Privacy & security
When the session ends, there’s nothing left to leak.
Most tools keep things by default and make you delete them. An ephemeral tool flips that: it keeps nothing unless you ask, so the normal end-state is clean. For confidential material, that default is the feature.
5 min read
Mar 2026
Every claim sourced · 2 references
Think about how much of a data breach is really about leftovers: the file someone forgot to delete, the share link that stayed live for three years, the export sitting in an old account. The common thread is persistence — data that outlived its purpose. Ephemeral design attacks that directly.
✕ The myth
"Deleting it afterward is basically the same thing."
Keep it by default, clean up later — same end result.
✓ The reality
"Delete later" is a task you'll forget.
Ephemeral-by-default means the clean state is automatic: when the session ends, the shared session data is simply gone — no file, no live link, no history to prune.1
This is data minimisation as a default, not a chore.1 Instead of trusting every user to remember to revoke access and delete exports, the system keeps nothing beyond the live session. It aligns with zero-trust thinking too: don't leave standing access or standing data lying around to be abused later.2 For a confidential document, the best possible audit answer is "there's nothing stored to review."
Why "gone" beats "deleted"
"Deleted" implies something existed, was stored, and was later removed — with all the gaps that process has (backups, replicas, the copy someone made). "Never persisted" has none of those gaps. An ephemeral session that holds its state in memory and drops it when the connection ends leaves nothing to recover, nothing to subpoena from the tool, and nothing to breach in six months.
Default
Keep-nothing is automatic; you don't rely on anyone remembering to clean up.
In-memory
Session state that lives in RAM and dies with the session leaves no file to recover.
Minimise
Retention is the enemy of privacy; ephemerality is minimisation by design.
1
⚖ The honest bit — self-destruct isn't a memory wipe
It ends the session, not the laws of physics.
Be clear-eyed about scope. Ending a session removes the shared intermediary — the tool's copy and connection. It does not reach into an audience member's phone that photographed a slide, doesn't delete the source file on your own device, and doesn't guarantee anything about screenshots or recordings someone made deliberately. "Self-destructing" is a strong property for the piece it controls (no stored, lingering copy in the middle); it isn't a promise that information can be un-seen. Treat it as removing the honeypot, not as erasing memories.
Where SyncBy!App fits
SyncBy sessions are ephemeral by design: connection details live in memory and are gone when the session ends, and your slides were never stored on our side to begin with. There's no dashboard of old presentations, no share links to expire, nothing to forget to delete. For genuinely confidential material, that "nothing to review afterward" default is precisely the point — just remember it governs the middle, not the whole world.
TL;DR
- Most leaks are leftovers; ephemerality removes the persistence that causes them.
- "Keep nothing by default" beats "remember to delete later."1
- "Never persisted" has none of the gaps of "deleted."
- Honest caveat: it ends the shared session — not screenshots, your own source file, or deliberate recordings.