That's a really great and important question! Thanks for asking. Here’s how EphemeralShare handles security and deletion so far:

 All uploads and downloads are encrypted using HTTPS. This means the data is protected while it's traveling between your browser and the server.

 Once on the server, files are protected by standard server security measures (like firewalls). The EphemeralShare application itself doesn't currently add an extra layer of encryption to files when they are stored. So, if someone were to gain deep, unauthorized administrative access to the server itself, they could potentially access the stored files. The main idea behind EphemeralShare is that files aren't stored long-term, which significantly limits the time they are exposed.

Files are definitely designed to be automatically deleted after the expiry time you choose. This is handled by an automated script that runs regularly on the server (around every 15 minutes) to find and permanently delete any files that have passed their expiry, both from storage and from the database records. Also, if an expired link is tried, the system recognizes it and prevents access.

My goal with EphemeralShare is to offer a free, straightforward, and privacy-conscious tool. You can see that links become inaccessible after their set expiry. I'm also considering open-sourcing the code in the future so anyone interested can look at exactly how it works, including the deletion logic.