Zum Inhalt springen
Unabhängig verifiziert · Quartalsweises Re-Audit
EU VETTED

Filen

VERIFIZIERT
Dateifreigabe · Germany
Gegründet 2021 · filen.io ↗

German zero-knowledge E2E cloud (Filen Cloud Dienste UG, Recklinghausen, 2021), Tier IV ISO 27001 DCs, no US data, open source apps.

Kurzfassung

Filen aus der Kategorie Dateifreigabe ist ein europäischer Dienst mit Germany als Hosting-Standort und höchstens geringfügigem, vorübergehendem US-Bezug nach dem CLOUD Act.

Bewertungsnotizen

Filen Cloud Dienste UG (Recklinghausen, Germany; founded mid-2021 by Jan Lenczyk, Jan Kulartz, and Phil Hedrich) runs an explicit ''next-generation zero-knowledge end-to-end encrypted cloud'' from Tier IV ISO 27001-certified German data centres with no data stored in the United States, AES-256 client-side encryption, open-source applications on GitHub, and a founder-led cap table with no external venture capital; sub-processors are disclosed on the /privacy page (Stripe IE, PayPal US, Cloudflare US, Sentry US); EU-owned and EU-hosted with only minor CLOUD Act exposure: the US-jurisdiction sub-processors are all transient (payments, error telemetry, bot protection) and, because storage is zero-knowledge end-to-end encrypted, none of them can read file content; zero-knowledge E2E encryption, open-source clients, and disclosed sub-processors; the key documentation gap is no standalone public DPA URL.

CLOUD ACT
OWNERSHIP
SUB-PROCS
7 · 5 US
Geprüfte Signale
Jurisdiktion
  • EU-/Angemessenheits-Hosting
  • EU-/Angemessenheits-Betreiber
  • Keine US-CLOUD-Act-Exposition
Transparenz
  • Öffentlicher AVV
  • Unterauftragsverarbeiter offengelegt
  • Open-Source-Clients
  • Zertifizierung durch Dritte
JUMP TO
OVERVIEW

Über Filen

Filen is a German-headquartered zero-knowledge end-to-end encrypted cloud-storage product operated by Filen Cloud Dienste UG (haftungsbeschränkt), founded in mid-2021 in Recklinghausen, Germany by Jan Lenczyk (CEO + CTO), Jan Kulartz (COO + CMO), and Phil Hedrich (CDO + Customer Care). The product is structurally similar to Mega and Internxt (every file is encrypted on the user's device with AES-256 before it leaves the client, the encryption keys never reach Filen's servers, and the company mathematically cannot read uploaded content) and ships as Filen Drive, Filen Notes, Filen Chats, Filen Sync, and a network-drive client across Windows, macOS, Linux, iOS, Android, and the web. The applications are open source on GitHub for independent audit.

For an EU-sovereignty audit Filen is among the cleanest listings in the file-sharing category. All servers are located in Germany in Tier IV ISO 27001-certified high-security data centres across multiple regions for disaster-recovery redundancy. The vendor states explicitly that no data is stored in the United States, an unusually strong commitment for a product at this price point. German data-protection law (Bundesdatenschutzgesetz) applies on top of GDPR, and the UG legal structure is a German limited-liability format. The ownership chain is clean: founder-led with no VC/PE investors on record. Customer keys, file content, file names, and metadata are all encrypted client-side: zero-knowledge end-to-end. Among the strong EU-owned file-sharing alternatives (Proton Drive, Tresorit, Internxt, Filen, Cryptee), Filen wins on price-to-performance for users who want German jurisdiction specifically.

Pricing is the most aggressive in the directory's encrypted-cloud category: free tier available with limited storage; Pro I starts at €1.99/month for 200 GiB; Pro II / III / IV scale up with more storage and higher upload caps; unlimited bandwidth, uploads, client-side encryption, syncing, and file sharing across all paid tiers. No lifetime plans (vendor explicitly opts out). Best fit: privacy-conscious individuals and small teams who want German jurisdiction, zero-knowledge encryption by default, open-source apps, and aggressive pricing; particularly relevant for journalists, NGOs, and SMBs in DACH.

SUB-PROCESSORS

Unterauftragsverarbeiter-Karte · 7

Quelle ↗
  • Cloudflare, Inc. US
    United States

    Bot protection via Turnstile (Standard Contractual Clauses)

  • Coinbase Inc. US
    United States

    Cryptocurrency payment processing (Standard Contractual Clauses)

  • PayPal Inc. US
    United States

    Payment processing (Standard Contractual Clauses)

  • Sentry Inc. US
    United States

    Error management / telemetry (Standard Contractual Clauses)

  • Stripe Payments Europe Ltd. US
    Ireland

    Payment processing

  • Fider EU
    Germany

    Feature-suggestion tool (open source, self-hosted by Filen on its German infrastructure)

  • Plausible Analytics EU
    Estonia

    Web analytics (self-hosted by Filen in Germany)

5 von 7 Unterauftragsverarbeitern sind in den USA registriert. Begrenztes CLOUD-Act-Risiko über diese ergänzenden Unterauftragsverarbeiter.
CERTIFICATIONS

Rahmenwerke & Zertifizierungen · keine gelistet

Wir haben die Website des Anbieters und die Register der Zertifizierungsstellen geprüft. Keine aktiven Zertifizierungen gefunden zum Zeitpunkt der letzten Prüfung (2026-05-18).
FEATURES

Funktionsmatrix

Kostenloser Speicher 10 GB
Bezahlter Speicher (ab) 200 GB
Fotosynchronisierung Ja
Dateiversionierung Ja
Link-Freigabe Ja
Plattformen iOS macOS Windows Android Linux Web
INTEGRATION & ZUGRIFF
REST API Yes
SSO (SAML / OIDC) No
COMPLIANCE & GOVERNANCE
Audit log No
Self-host / on-prem option No
PRICING

Preise & Tarife

FREEMIUM
ab €2/Monat
Preisseite ansehen ↗
PUBLIC DOCUMENTS

Öffentliche Dokumente

Anbieter veröffentlicht keinen öffentlichen AVV. Ohne öffentlich zugänglichen Auftragsverarbeitungsvertrag können kleine EU-Kunden den Verarbeitervertrag nicht selbst abschließen. Dies wird als fehlender öffentlicher AVV vermerkt (siehe So prüfen wir).
  • Auftragsverarbeitungsvertrag (AVV)
    — fehlt
    fehlt
  • Liste der Unterauftragsverarbeiter
    filen.io/privacy…
    Öffnen ↗
  • Nutzungsbedingungen
    filen.io/terms…
    Öffnen ↗
ALTERNATIVES

Alternativen in dieser Kategorie

Proton Drive
Switzerland · Gegründet 2014
EU-SOUVERäN

Swiss zero-knowledge encrypted cloud (Proton AG, non-profit-foundation-controlled), 11,496 owned servers, ISO 27001 + SOC 2, 5 GB free.

Öffentl. AVV Subprozessoren Open Source
FROM
€4/Mt.
CLOUD ACT
NONE
Tresorit
Switzerland · Gegründet 2011
EU-GEHOSTET

Swiss-Post-owned (state-anchored) E2E encrypted enterprise cloud storage (Tresorit AG, Zurich), Swiss + EU DC options, ISO 27001.

Öffentl. AVV Subprozessoren Open Source
FROM
€10/Mt.
CLOUD ACT
MATERIAL
kDrive (Infomaniak)
Switzerland · Gegründet 1994
EU-SOUVERäN

Swiss kDrive cloud (Infomaniak, Geneva, since 1994), own Swiss DCs, ISO 27001 + B Corp 2025, district-heating heat recycling.

Öffentl. AVV Subprozessoren Open Source
FROM
€4/Mt.
CLOUD ACT
NONE