Tresorit is a private cloud storage service, and the company has just released its first transparency report today. It covers everything from the day of incorporation in 2013 to November 30, 2017. Included in the report is the amount of government requests the company has gotten.
The company uses end-to-end encryption to secure user data. Data is stored in Microsoft Azure data centers in Ireland, and is protected under Swiss and Hungarian law. Additionally, the data can only be handed to authorities in compliance with the Swiss Federal Act on International Mutual Assistance in Criminal Matters.
During the period from 2013 to 2017, Tresorit has received one informal request from a Swiss police authority to retain certain user data. However, no official decision was made on the case by Swiss authorities, so the data was never handed over. No requests were made by foreign authorities such as the United States.
Since the data is encrypted, it can’t realistically be viewed by authorities anyway. However, what Tresorit can share includes non-content user data such as:
- Email address used with the account
- Phone number (if provided)
- Billing information: address, last 4 digits of credit card, credit card expiration date
- IP addresses where the user accessed the data from
- Tresor names, basic activity data, device name
Suffice it to say, the company is doing well in terms of dodging government requests. Even though data is stored with Microsoft Azure, Tresorit only uses EU servers. So even though Microsoft is a U.S. company, the data stays within EU grounds.