Aller au contenu
Vérifié indépendamment · Ré-audit trimestriel
EU VETTED

Filen

VéRIFIé
Partage de fichiers · Germany
Fondé en 2021 · filen.io ↗

German zero-knowledge E2E cloud (Filen Cloud Dienste UG, Recklinghausen, 2021), Tier IV ISO 27001 DCs, no US data, open source apps.

En bref

Filen, dans la catégorie Partage de fichiers, est un service européen avec Germany comme lieu d’hébergement et tout au plus une exposition américaine mineure et transitoire au titre du CLOUD Act.

Notes d’évaluation

Filen Cloud Dienste UG (Recklinghausen, Germany; founded mid-2021 by Jan Lenczyk, Jan Kulartz, and Phil Hedrich) runs an explicit ''next-generation zero-knowledge end-to-end encrypted cloud'' from Tier IV ISO 27001-certified German data centres with no data stored in the United States, AES-256 client-side encryption, open-source applications on GitHub, and a founder-led cap table with no external venture capital; sub-processors are disclosed on the /privacy page (Stripe IE, PayPal US, Cloudflare US, Sentry US); EU-owned and EU-hosted with only minor CLOUD Act exposure: the US-jurisdiction sub-processors are all transient (payments, error telemetry, bot protection) and, because storage is zero-knowledge end-to-end encrypted, none of them can read file content; zero-knowledge E2E encryption, open-source clients, and disclosed sub-processors; the key documentation gap is no standalone public DPA URL.

CLOUD ACT
OWNERSHIP
SUB-PROCS
7 · 5 US
Signaux vérifiés
Juridiction
  • Hébergement UE / adéquation
  • Opérateur UE / adéquation
  • Aucune exposition au CLOUD Act
Transparence
  • DPA public
  • Sous-traitants divulgués
  • Clients open source
  • Certification tierce
JUMP TO
OVERVIEW

À propos de Filen

Filen is a German-headquartered zero-knowledge end-to-end encrypted cloud-storage product operated by Filen Cloud Dienste UG (haftungsbeschränkt), founded in mid-2021 in Recklinghausen, Germany by Jan Lenczyk (CEO + CTO), Jan Kulartz (COO + CMO), and Phil Hedrich (CDO + Customer Care). The product is structurally similar to Mega and Internxt (every file is encrypted on the user's device with AES-256 before it leaves the client, the encryption keys never reach Filen's servers, and the company mathematically cannot read uploaded content) and ships as Filen Drive, Filen Notes, Filen Chats, Filen Sync, and a network-drive client across Windows, macOS, Linux, iOS, Android, and the web. The applications are open source on GitHub for independent audit.

For an EU-sovereignty audit Filen is among the cleanest listings in the file-sharing category. All servers are located in Germany in Tier IV ISO 27001-certified high-security data centres across multiple regions for disaster-recovery redundancy. The vendor states explicitly that no data is stored in the United States, an unusually strong commitment for a product at this price point. German data-protection law (Bundesdatenschutzgesetz) applies on top of GDPR, and the UG legal structure is a German limited-liability format. The ownership chain is clean: founder-led with no VC/PE investors on record. Customer keys, file content, file names, and metadata are all encrypted client-side: zero-knowledge end-to-end. Among the strong EU-owned file-sharing alternatives (Proton Drive, Tresorit, Internxt, Filen, Cryptee), Filen wins on price-to-performance for users who want German jurisdiction specifically.

Pricing is the most aggressive in the directory's encrypted-cloud category: free tier available with limited storage; Pro I starts at €1.99/month for 200 GiB; Pro II / III / IV scale up with more storage and higher upload caps; unlimited bandwidth, uploads, client-side encryption, syncing, and file sharing across all paid tiers. No lifetime plans (vendor explicitly opts out). Best fit: privacy-conscious individuals and small teams who want German jurisdiction, zero-knowledge encryption by default, open-source apps, and aggressive pricing; particularly relevant for journalists, NGOs, and SMBs in DACH.

SUB-PROCESSORS

Carte des sous-traitants · 7

Source ↗
  • Cloudflare, Inc. US
    United States

    Bot protection via Turnstile (Standard Contractual Clauses)

  • Coinbase Inc. US
    United States

    Cryptocurrency payment processing (Standard Contractual Clauses)

  • PayPal Inc. US
    United States

    Payment processing (Standard Contractual Clauses)

  • Sentry Inc. US
    United States

    Error management / telemetry (Standard Contractual Clauses)

  • Stripe Payments Europe Ltd. US
    Ireland

    Payment processing

  • Fider EU
    Germany

    Feature-suggestion tool (open source, self-hosted by Filen on its German infrastructure)

  • Plausible Analytics EU
    Estonia

    Web analytics (self-hosted by Filen in Germany)

5 sous-traitants sur 7 sont incorporés aux États-Unis. Exposition limitée au CLOUD Act via ces sous-traitants accessoires.
CERTIFICATIONS

Référentiels & certifications · aucune répertoriée

Nous avons vérifié le site de l'éditeur et les registres des organismes de certification. Aucune certification active trouvée à la date du dernier audit (2026-05-18).
FEATURES

Matrice de fonctionnalités

Stockage gratuit 10 Go
Stockage payant (à partir de) 200 Go
Synchro photos Oui
Versionnage des fichiers Oui
Partage par lien Oui
Plateformes iOS macOS Windows Android Linux Web
INTéGRATION & ACCèS
REST API Yes
SSO (SAML / OIDC) No
CONFORMITé & GOUVERNANCE
Audit log No
Self-host / on-prem option No
PRICING

Tarifs & paliers

FREEMIUM
à partir de €2/mois
Voir la page tarifs ↗
PUBLIC DOCUMENTS

Documents publics

L'éditeur ne publie pas de DPA public. Sans contrat de sous-traitance accessible publiquement, les petits clients européens ne peuvent pas signer eux-mêmes l'accord : cela est consigné comme absence de DPA publique (voir Notre méthode).
  • Contrat de sous-traitance (DPA)
    — manquant
    manquant
  • Liste des sous-traitants
    filen.io/privacy…
    Ouvrir ↗
  • Conditions d'utilisation
    filen.io/terms…
    Ouvrir ↗
ALTERNATIVES

Alternatives dans cette catégorie

Proton Drive
Switzerland · Fondé en 2014
SOUVERAIN UE

Swiss zero-knowledge encrypted cloud (Proton AG, non-profit-foundation-controlled), 11,496 owned servers, ISO 27001 + SOC 2, 5 GB free.

DPA public Sous-traitants Open source
FROM
€4/mois
CLOUD ACT
NONE
Tresorit
Switzerland · Fondé en 2011
HéBERGé UE

Swiss-Post-owned (state-anchored) E2E encrypted enterprise cloud storage (Tresorit AG, Zurich), Swiss + EU DC options, ISO 27001.

DPA public Sous-traitants Open source
FROM
€10/mois
CLOUD ACT
MATERIAL
kDrive (Infomaniak)
Switzerland · Fondé en 1994
SOUVERAIN UE

Swiss kDrive cloud (Infomaniak, Geneva, since 1994), own Swiss DCs, ISO 27001 + B Corp 2025, district-heating heat recycling.

DPA public Sous-traitants Open source
FROM
€4/mois
CLOUD ACT
NONE