On July 15, 2025, media outlets such as El País and El Periódico reported that the file-sharing platform WeTransfer would be modifying its privacy policy to acquire a perpetual, global license to all files that users upload to the platform (documents, images, and videos) starting August 8.
The stated goal is to operate, develop, and improve its services and technologies, including machine learning models.
Although the wording on its website has been modified since the news broke on social media, the license remains just as broad: an unrestricted authorization over your content, which compromises the custody and confidentiality of your data.
Why should this concern you?
The change in WeTransfer’s policy has critical business implications. Here are some of the most significant risks for your organization:
Compromised regulatory compliance
European regulations (GDPR, DORA, NIS2, ENS) require traceability and control over data. A perpetual license breaks the chain of control and violates regulatory requirements.
Intellectual Property
Designs, algorithms, strategic documentation… your assets could be used to power external tools, without control or compensation.
Reputation and Cybersecurity
If an AI model generates content similar to your intellectual property, the reputational impact can be significant and difficult to reverse.
Key business risk
By handing over files without limitation or a specific purpose, the principle of data minimization enshrined in the GDPR is undermined.
Assess Your Risk
Does your organization still use WeTransfer or other unmanaged platforms?
Tranxfer offers a free transfer channel audit to identify the extent of shadow IT and uncover which teams and processes are putting your data at risk.
Regain control with Tranxfer: security, compliance, and trust
In an increasingly regulated environment, handing over custody of your critical information to third parties is not an option. Tranxfer lets you transfer, store, and collaborate on sensitive files with the certainty that they remain yours, protected, and compliant with the most stringent regulations.
What sets Tranxfer apart:
Full control over the document lifecycle
Files remain under your control, with configurable automatic expiration, permission management, and full auditing.
Built-in advanced protection
Native, centralized security that combines end-to-end encryption in transit and at rest, data loss prevention (DLP), antivirus, and multi-factor authentication (MFA).
️ Traceability and audit trails
You know who accesses, downloads, forwards, or prints files, with delivery receipts and full lifecycle control.
Not used for AI training
Your data is not used to train AI models, unless there is a specific contract and explicit consent.
⚙️ Regulatory compliance
Complies with GDPR, DORA, NIS2, ISO 27001, ENS, and other regulations, automatically.
How to Migrate to Tranxfer
Migrating to a secure and compliant platform is easy with Tranxfer:
1️⃣ Initial Audit
Identify workflows that rely on unmanaged tools.
2️⃣ Tranxfer Implementation
Configure security and compliance policies, integrated with Outlook, Gmail, Microsoft, and Google Workspace.
3️⃣ Training and Rollout
Train your users with quick guides and communicate the new internal policy.
Conclusion
WeTransfer’s new policy puts the confidentiality, control, and regulatory compliance of your data at risk.
Tranxfer offers you a secure, transparent, and compliant alternative, where your files always remain yours and are protected at all times.
Request your free audit today and protect your organization’s critical data.
References
- Planas Bou, C. (July 15, 2025). WeTransfer will use users’ documents, images, and videos to train its AI. El Periódico.
- El País (July 15, 2025). WeTransfer will use users’ documents to train its AI.
- WeTransfer Terms and Conditions, accessed in July 2025.
