Privacy Policy
Last updated: February 11, 2026
RegSecure is built on a zero-backend architecture. We do not store, process, or have access to your video calls, documents, signatures, recordings, or chat messages. Your data stays in your browser and is transmitted directly to your peer — never through our servers.
1. Who We Are
RegSecure® is a product of Particular Ltd. ("we," "us," "our"). Our platform provides encrypted video consultations, document signing, file sharing, session recording, and chat for regulated industries.
Contact: contact@regsecure.com
2. Our Architecture — Why This Policy Is Short
Unlike traditional SaaS platforms, RegSecure has no application servers, no databases, and no file storage. All session content is processed entirely within your browser and transmitted peer-to-peer using end-to-end encrypted WebRTC connections.
This means we physically cannot access your data — not because of a policy decision, but because of how the system is built.
3. What We Do and Do Not Collect
| Data Type | Collected? | Details |
|---|---|---|
| Video & audio streams | No | Peer-to-peer via WebRTC. Never touches our servers. |
| Documents & signatures | No | Transferred via encrypted WebRTC data channel. |
| Session recordings | No | Recorded locally in your browser's memory (RAM). Never uploaded. |
| Chat messages | No | Sent via encrypted data channel. Not stored anywhere. |
| Shared files | No | Transferred peer-to-peer via encrypted WebRTC data channel. Never stored on any server. |
| User accounts / passwords | No | RegSecure does not require registration or login. |
| Cookies | No | We do not use cookies. |
| Analytics / tracking | No | No analytics scripts, no tracking pixels, no third-party analytics. |
| WebSocket signaling data | Transient only | Connection setup messages pass through our relay server to establish P2P connections. These are not logged or stored. Once the peer-to-peer connection is established, the relay is no longer involved. |
| IP addresses | Transient only | Standard web server logs may temporarily contain IP addresses at the infrastructure level (Cloudflare, Hetzner). We do not actively collect or analyze these. |
4. Third-Party Services
Our infrastructure uses the following third-party services:
| Service | Purpose | Data Exposure |
|---|---|---|
| Cloudflare Pages | Hosts the static application files | Standard CDN logs (IP, page requested). No session content. |
| Hetzner (Relay Server) | WebSocket signaling for connection setup | Transient signaling messages only. No media or document content. |
| Google STUN Servers | NAT traversal for WebRTC | IP address (standard WebRTC protocol). No session content. |
None of these services have access to your video, audio, documents, signatures, recordings, or chat messages.
5. Data Retention
Since we do not collect user content, there is nothing to retain. Session data exists only in participants' browsers during active sessions and is lost when the browser tab is closed.
If you make a recording, it exists only in your browser's memory until you download it or close the tab. We never have access to recordings.
6. Your Rights
Because we do not collect or store personal data from your sessions, traditional data subject rights (access, deletion, portability) do not apply to session content — we simply do not have it.
If you have questions about any data that may exist in infrastructure logs (such as IP addresses in Cloudflare or server logs), you may contact us at contact@regsecure.com and we will respond within 30 days.
7. Children's Privacy
RegSecure is intended for professional use in regulated industries. We do not knowingly provide services to children under 16. If you believe a child has used RegSecure, please contact us.
8. Security
All media streams are encrypted using DTLS-SRTP (mandatory in WebRTC). Data channel communications are encrypted using DTLS. These are industry-standard encryption protocols that operate end-to-end between participants.
Our relay server handles only connection signaling and never has access to encryption keys or session content.
9. International Data Transfers
Because session content travels directly between participants' browsers (peer-to-peer), RegSecure does not transfer your data internationally. The static application files are served via Cloudflare's global CDN. The signaling relay server is located in Germany (Hetzner, EU).
10. Changes to This Policy
We may update this policy from time to time. Changes will be posted on this page with an updated date. If we make material changes to how we handle data, we will provide notice on our website.
11. Contact
If you have questions about this privacy policy or our data practices:
Particular Ltd.
Email: contact@regsecure.com
Website: regsecure.com
If you have questions about any data that may exist in infrastructure logs (such as IP addresses in Cloudflare or server logs), you may contact us at contact@regsecure.com and we will respond within 30 days.