PhotonFile Logo

PhotonFile - FAQ

Quick answers about Relay, Photon Vault, Secure Inbox, plans, File Passes, retries, limits, and how PhotonFile separates live transfer from persistent encrypted storage.

What is PhotonFile?

PhotonFile separates file operations. Relay moves files live. Secure Inbox collects from outsiders without workspace exposure. Photon Vault keeps files encrypted for persistence. Vault Sync maps specific Vaults to local folders. Teams coordinate access without automatically opening every Vault.

Relay transfers always travel over encrypted connections. In supported web-app browser flows, client-side encryption is on by default so only someone with your key can decrypt the file. You can turn it off for extra browser compatibility while the Relay connection still uses TLS. PhotonFile Desktop provides a richer native experience for send, receive, and Vault workflows. Vault applies client-side encryption before upload and is designed so PhotonFile stores encrypted data rather than plaintext vault contents.

How is PhotonFile different from a cloud drive?

PhotonFile separates file operations. Relay moves files live. Secure Inbox collects from outsiders without workspace exposure. Vault keeps files encrypted for persistence. Vault Sync maps specific Vaults to local folders. Teams coordinate access without automatically opening every Vault.

What is per-Vault sync?

Per-Vault sync means each Vault workspace or shared scope can map to its own local desktop folder. This avoids forcing every client, project, or team into one broad synced drive tree.

Why does PhotonFile Desktop ask to access Keychain on macOS?

PhotonFile Desktop uses your operating system's secure credential store: Keychain on macOS, Credential Manager on Windows, and Secret Service on Linux. On macOS, it reads and writes only PhotonFile's own named Keychain entries; it does not browse or retrieve your unrelated Keychain passwords, passkeys, or other app credentials.

Those entries can hold the app-agent secret, an opted-in persisted signed-in session, an optional remembered Vault password, and active protected-transfer resume secrets. PhotonFile stores references and non-secret operational state elsewhere when needed; the secret values stay in the operating system's secure store.

If you decline access, you can still use features that do not need persisted secure state, but saved sign-in, remembered Vault unlock, and protected-transfer resume may be unavailable or prompt again. Signing out clears the saved session and associated remembered Vault password. Locking Vault clears its unlocked key material from memory and removes the remembered Vault password. On macOS, choose Full removal in the installed PhotonFile uninstaller to remove PhotonFile data and its Keychain items for the current user.

Why does PhotonFile Desktop ask for macOS file or folder access?

macOS may ask for access when you choose files or folders for Relay, Vault uploads or downloads, or Vault Sync. PhotonFile uses the locations you select for that workflow; it does not need access to unrelated files just to open the app.

Vault Sync continues to need access to each local folder selected as a sync root so it can detect and apply changes there. Remove that sync root or revoke the app's macOS permission to stop access; sync for that folder will no longer run until access is restored.

Do team members need paid accounts?

In eligible team workspaces, the team owner's plan powers the team. Team members can join without per-seat billing, subject to plan limits. Pro includes 1 team up to 25 members; Studio includes unlimited teams and unlimited members.

Does team membership open every Vault?

No. Team membership gives someone team context, but Vault access is separate. Grant access to each Vault intentionally.

Can Secure Inbox senders see my Vault?

No. They get a focused upload page. They cannot browse Vault contents, see unrelated files, manage the workspace, or turn the upload link into team access.

When is a File Pass consumed?

A File Pass is consumed only after completed delivery. If the transfer fails before completion, the pass is not consumed and may be retried.

Can I move my PhotonFile account to another region?

PhotonFile supports Account Region Move for changing the home region or data center that owns your account and related workspace data. The process includes target-region selection, step-up verification, progress tracking, and sign-in through the new home region after completion.

What is my username used for?

Your username is a private login alias. It is not used as your public identity on Vault Share pages, Secure Inbox pages, team permission decisions, or audit/activity logs. PhotonFile uses your account identity and email address for recovery, permissions, ownership, and security-sensitive attribution.

Vault branding is separate from your account username and is intentionally user-controlled. If you change your username, the old username may become available to another account, but that does not transfer your vaults, teams, permissions, ownership, audit history, or account identity.

Do you store my files on your servers?

For Relay, PhotonFile is designed to avoid stored delivery. The relay holds file bytes in memory only long enough to move them from sender to receiver, then clears transient state when the session ends.

For Photon Vault, the answer is different: Vault is persistent encrypted storage by design. Files you choose to keep in Vault are stored as encrypted data so authorized clients can access them later, while PhotonFile is designed not to have the keys required to decrypt vault contents.

What is Photon Vault?

Photon Vault is persistent client-side encrypted storage for files you want to keep. It is built for long-term protection, private collaboration, scoped sharing, Secure Inbox, and versioning.

Where Relay is designed for live delivery, Vault is designed for retention. Files are encrypted on your device before upload, stored as encrypted data, and later decrypted only by authorized clients.

Can PhotonFile read my Vault files?

Photon Vault is designed so PhotonFile does not have access to the plaintext contents of vault files. Files are encrypted on the client before upload, and authorized clients decrypt them later.

PhotonFile still needs limited operational metadata to run the service, such as vault and object identifiers, file sizes, transfer activity, and share-link or upload events.

Should I use a File Pass or a subscription?

File Passes are pay-per-file. They are best for one-off large sends, with no ongoing commitment.

Subscriptions include a monthly pool of relay bandwidth for regular use, with overage billed at the same rate.

You can use both: if a file exceeds your plan's per-file limit, you can apply a File Pass for that transfer.

Use Vault when the file should stay. Vault storage is based on stored capacity, so retained files count against storage capacity instead of Relay transfer tiers.

What's a File Pass?

A File Pass lets you send files larger than what's allowed in the free tier, using the same Ephemeral File Transfer relay. Each pass covers one file.

File Passes can also be used alongside a subscription for occasional oversized transfers that exceed your plan's per-file size limit.

Is there a max file size?

Relay subscriptions and File Passes are transfer workflows, so they have transfer-size rules shown on the pricing page. Vault is different: it is persistent encrypted storage based on stored capacity. Large retained files are governed by storage capacity, overage, client environment, network conditions, account policy, and abuse controls.

What if my transfer fails?

If something breaks mid-transfer, you can retry. For File Pass transfers, the pass is only consumed once both sides have fully transmitted all required bytes through the relay and nothing remains in flight. If the transfer fails, your pass stays valid and you can try again.

How many retries do I get if there's a connection issue?

As many as you need. We log retry counts only to improve reliability, not to limit you. If a transfer ever fails, both peers see exactly what happened. No guessing, no hidden throttles, and no silent timeouts.

Do you support client-side encryption?

Yes. In supported web-app browser flows, PhotonFile can encrypt your file in the browser before it ever leaves your machine. PhotonFile Desktop provides a richer native experience for send, receive, and Vault workflows. The decryption key is encoded into the URL fragment (the part after #...), which never gets sent to the server.

That means the relay only sees encrypted chunks, and only someone you share the full link with can decrypt the content. If you want to understand the details, check the Technology page for diagrams and implementation notes.

What can I send?

Anything you're legally allowed to share. You are responsible for the content you transmit and for complying with local laws and our Terms of Service.

Why did you build this?

Because many "file transfer" services rely on stored delivery, throttle speeds, track users, or cap file sizes.

PhotonFile is built around an ephemeral-by-default model.
We built an Ephemeral File Transfer relay that keeps bytes in memory while they are moving, turns end-to-end client-side encryption on by default, and avoids surveillance economics.

If it's free, am I the product?

No. PhotonFile is funded by paid usage (subscriptions and File Passes), not by selling your data.

We do not inspect your files, sell file contents, or mine your transfers for marketing profiles. We may use limited measurement to understand whether ads are working, but this does not inspect your files and is not used to build cross-site behavioral profiles.

What are the limits of the free tier?

You can send files up to 10 GiB.

Free transfers use our standard pool and may be queued during periods of high demand. If you send large files regularly, check Pricing and Plans for options that include higher priority and additional features.