Two things to keep in mind. Trusting the code: since we send the scrambling code to your browser, you are trusting that our code is doing what we say. If you are a coder, you can view the source to verify. Browser extensions: some extensions like coupon finders or sketchy ad-blockers can see what is on your screen or read your full URL. For top-secret sharing, use an Incognito or Private window where extensions are turned off.

Privacy Policy & FAQs

Q: Can you read my messages?

No. To us, your data looks like a3f9c2b1e7... which is just random characters. Without the key that stays on your device, it is impossible to read. We could not peek even if we wanted to.

1 Encryption: The lockbox in your browser

Think of TamingShare like a high-tech lockbox. When you create a paste, your browser scrambles your text into total gibberish before it ever leaves your device.

We use AES-256-GCM, which is the same level of security banks use. By the time data hits our servers, it’s already unreadable. Since we never get the key to unlock it, even if someone hacked our database, all they would find is a pile of digital junk.

2 The # trick: What we do not see cannot hurt you

Your link looks like this: tamingshare.com/view/id=123#your-secret-key

The secret sauce is the # symbol. Browsers follow a hard rule: anything written after the # stays on your computer and is never sent to the website’s server. When your friend opens the link, their browser sees the key and unlocks the message locally. We are just the middleman holding a box we physically cannot open.

3 No paper trail

Normally, when you click a link, your browser whispers to the next site that you just came from TamingShare. That is a problem if your secret key is in the link.

We use a no-Referrer policy to shut that down. It tells your browser to keep its mouth shut. If there is a link inside your message and you click it, the next website has no idea where you came from. This keeps your key totally private.

4 Your IP address

We do not keep logs of who you are. To stop people from spamming the site, we briefly check your IP address, but we “salt and hash” it. This basically turns it into a random code that changes every 24 hours. We delete those codes every day. After 24 hours, there is zero record you were ever here.

Frequently Asked Questions

Can you read my messages?

No. To us, your data looks like a3f9c2b1e7… — which is just random characters. Without the key that stays on your device, it is impossible to read. We could not peek even if we wanted to.

What is “Burn after reading”?

This is the self-destruct button. The second someone confirms they have read the message, it is deleted from our servers forever.

Note: it only deletes once they click Confirm. This prevents accidental deletions from link previews or bots checking the link.

Is there a catch?

There are two things to keep in mind:

Trusting the Code: Since we send the scrambling code to your browser, you are trusting that our code is doing what we say. If you are a coder, you can view the source of this page to see the full encryption-in-the-browser code for yourself.
Browser Extensions: Some browser extensions like coupon finders or sketchy ad-blockers can see what is on your screen or read your full URL. If you are sharing something super top-secret, it is best to use an Incognito or Private window where your extensions are turned off.

Back to home

Privacy & FAQs

Privacy

1 Encryption: The lockbox in your browser

2 The # trick: What we do not see cannot hurt you

3 No paper trail

4 Your IP address

Frequently Asked Questions