Your files are protected by multiple layers of security designed to ensure only you (and authorized Loophole systems) can access them. Here's how we keep your documents, images, and data safe.
Secure cloud storage
Your files are stored in AWS S3 - a secure, enterprise-grade cloud storage system used by major companies worldwide. Files are not stored on the Loophole website itself, but in a dedicated, encrypted storage infrastructure.
Time-limited access links
Every time you access a file, Loophole generates a temporary, secure access link. These links:
Expire after 5 minutes
Work only for the specific file they were created for
Cannot be shared or reused by others
Are cryptographically verified
This means even if someone intercepted a file link, it would stop working within minutes - and they wouldn't be able to use it to access other files.
Ownership verification
Before any file can be accessed, Loophole verifies:
You are logged into your account
The file belongs to you
Your session is valid and active
Only you (or Loophole administrators, when necessary) can view, edit, or delete your files. There's no way for other users to access files that don't belong to them.
Protected file actions
Every action you take on a file - uploading, renaming, adding notes, deleting - is protected by security verification. This prevents:
Unauthorized file modifications
Cross-site request forgery attacks
Session hijacking attempts
Encrypted connections
All file uploads and downloads happen over encrypted HTTPS connections, ensuring your data is protected in transit between your device and our servers.
Viewing file access logs
You can see every time your file has been accessed - including by Loophole AI.
To view your file's access history:
Go to your Files page
Click on any file to open the file details
Select the Logs tab
The Logs tab shows you:
Every upload, edit, or deletion action
When Loophole AI analyzed or updated the file
The date and time of each action
The IP address associated with each action (when applicable)
When Loophole AI accesses your files for processing, these actions are logged as "system actions" and clearly labeled. You'll see entries like:
"Loophole AI updated file name and added AI data"
"AI processing completed"
This gives you complete transparency into who has accessed your files and when.
What Loophole can see
For files you upload, Loophole's AI systems automatically:
Analyze images to generate descriptions
Extract text from documents via OCR
Transcribe video and audio content
Categorize files by content type
This processing is done to make your files searchable and useful within Loophole tools. All AI analysis happens securely within our infrastructure, and these actions are logged in your file's history.
Admin access
Loophole administrators can access your files when:
Troubleshooting technical issues you've reported
Responding to legal obligations
Investigating security or policy violations
Admin access is limited, logged, and only used when necessary.
What about deleted files?
When you delete a file, it's removed from our active storage and moved to a temporary holding area. Files in this area automatically expire and are permanently deleted after 1 day.
Once expired, files cannot be recovered by anyone - including Loophole.
No public links
Your files are never publicly accessible. There are no "share links" or public URLs. Files can only be accessed by:
You (while logged in)
Loophole AI systems (for processing)
Loophole administrators (when necessary)
What if my account is compromised?
If you believe your account has been compromised:
Change your password immediately
Review your file access logs for suspicious activity
Contact support at Security [at] Loophole (dot) com
We monitor for unusual access patterns and will notify you if we detect suspicious activity on your account.