NEWSharebrand has a new home — we're now at sharebrand.com. Same product, same team, better address.Read more
NEWIntroducing White-label Reseller — run a branded file sharing platform under your own name. Your brand, your pricing, your revenue. →Learn more
AFFILIATERefer customers and earn 25% on every sale. Monthly and annual plans included.Join now

Privacy policy

Last updated: March 17, 2026

Introduction

Sharebrand is a service owned and operated by Tarkle Limited, a company incorporated in Hong Kong ("Sharebrand," "we," "us," "our"). Tarkle Limited is the data controller for all personal data collected through the Services. Licences are sold through Tarkle, Inc., an authorised reseller incorporated in Wyoming, United States. Tarkle, Inc. handles billing and payment processing in its capacity as reseller only and is not the data controller.

We operate a branded file sharing platform designed for client-facing businesses. This Privacy Policy explains how we collect, use, protect, and share your information when you use our services. We are committed to transparency and protecting your data while providing you with professional file sharing tools that put your brand first.

Our primary domain is sharebrand.com. We also operate sharebrand.io, sharebrand.co, sharebrand.app, sharebrand.ca, and sharebrand.co.uk. All domains are owned and operated by Tarkle Limited. This Privacy Policy applies to all of these domains and any services operated through them. You may receive billing communications from Tarkle, Inc. as our authorised reseller. All other communications are sent by or on behalf of Tarkle Limited.

What information we collect

Account information

When you create an account, we collect your name, email address, company name, and billing information. You may also provide optional information such as job title and phone number.

Files and content

We store the files and content you upload to our platform, including documents, images, videos, and any other files you choose to share through Sharebrand. This content remains your property and is stored securely on our infrastructure.

Usage data

We automatically collect information about how you interact with our platform, including pages visited, features used, time spent, browser type, device information, IP address, and referring URLs. This helps us understand how the platform is being used and where we can improve.

Cookies and tracking technologies

We use essential cookies for authentication and platform functionality, and privacy-respecting analytics tools to understand usage patterns. For full details on what we collect and how to manage it, please read our Cookie Policy.

How we use your information

We use your information to:

  • Provide, operate, and maintain our branded file sharing platform.
  • Process your transactions and manage your account.
  • Send you important updates, security alerts, and support messages.
  • Respond to your questions and provide customer support.
  • Analyse usage patterns to improve the platform and develop new features.
  • Detect, prevent, and address security issues or fraudulent activity.
  • Comply with legal obligations and enforce our terms of service.
  • Send you marketing communications only if you have opted in.

Data storage and security

Your data is primarily hosted on Cloudflare's infrastructure, utilising enterprise-grade data centres in both European Union and United States regions. Cloudflare provides CDN delivery, DDoS protection, and primary file storage for all active workspaces.

In the event of a primary infrastructure failure, we maintain a comprehensive backup system through Backblaze's data centres, also located in the EU and US. Backup transfers are managed securely by SimpleBackups using encrypted transfer protocols.

Our security measures include encryption of data in transit and at rest, regular security audits and vulnerability assessments, strict access controls limited to authorised personnel, automated backup systems with regular verification, 24/7 monitoring for suspicious activity, and secure authentication protocols.

Data retention

We retain your data for as long as your account is active or as needed to provide you services. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or compliance purposes.

How we share your information

We never sell your data. We only share your information in the following limited circumstances.

Service providers

We work with trusted third-party service providers who help us operate our platform. These providers are bound by strict data protection agreements and can only access data necessary for their specific functions. See the sub-processors table below.

Legal requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety, or that of our users or the public. We will notify affected users of government data requests to the extent permitted by applicable law.

Business transfers

If Sharebrand is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and your options in that event.

With your consent

We may share your information with third parties when you explicitly give us permission to do so.

Your privacy rights

You have the following rights regarding your personal data.

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Update or correct inaccurate information.
  • Deletion: Request deletion of your personal data.
  • Export: Download your data in a portable format.
  • Opt-out: Unsubscribe from marketing communications at any time.
  • Object: Object to certain types of data processing.
  • Restrict: Request that we limit how we use your data.

To exercise any of these rights, please visit our contact page. We will respond to your request within 30 days.

International data transfers

Sharebrand is operated by Tarkle Limited, incorporated in Hong Kong. Your data may be transferred to and processed in Hong Kong, the United States, or other countries where our service providers operate. We ensure that all international data transfers comply with applicable data protection laws, including the GDPR, through Standard Contractual Clauses approved by the European Commission, adequacy decisions where applicable, and other appropriate safeguards as required by law.

GDPR compliance

The General Data Protection Regulation (GDPR) applies to organisations that offer goods or services to, or monitor the behaviour of, individuals within the European Union and European Economic Area. Sharebrand is committed to GDPR compliance.

Legal bases for processing

We process personal data under the following legal bases.

  • Contract: Processing necessary to provide our Services to you.
  • Legitimate interests: Improving our platform, security monitoring, and preventing fraud.
  • Consent: Where you have given explicit permission, for example for marketing communications.
  • Legal obligation: Where required by applicable law.

Your rights under the GDPR

If you are located in the EU or EEA, you have the following rights in addition to those listed above.

  • Right of access (Art. 15): Obtain confirmation of whether we process your data and receive a copy.
  • Right to rectification (Art. 16): Request correction of inaccurate personal data.
  • Right to erasure (Art. 17): Request deletion where processing is no longer necessary.
  • Right to restriction (Art. 18): Request that we limit processing in certain circumstances.
  • Right to data portability (Art. 20): Receive your data in a structured, machine-readable format.
  • Right to object (Art. 21): Object to processing based on legitimate interests.
  • Right to withdraw consent: Where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any GDPR right, please visit our contact page. We will respond within 30 days. If you are unsatisfied with our response, you have the right to lodge a complaint with your local supervisory authority.

Data Processing Agreement

Reseller customers who act as data controllers under the GDPR and process personal data of EU or EEA individuals through the Sharebrand platform may require a Data Processing Agreement. To request a DPA, please contact us through our contact page.

Sub-processors

To deliver the Sharebrand service, Tarkle Limited engages trusted sub-processors who may process personal data on its behalf. All sub-processors are bound by data protection agreements consistent with GDPR requirements. We will notify customers who have requested DPA notifications of any additions or removals.

The information in this section does not constitute legal advice and is for general informational purposes only. Consult your attorney for advice on any specific legal matter.

Sub-processorPurposeLocationWebsite
Cloudflare, Inc.CDN, DDoS protection, primary cloud infrastructureUSA / EUcloudflare.com
Vercel, Inc.Application hosting and deploymentUSAvercel.com
Supabase, Inc.Database and authenticationUSAsupabase.com
Backblaze, Inc.Redundant cloud storage and backupsUSA / EUbackblaze.com
SimpleBackupsAutomated backup orchestration and secure transferEUsimplebackups.com
White Shores Tech d.o.o.SaaS custom domain provisioningEU
Stripe, Inc.Payment processingUSAstripe.com
Tarkle, Inc.Principal authorised reseller — licence sales, billing, and payment processingUSAtarkle.com
Sanity ASContent management systemNorwaysanity.io
Vercel, Inc. (Vercel Analytics)Web analytics and performance monitoringUSAvercel.com
Conva Ventures, Inc. (Fathom Analytics)Privacy-first web analyticsCanadausefathom.com
Google LLCWorkspace — email, calendar, docsUSAgoogle.com
Anthropic PBCAI / machine learningUSAanthropic.com
OpenAI, LLCAI / machine learningUSAopenai.com
Linear Orbit, Inc.Issue tracking and product managementUSAlinear.app
Gleap GmbHLive chat, customer support, user feedback, and feature requestsAustriagleap.io
Slack Technologies, LLCInternal team communicationUSAslack.com
GitHub, Inc.Source code hosting and version controlUSAgithub.com

California privacy rights (CCPA/CPRA)

The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) establish privacy rights for California residents. Sharebrand does not sell your Personal Information. We do not share it for cross-context behavioural advertising.

California residents have the right to know what Personal Information we collect, how it is used, and with whom it is shared; the right to request deletion; the right to correct inaccurate information; and the right to non-discrimination for exercising these rights.

To submit a verifiable consumer request, please visit our contact page. We will respond within 45 days. You may designate an authorised agent to submit a request on your behalf.

The information in this section does not constitute legal advice and is intended for general informational purposes only.

Reseller accounts and sub-client data

Sharebrand offers a Reseller account that allows businesses to operate a white-label file-sharing platform for their own clients. When you operate a Reseller Platform, you act as the data controller for your Sub-Clients' personal data. Sharebrand acts as a data processor on your behalf, storing and processing Sub-Client files and data only as necessary to provide the infrastructure services to you.

As a Reseller and data controller, you are responsible for maintaining your own privacy policy for Sub-Clients, obtaining any required consents, handling Sub-Client data access and deletion requests, notifying Sub-Clients of any security incidents, and complying with applicable data protection laws in the jurisdictions where you operate.

If a Reseller account is suspended or terminated, Sharebrand retains Sub-Client data for up to 30 days following termination, after which all associated data is permanently deleted. Sharebrand is not responsible for notifying Sub-Clients of data deletion.

Children's privacy

Sharebrand is a business-to-business platform and is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information.

Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by posting the updated policy on this page, updating the last updated date, and for significant changes, providing notice by email. We encourage you to review this policy periodically.

Contact

For questions about this document or our data practices, please visit our contact page.

Tarkle Limited
Unit B, 11/F Yam Tze Commercial Building
23 Thomson Road, Wan Chai
Hong Kong 999077

Tarkle, Inc. — principal authorised reseller
1309 Coffeen Avenue, Suite 15023
Sheridan, Wyoming 82801
United States

Related pages

Privacy policyTerms of serviceRefund policyWhite-label reseller termsBusiness services agreementAcceptable use policyDMCA policyCookie policyImprintAboutContact