Quick answers about Relay, Photon Vault, Secure Inbox, plans, File
Passes, retries, limits, and how PhotonFile separates live transfer
from persistent encrypted storage.
What is PhotonFile?
PhotonFile separates file operations. Relay
moves files live. Secure Inbox collects from
outsiders without workspace exposure. Photon Vault
keeps files encrypted for persistence. Vault Sync
maps specific Vaults to local folders. Teams
coordinate access without automatically opening every Vault.
Relay transfers always travel over encrypted connections. In
supported web-app browser flows,
client-side encryption is on by default so
only someone with your key can decrypt the file. You can turn
it off for extra browser compatibility while the Relay
connection still uses TLS. PhotonFile Desktop provides a richer
native experience for send, receive, and Vault workflows.
Vault applies client-side encryption before upload and is
designed so PhotonFile stores encrypted data rather than
plaintext vault contents.
How is PhotonFile different from a cloud drive?
PhotonFile separates file operations. Relay moves files live.
Secure Inbox collects from outsiders without workspace exposure.
Vault keeps files encrypted for persistence. Vault Sync maps
specific Vaults to local folders. Teams coordinate access
without automatically opening every Vault.
What is per-Vault sync?
Per-Vault sync means each Vault workspace or shared scope can
map to its own local desktop folder. This avoids forcing every
client, project, or team into one broad synced drive tree.
Why does PhotonFile Desktop ask to access Keychain on macOS?
PhotonFile Desktop uses your operating system's secure credential store: Keychain on macOS,
Credential Manager on Windows, and Secret Service on Linux. On macOS, it reads and writes
only PhotonFile's own named Keychain entries; it does not browse or retrieve your unrelated
Keychain passwords, passkeys, or other app credentials.
Those entries can hold the app-agent secret, an opted-in persisted signed-in session, an
optional remembered Vault password, and active protected-transfer resume secrets. PhotonFile
stores references and non-secret operational state elsewhere when needed; the secret values
stay in the operating system's secure store.
If you decline access, you can still use features that do not need persisted secure state,
but saved sign-in, remembered Vault unlock, and protected-transfer resume may be unavailable
or prompt again. Signing out clears the saved session and associated remembered Vault
password. Locking Vault clears its unlocked key material from memory and removes the
remembered Vault password. On macOS, choose Full removal in the installed
PhotonFile uninstaller to remove PhotonFile data and its Keychain items for the current user.
Why does PhotonFile Desktop ask for macOS file or folder access?
macOS may ask for access when you choose files or folders for Relay, Vault uploads or
downloads, or Vault Sync. PhotonFile uses the locations you select for that workflow; it
does not need access to unrelated files just to open the app.
Vault Sync continues to need access to each local folder selected as a sync root so it can
detect and apply changes there. Remove that sync root or revoke the app's macOS permission
to stop access; sync for that folder will no longer run until access is restored.
Do team members need paid accounts?
In eligible team workspaces, the team owner's plan powers the
team. Team members can join without per-seat billing, subject to
plan limits. Pro includes 1 team up to 25 members; Studio
includes unlimited teams and unlimited members.
Does team membership open every Vault?
No. Team membership gives someone team context, but Vault
access is separate. Grant access to each Vault intentionally.
Can Secure Inbox senders see my Vault?
No. They get a focused upload page. They cannot browse Vault
contents, see unrelated files, manage the workspace, or turn the
upload link into team access.
When is a File Pass consumed?
A File Pass is consumed only after completed delivery. If the
transfer fails before completion, the pass is not consumed and
may be retried.
Can I move my PhotonFile account to another region?
PhotonFile supports Account Region Move for changing the home
region or data center that owns your account and related
workspace data. The process includes target-region selection,
step-up verification, progress tracking, and sign-in through the
new home region after completion.
What is my username used for?
Your username is a private login alias. It is not used as your
public identity on Vault Share pages, Secure Inbox pages, team
permission decisions, or audit/activity logs. PhotonFile uses
your account identity and email address for recovery,
permissions, ownership, and security-sensitive attribution.
Vault branding is separate from your account username and is
intentionally user-controlled. If you change your username, the
old username may become available to another account, but that
does not transfer your vaults, teams, permissions, ownership,
audit history, or account identity.
Do you store my files on your servers?
For Relay, PhotonFile is designed to avoid
stored delivery. The relay holds file bytes in memory only long
enough to move them from sender to receiver, then clears
transient state when the session ends.
For Photon Vault, the answer is different:
Vault is persistent encrypted storage by design. Files you
choose to keep in Vault are stored as encrypted data so
authorized clients can access them later, while PhotonFile is
designed not to have the keys required to decrypt vault
contents.
What is Photon Vault?
Photon Vault is persistent
client-side encrypted storage for files you
want to keep. It is built for long-term protection, private
collaboration, scoped sharing, Secure Inbox, and versioning.
Where Relay is designed for live delivery, Vault is designed
for retention. Files are encrypted on your device before
upload, stored as encrypted data, and later decrypted only by
authorized clients.
Photon Vault is designed so PhotonFile does not have access to
the plaintext contents of vault files. Files are encrypted on
the client before upload, and authorized clients decrypt them
later.
PhotonFile still needs limited operational metadata to run the
service, such as vault and object identifiers, file sizes,
transfer activity, and share-link or upload events.
File Passes are pay-per-file. They are best
for one-off large sends, with no ongoing commitment.
Subscriptions include a monthly pool of relay
bandwidth for regular use, with overage billed at the same
rate.
You can use both: if a file exceeds your plan's per-file
limit, you can apply a File Pass for that transfer.
Use Vault when the file should stay. Vault storage is based on
stored capacity, so retained files count against storage
capacity instead of Relay transfer tiers.
Relay subscriptions and File Passes are transfer workflows, so
they have transfer-size rules shown on the pricing page. Vault
is different: it is persistent encrypted storage based on stored
capacity. Large retained files are governed by storage capacity,
overage, client environment, network conditions, account policy,
and abuse controls.
What if my transfer fails?
If something breaks mid-transfer, you can retry. For File Pass
transfers, the pass is only consumed once both sides have fully
transmitted all required bytes through the relay and nothing
remains in flight. If the transfer fails, your pass stays valid
and you can try again.
How many retries do I get if there's a connection issue?
As many as you need. We log retry counts only to improve
reliability, not to limit you. If a transfer ever fails, both
peers see exactly what happened. No guessing, no hidden
throttles, and no silent timeouts.
Do you support client-side encryption?
Yes. In supported web-app browser flows, PhotonFile can
encrypt your file in the browser before it
ever leaves your machine. PhotonFile Desktop provides a richer
native experience for send, receive, and Vault workflows. The
decryption key is encoded into the URL fragment (the part after
#...), which never gets sent to the server.
That means the relay only sees encrypted chunks, and only
someone you share the full link with can decrypt the content.
If you want to understand the details, check the
Technology
page for diagrams and implementation notes.
What can I send?
Anything you're legally allowed to share. You are responsible
for the content you transmit and for complying with local laws
and our Terms of Service.
Why did you build this?
Because many "file transfer" services rely on stored delivery,
throttle speeds, track users, or cap file sizes.
PhotonFile is built around an ephemeral-by-default model.
We built an Ephemeral File Transfer relay that keeps bytes in
memory while they are moving, turns end-to-end client-side
encryption on by default, and avoids surveillance economics.
If it's free, am I the product?
No. PhotonFile is funded by paid usage (subscriptions and File
Passes), not by selling your data.
We do not inspect your files, sell file contents, or mine your
transfers for marketing profiles. We may use limited
measurement to understand whether ads are working, but this
does not inspect your files and is not used to build
cross-site behavioral profiles.
What are the limits of the free tier?
You can send files up to 10 GiB.
Free transfers use our standard pool and may be queued during
periods of high demand. If you send large files regularly,
check
Pricing
and
Plans
for options that include higher priority and additional
features.