Trust Center
Trust in Shhhs is based on verifiable boundaries: client-side encryption for supported secret content, metadata-only operations, no secret recovery, and no AI processing on secrets. Signed legal, audit, SLA, and DPA materials are available only through reviewed commercial or Enterprise processes.
01
Supported secret content is encrypted by the client before upload. Shhhs stores and transfers ciphertext plus the operational metadata required to enforce access and lifecycle rules.
02
Shhhs does not read, profile, train on, index, or sell secret content. Operational metadata exists only where needed for lifecycle, abuse control, billing, audit, and support boundaries.
03
Shhhs publishes current public service posture at status.shhhs.net. That page does not claim historical uptime, an external SLA, or incident automation beyond the deployed service controls.
04
Current public subprocessors are described by function and boundary. Shhhs does not use subprocessors to process plaintext secret content with AI or analytics.
05
Public legal and billing pages expose only the currently configured policy boundary. Commercial contracts, DPA review, and Enterprise materials are handled through the contact flow.
06
Responsible disclosure is accepted through the contact flow until a dedicated security contact or reporting URL is configured. Reports must use test data and must not include live secrets.
07
Technical reviewers can start from a single public packet that links crypto boundaries, metadata retention, threat model, API, CLI, MCP, responsible disclosure, and current audit limitations.
No. There is no AI processing on secret content.
No. Secret recovery would weaken the privacy model.
Support can help cancel billing after billing validation, but cannot restore account access or secret content.