherlands. We would love you supporting us in our efforts, for example, by reaching out or simply reading more about our initiatives on official medium blog.

Herengracht 420, 1017BZ,
Amsterdam, Netherlands
+31 20 893 4143

Terms of Service

1) Introduction
a) PACT provides a simple way to transfer confidential and end-to-end encrypted digital files up to a maximum total size of 1 GB (“Service”)
b) PACT is free from registration and charge.
c) In this policy, “We”, “Us” and “Our” refer to PACT Care BV. For more information about us, see Section 11.
d) By using our Service, you accept these terms and conditions in full; accordingly, if you disagree with these terms and conditions or any part of these terms and conditions, you must not use our Service.
e) Your file will be automatically encrypted in your browser (AES256-GCM) before the upload. After that, you receive a unique file id (hash) as well as a password. The file is available for at least 3 days. f) It’s recommended to use two different channels to send the file id and password. At least to one channel only the intended receiver should have access. In most cases, email for the file id and WhatsApp for the password should be fine.
g) PACT will permanently delete the uploaded files after the expiry period mentioned in Section 1e. However, since the file transfer is based on a decentralized storage network named IPFS, in rare cases other servers could copy the end-to-end files and thus provide the files even after the expiry period. h) Please keep that in mind that this Service is still in beta phase.

2) Copyright notice
a) Copyright (c) 2018 PACT Care BV.
b) Subject to the express provisions of these terms and conditions:
i) we, together with our licensors, own and control all the copyright and other intellectual property rights in our Service and the material on our Service; and
ii) all the copyright and other intellectual property rights in our Service and the material on our Service are reserved.

3) License to use service
a) Except as expressly permitted by these terms and conditions, you must not edit or otherwise modify any material on our Service.
b) Unless you own or control the relevant rights in the material, you must not:
i) republish material from our Service (including republication on another website);
ii) sell, rent or sub-license material from our Service;
iii) exploit material from our Service for a commercial purpose; or
iv) redistribute material from our Service.
c) We reserve the right to restrict access to areas of our Service, or indeed our whole Service, at our discretion; you must not circumvent or bypass, or attempt to circumvent or bypass, any access restriction measures in our Service.

4) Confidentiality
a) All file transfers between you and recipients are encrypted and treated confidentially. Only you and your recipients will have the key to decrypt and to look into the content of your transfer.
b) You acknowledge that download links and password can be forwarded and - whoever is passed on or has access to a download link can download the files contained in that transfer. It's the responsibility of the uploader to share and take the right precautions to keep password safe.
c) PACT provides a public log of transactions that is anonymized and stored on a distributed ledger named IOTA. This log includes exclusively file id as well as the date and time of uploading and downloading of the file transmitted.

5) File ownership, permissions, and responsibility
a) You are fully and solely responsible and accountable for all materials and information that you upload, post or otherwise transmit via the Service. PACT does not claim any ownership of the contents of the files you transfer through our Service.
b) By using our Service you guarantee that you have, for each file, all required permissions to distribute, transfer, store and/or make available online as part of our Service, including copyrights, intellectual property rights and personal data processing consents.

6) Restrictions
a) PACT trusts you to use our Service responsibly. Therefore, you agree not to transfer, distribute or store any files that:
i) be libelous or maliciously false;
ii) be obscene or indecent;
iii) infringe any copyright, moral right, database right, trademark right, design right, right in passing off, or other intellectual property right;
iv) infringe any right of confidence, right of privacy or right under data protection legislation;
v) constitute negligent advice or contain any negligent statement;
vi) be in contempt of any court, or in breach of any court order;
vii) be in breach of racial or religious hatred or discrimination legislation;
viii) be blasphemous;
ix) be in breach of official secrets legislation;
x) be in breach of any contractual obligation owed to any person;
xi) constitute spam;
xii) cause annoyance, inconvenience or needless anxiety to any person.
b) Also, you agree not to:
i) use our Service in any way or take any action that causes, or may cause, damage to the Service or impairment of the performance, availability or accessibility of the Service;
ii) probe, scan, or test the vulnerability of any system or network;
iii) breach or otherwise circumvent any security or authentication measures;
iv) impersonate or falsely pretend affiliation with any person or entity;
v) access, tamper with, or use non-public areas of the Service;
vi) conduct any systematic or automated data collection activities (including without limitation scraping, data mining, data extraction, and data harvesting) on or in relation to our Service without our express written consent;
vii) send viruses, overloading, flooding, spamming, worms, malware to any part of the Service;
viii) send junk mail, chain letters, altered, deceptive or false source-identifying information (including "spoofing" or "phishing"), unsolicited communications, promotions or advertisements to any part of the Service;
ix) sell, promote or advertise the Service unless specifically authorized to do so;
x) circumvent transfer or storage space limits;
xi) decipher, decompile, disassemble, reverse engineer or otherwise attempt to derive any source code or underlying ideas or algorithms of any part of the Service

7) Disclaimer
a) We strive to provide a great Service, but there are certain things that we can't guarantee. To the fullest extent permitted by law, our Service is provided without any warranty, on an “AS-IS” basis.
b) We disclaim any warranties of merchantability, fitness for a particular purpose, and non-infringement.
c) The use of PACT is at your own risk and you acknowledge and agree that PACT is not responsible for any damages to your computer system or the computer system of any third party that result from the use of the Service.
d) PACT is not responsible for any failure of the Service to transfer, store or delete a file or for the corruption or loss of any data, information or content contained in a file.
e) PACT reserves the right to make changes, updates or enhancements to the Service at any time without prior notice and makes no warranty that the Service is available on an uninterrupted, secure or error-free basis. We may also add or remove functionalities or features, or we may suspend or stop the Service altogether.

8) Limitations and exclusions of liability
a) Nothing in these terms and conditions will:
i) limit or exclude any liability for death or personal injury resulting from negligence;
ii) limit or exclude any liability for fraud or fraudulent misrepresentation;
iii) limit any liabilities in any way that is not permitted under applicable law; or
iv) exclude any liabilities that may not be excluded under applicable law.
b) The limitations and exclusions of liability set out in this Section 8 and elsewhere in these terms and conditions:
i) are subject to Section 8a; and
ii) govern all liabilities arising under these terms and conditions or relating to the subject matter of these terms and conditions, including liabilities arising in contract, in tort (including negligence) and for breach of statutory duty, except to the extent expressly provided otherwise in these terms and conditions.
c) We will not be liable to you in respect of any losses arising out of any event or events beyond our reasonable control.
d) We will not be liable to you in respect of any business losses, including (without limitation) loss of or damage to profits, income, revenue, use, production, anticipated savings, business, contracts, commercial opportunities or goodwill.
e) You accept that we have an interest in limiting the personal liability of our officers and employees and, having regard to that interest, you acknowledge that we are a limited liability entity; you agree that you will not bring any claim personally against our officers or employees in respect of any losses you suffer in connection with the Service or these terms and conditions (this will not, of course, limit or exclude the liability of the limited liability entity itself for the acts and omissions of our officers and employees).
f) In the event PACT is liable for damage under mandatory law, PACT’s aggregate liability to you for any and all claims arising out of or in connection with the use of the Service will in no event exceed ten euros (€10) per incident.

9) Severability
a) If a provision of these terms and conditions is determined by any court or other competent authority to be unlawful and/or unenforceable, the other provisions will continue in effect.
b) If any unlawful and/or unenforceable provision of these terms and conditions would be lawful or enforceable if part of it were deleted, that part will be deemed to be deleted, and the rest of the provision will continue in effect.

10) Law and jurisdiction
a) These terms and conditions shall be governed by and construed in accordance with Dutch law.
b) Any disputes relating to these terms and conditions shall be subject to the exclusive jurisdiction of the courts of the Netherlands.

11) Our details
a) This Service is owned and operated by PACT Care BV.
b) Our principal place of business is at Herengracht 420, 1017BZ, Amsterdam, Netherlands.
c) PACT Care BV registered at the Dutch Chamber of Commerce under 71768947.
d) You can contact us:
i) by post, to the postal address given above;
ii) by telephone +31 20 893 4143;
iii) by email, using info[at]pact[dot]care

Privacy Policy

1) Introduction
a) We are committed to safeguarding the privacy of our Service (PACT) users.
b) This policy applies where we are acting as a data controller with respect to the personal data of our service users; in other words, where we determine the purposes and means of the processing of that personal data.
c) We use cookies on our website. For detailed information on the cookies we use see the Cookie Policy below.
d) In this policy, "We", "Us" and "Our" refer to PACT Care BV. For more information about us, see Section 7 or visit our company website https://pact.care.
e) All information transmitted through our Service is encrypted and temporarily stored on a third party secured cloud servers (Amazon Web Services). We take appropriate steps to maintain the security of your data on our service. The security of your personal information is important to us, but remember that no method of transmission over the internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

2) How we use your personal data
a) In this Section 2 we have set out:
i) the general categories of personal data that we may process;
ii) the purposes for which we may process personal data; and
iii) the legal bases of the processing.
b) When using our PACT service, you do not have to sign up for an account, nor is there any other kind of login procedure.
c) We may process data about your use of our service ("usage data"). The usage data may include your IP address, geographical location, browser type and version, operating system length of visit, page views and website navigation on our website. The source of the usage data of our website is provided through Google Analytics. This usage data may be processed for adapting the website experience according to your platform. The legal basis for this processing is consent.
d) In addition to the specific purposes for which we may process your personal data set out in this Section 2, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
e) Please do not supply any other person's personal data to us, unless we prompt you to do so.

3) Retaining and deleting personal data
a) This Section 3 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.
b) Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
c) When using PACT your uploaded file or files (the upload) are stored on our servers for a period of at least 3 days by default.
d) Your personal data collected by Google Analytics will be retained for 14 months.
e) Notwithstanding the other provisions of this Section 3, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

4) Amendments
a) We may update this policy from time to time by publishing a new version on our website.
b) You should check this page occasionally to ensure you are happy with any changes to this policy.

5) Your rights
a) In this Section 5, we have summarized the rights that you have under data protection law. Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
b) Your principal rights under data protection law are:
i) the right to access;
ii) the right to rectification;
iii) the right to erasure;
iv) the right to restrict processing;
v) the right to object to processing;
vi) the right to data portability;
vii) the right to complain to a supervisory authority; and
viii) the right to withdraw consent.
c) You have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee.
d) You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.
e) In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law and the personal data have been unlawfully processed. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defense of legal claims.
f) In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defense of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defense of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
g) You have the right to object to our processing of your personal data on grounds relating to your particular situation, but only to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defense of legal claims.
h) You have the right to object to our processing of your personal data for scientific or historical research purposes or statistical purposes on grounds relating to your particular situation, unless the processing is necessary for the performance of a task carried out for reasons of public interest. To the extent that the legal basis for our processing of your personal data is:
i) consent; or
ii) that the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract, and such processing is carried out by automated means, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.
i) If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.
j) To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
k) You may exercise any of your rights in relation to your personal data by written notice to us.

6) Third party services
a) PACT partners with third party companies for purposes of database and storage management:
i) File server (Amazon Web Services)
ii) Decentralized storage (IOTA)
We do not share with these partners any personal information.

Cookie Policy

1) Introduction
a) Our website uses cookies. Insofar as those cookies are not strictly necessary for the provision of our website, we will ask you to consent to our use of cookies when you first visit our website.

2) About cookies
a) A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
b) Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
c) Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.

3) Cookies that we use
a) We use cookies to store your preferences in relation to the use of cookies. Cookies used for this purpose are: all cookies by pact.care.

4) Cookies used by our service providers
a) Our service providers use cookies and those cookies may be stored on your computer when you visit our website.
b) We use Google Analytics to analyse the use of our website. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our website is used to create reports about the use of our website. Google's privacy policy is available at: https://www.google.com/policies/privacy/. You can more about the cookies used by Google Analytics here https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

5) Managing cookies
a) Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
i) https://support.google.com/chrome/answer/95647?hl=en (Chrome);
ii) https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);
iii) http://www.opera.com/help/tutorials/security/cookies/ (Opera);
iv) https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
v) https://support.apple.com/kb/PH21411 (Safari); and
vi) https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).
b) Blocking all cookies will have a negative impact upon the usability of many websites.
c) If you block cookies, you will not be able to use all the features on our website.

6) Our details
a) This website is owned and operated by PACT Care BV.
b) Our principal place of business is at Herengracht 420, 1017BZ, Amsterdam, Netherlands
c) You can contact us:
i) by post, to Herengracht 420, 1017BZ, Amsterdam, Netherlands;
ii) by telephone, +31 20 893 4143;
iii) by email, using info[at]pact[dot]care