Protect the source.
Files aren’t attachments. They’re intellectual property — term sheets, cap tables, patents, and strategy.
In standard cloud storage, data can be indexed, scanned, or viewed by platform admins. Convenience comes with exposure.
Qaxa is built for secure file sharing. Every file is end-to-end encrypted, and keys stay with you — so only people you invite can open it.
Details
Clear answers. No marketing.
Your chats, tasks, notes, and files are end-to-end encrypted on your device. Qaxa never gets your keys — so we can’t read your content.
To connect people and deliver invitations, email addresses are handled unencrypted. We use email addresses strictly for invitations and account lookup. That’s it.
We can only provide what we can access. Since your content is end-to-end encrypted, we can’t hand over readable messages, files, tasks, or notes — because we don’t have the keys.
You can reset your password to regain account access. But your data stays encrypted — Qaxa can’t decrypt it for you. To restore access to your encrypted chats, tasks, notes, and files, you’ll need your seed phrase (recovery key).
Spaces are invite-only. Access is enforced by membership, and changes are logged (invites, removals, key events). When someone joins a Space, they can see the Space history. Everything stays encrypted inside the Space.
We use OpenPGP.js — a modern, well-reviewed OpenPGP library (PGP in JavaScript). It’s the same library used in Proton’s web clients. Encryption happens on your device, and your keys stay with you.
We don’t run trackers or sell behavioral data. We minimize metadata and avoid building a “global feed” of your activity.
Encrypted data is stored on EU servers. Content stays encrypted at rest and in transit — only your devices can decrypt it.
