search

Trust Center

This section contains public documentation about how Foldly handles data, secures access, and operates its infrastructure. It is written for workspace owners, security reviewers, procurement teams, and anyone evaluating Foldly for their organization.

For legal terms, see the Privacy Policyarrow-up-right and Terms of Servicearrow-up-right.

hashtag
Published Pages

Security & Data Handling What data Foldly stores and processes, how files are stored, how access is controlled, encryption practices, rate limiting, malware scanning, and retention behavior.

Upload Links and Access Controls How shareable upload links work, the difference between public and dedicated links, the three access roles (owner, editor, uploader), editor email verification, and the protections workspace owners can configure on each link.

Google Data Access and Gmail Import What data Foldly reads from Gmail, how OAuth tokens are handled, what is stored after import, how to disconnect, and how to revoke access at the Google level.

Subprocessors The third-party service providers Foldly uses, what data each provider receives, which providers are active by default, and which are conditional.

hashtag
What These Pages Cover

These pages describe Foldly's current production behavior. They are based on the shipping codebase and published legal pages. They do not make forward-looking commitments or restate provider-specific terms.

Topics addressed across the documentation set include:

  • Data categories stored and processed

  • File storage architecture and provider options

  • Authentication and session management

  • Encryption at rest (link passwords, OAuth tokens)

  • Rate limiting and abuse prevention

  • Malware scanning

  • Upload link access controls and permissions

  • Editor email verification (OTP)

  • Gmail integration and imported data lifecycle

  • Retention, deletion, and customer control

  • Subprocessor inventory

hashtag
What These Pages Do Not Cover

Foldly does not currently make public claims about the following topics:

  • Compliance certifications (SOC 2, ISO 27001, HIPAA)

  • Data residency guarantees

  • Data processing agreements (DPAs)

  • Formal subprocessor change notification programs

  • End-to-end encryption for uploaded files

hashtag
Questions

For questions about Foldly's security, data handling, or trust documentation, contact [email protected]envelope.

Last updated: March 29, 2026

NextSecurity & Data Handling

Last updated

Was this helpful?