WeTransfer alternative
Share your files without anyone being able to read them.
The WeTransfer alternative for sensitive data: end-to-end encryption, European hosting, and no account for the recipient. The host cannot read your files — guaranteed by cryptography, not by a promise.
Convenient doesn’t mean compliant
WeTransfer is fast — but your files pass through it in the clear, at non-EU sub-processors, on a service whose terms recently drew fire. For a contract, a payslip, an ID or a patient record, that’s not a detail: it’s personal data you hand, readable, to a third party. Filarr keeps the simplicity of a link — but encrypts everything before it leaves.
WeTransfer vs Filarr
| Capability | WeTransfer | Filarr |
|---|---|---|
| End-to-end encryption | No — files are readable by the service | Yes — the key never leaves your browser |
| Hosting | US sub-processors | Encrypted storage in Europe (Frankfurt) |
| AI training on your files | 2025 terms controversy, later walked back | Impossible — we only ever see ciphertext |
| Account required to deposit | No, but no structured collection | No — plus per-depositor tracking, reminders, checklist |
| DPA (GDPR Article 28) | On paid tiers | Available and signable |
| Revoking a link | Limited | Any time — the encrypted file is deleted |
Comparison provided for information from public sources; third-party offerings change over time.
How it works
1. Drop your file
It’s encrypted in your browser before a single byte leaves. The key stays with you.
2. Share the link
By email, message, QR. The decryption key travels in the fragment (#) — never sent to our servers.
3. The recipient downloads
The file decrypts in their browser, no account. You can revoke the link at any time.
Need to receive files instead of sending them? The file request does the reverse: a link others deposit into, decryptable only by you.
Frequently asked questions
Why is WeTransfer a GDPR concern?+
Files pass in the clear through a service whose sub-processors are in the US (a Schrems II transfer question), and the 2025 controversy over terms allowing AI training was a reminder that content is server-accessible. For sensitive data — IDs, HR files, health documents, accounting records — that model is hard to defend to a DPO.
How is Filarr different?+
Each file is encrypted in your browser (AES-256-GCM) before anything is sent. The key travels in the URL fragment (#), the part of a link browsers never send to the server. Our servers only ever store opaque ciphertext: we cannot read, scan or hand over your files, even on legal demand. That’s end-to-end encryption, not just European hosting.
Does my recipient need an account?+
No. To send, you get a link; to receive, you create a deposit request and the depositor opens the link and drops their files — no account, no install, from their phone if needed.
How large can files be?+
Up to 2 GB per send on the web, encrypted and uploaded in chunks (no RAM limit). The Filarr desktop app goes far beyond.
Is it really free?+
Encrypted sending and file requests are free, no account. A free account adds the dashboard (account-bound keys, cross-device management). Filarr for Teams — your-brand pages, batch sending, audit log, per-recipient tracking — is paid. See pricing.
Try it on your next send
Free, no account, no install. The file is encrypted before it leaves your device.