Get 10 electronic signatures and 6 EU Qualified for free. Try Tresorit eSign nowFREE

Making security simple

If security gets in the way of what you’re doing, it hasn’t been done right. We created Tresorit from the ground-up to tighten security, support data-handling compliance, and ease collaboration while making sure you’re always in control of who has access to your files.

How Tresorit ensures data security and compliance

How Tresorit always keeps you in control


End-to-end encryption

Using end-to-end encryption, Tresorit encrypts every file and relevant file metadata on your devices with unique randomly generated encryption keys. These keys are never sent to our servers in an unencrypted format. Accessing files is only possible with a user’s unique decryption key.

Learn more about our encryption

Zero-knowledge authentication

Tresorit uses an authentication scheme in which your password never leaves your device, keeping you in control of your most confidential security information.

Cryptographic key sharing

Tresorit is based on industry-standard public key cryptography that has been thoroughly analyzed by experts and declared secure. Public key cryptography guarantees that even Tresorit cannot access the shared keys. This key sharing is based on, among others, RSA-4096 with OAEP padding scheme (see RFC2437) and PKI certificates, combining it with a tree of symmetric keys.

Learn more about our encryption

Client-side integrity protection

Tresorit guarantees that a file’s content cannot be modified without your knowledge, even if somebody hacks our system. Tresorit clients apply cryptographic authentication (in the form of HMAC or AEAD) to all encrypted data. The key is only known to the user’s client and those they share the file with, but not the server.

Learn more about our encryption


Swiss privacy laws

Tresorit handles data under Swiss privacy laws that provide more substantial protection than similar laws in the US or even the EU.

Non-convergent cryptography

Only a few providers offer end-to-end encryption, but some of these sacrifice confidentiality by using so-called convergent cryptography. The non-convergent cryptography used by Tresorit makes it impossible to determine when your content matches others’ content in the cloud, which could leak valuable data about you to outside observers.


ISO 27001

Tresorit has certification for compliance with ISO 27001:2013. Tresorit was audited and certified by TÜV Rheinland, an independent third-party auditor. Our compliance with this internationally recognized standard and code of practice is evidence of our commitment to information security at every level of our organization.

Read the details of our ISO complianceDownload our ISO certificate


The GDPR highlights encryption as one of the technologies to ensure data protection and compliance. With Tresorit’s end-to-end encryption technology, your encryption keys that unlock your data are stored on the client-side, on your device. Unlike in-transit or at-rest encryption, only you and those you share with have access to the information.

Learn more about GDPR and encryption


With its zero-knowledge, end-to-end encrypted technology, Tresorit offers a HIPAA compliant cloud storage solution. Tresorit signs HIPAA Business Associate Agreements (BAA) with customers seeking HIPAA compliance to safeguard Protected Health Information (PHI).

Learn more about HIPAA compliance


The California Consumer Privacy Act is the newest regulation in a world-wide push for increased data security. The CCPA is the first such law in the US and came into force on January 1, 2020. Any entity that handles the data of residents of California must abide by its guidelines. As a champion of privacy, Tresorit has supported the CCPA since its inception and can help companies remain compliant.

Learn more about CCPA compliance

Digital Trust Label

The Digital Trust Label is a certification created by the Swiss Digital Initiative that certifies digital services in four categories – security, data protection, reliability, and fair user interaction – and allows users to check the trustworthiness of the app or service. Created in 2022, the Digital Trust Label is the first of its kind, and Tresorit is proud to be among the first companies to earn this label.

Learn more about Digital Trust Label
TÜV Rheinland Certified
GDPR Compliant
CCPA Ready
Digital Trust Label


Define security policies

The owner and admins of a Tresorit Business Account can apply policy templates to a set of users and create different policies for each template. Also, the admins can modify these policies at any moment. Policy templates include 2-Step Verification, IP filtering, Timeout policies, Allowed Devices, and Sharing policies.

Take a look at the setting in detail

Monitor devices and user statistics

Admins can monitor and decide which devices are allowed to be used to access files within your company, and where users are allowed to log into their company account from to safeguard business-critical documents.

Revoke access from users and devices

Tresorit Advanced Control enables Tresorit Business admins to enhance their organization’s security by resetting their users’ lost passwords and revoking access from lost or stolen devices.

Learn more about Advanced Control


Making Remote Work Safe

Tresorit includes several functionalities to safeguard your data when teams work from home or anywhere else. Access to files and tresors can be controlled at a granular level, ensuring only those files are only accessible to those that need them. Previous versions and deleted files can be restored quickly, ensuring no information is lost. Detailed reporting allows admins to see who had accessed files and when.

Secure external collaboration

Secure external collaboration with partners, especially in privacy-critical industries, such as law or healthcare, is vital. Tresorit ensures all data remains encrypted even when shared with partners. Support productive collaboration with shared data rooms. File downloads can be limited and access revoked at any time. Tresorit also helps ensure that all external communication remain compliant with data privacy regulations.

Read more about our external collaboration tools

Single Sign-On

With a massive increase in the number of cloud services used by organizations, there is an increased security risk associated with the reuse of passwords and the differing security of the solutions used. SSO integration with Azure AD and Okta allows one-step sign-in to Tresorit for your employees and streamlined administration for your admins.

Learn how SSO works with Tresorit in our blog


Tresorit includes a range of integrations to support your productivity. Replace risky email attachments and generate end-to-end encrypted secure links directly in Outlook with the Tresorit plugin. Or connect your directory service to our Active Directory integration to synchronize users and Tresor memberships.

Check our integrations to stay productive

Recommended content

Ready to get started?

Sign up and include your collaborators right away.