Digital Takeout Day
← Back to all guides
Guide

Where to Store Your Data Exports: Cloud Privacy Guide (2026)

You downloaded your data. Now the question is where to put it. Most people's instinct is to upload it back to Google Drive or Dropbox — the same places they just took it from. This guide explains what those services actually do with your files, what the privacy-first alternatives offer, and how to build a simple storage setup that works whether you're archiving a Strava export or locking down five years of medical records.

What big tech cloud actually does

Uploading a file to Google Drive, Dropbox, or Microsoft OneDrive does not make it private. These services encrypt files at rest, but they hold the encryption keys — which means they can read your files, and so can anyone they share access with.

Read the backup guide before relying on any cloud service for your export archive.

What end-to-end encryption actually means

End-to-end encryption (E2EE) means your files are encrypted on your device before they leave it. The provider receives only ciphertext — encrypted data that is unreadable without your private key, which only you hold.

This is fundamentally different from standard cloud encryption. With E2EE, even a court order compelling the provider to hand over your files returns nothing useful — the provider genuinely cannot read what you stored.

  • Standard cloud encryption: provider holds the key — readable by them and by legal process
  • End-to-end encryption: you hold the key — provider sees only encrypted data
  • E2EE also covers metadata on Proton Drive — file names and folder names are encrypted, not just content
  • The trade-off: E2EE means the provider cannot recover your files if you lose your passphrase

The 3-2-1 rule for your exports

A simple rule used by backup professionals: keep three copies of anything important, on two different types of storage, with one copy off-site.

For most people doing regular data exports, this translates to a working copy on your computer, a second copy on an external drive, and a third copy in an off-site cloud backup you actually control.

  • 1 working copy — on your computer or NAS, easy to access
  • 1 local backup — external SSD or hard drive (amzn.to/4eFl0ca), not connected full-time
  • 1 off-site copy — encrypted cloud storage in a separate physical location from your devices
  • The off-site copy is the one most people skip — and the one that saves you when hardware fails or something gets lost

Proton Drive: the off-site tier

Proton Drive is the strongest fit for the off-site copy in a privacy-first 3-2-1 setup. Files and metadata are encrypted on your device before upload — Proton cannot read what you store, and neither can anyone who compels them.

It is built by the same team behind Proton Mail, which has been used by journalists, NGOs, and security researchers since 2014. The code is audited, the company is incorporated in Switzerland under some of the world's strongest privacy law, and the product works across web, desktop, and mobile.

  • End-to-end encryption including file names and folder structure — not just content
  • Zero-access: Proton cannot read your files even under legal pressure
  • Swiss jurisdiction — outside the reach of US and EU surveillance frameworks
  • Works alongside Proton Mail and Proton Pass if you use those
  • Free tier available; paid plans start with more storage
  • ProtonDrive (go.getproton.me/SH2aK) — sign up and get started

Other privacy-respecting options

Proton Drive is not the only option. The right choice depends on your storage needs and workflow.

  • pCloud (partner.pcloud.com/r/155235) — lifetime purchase option makes it good value for large long-term archives; client-side encryption available as a paid add-on
  • Cryptomator (cryptomator.org) — free, open-source tool that encrypts files locally before uploading to any cloud provider including Google Drive or Dropbox; lets you use existing storage with real privacy
  • Backblaze B2 (backblaze.com) — object storage at $6/TB/month; not encrypted by default but pairs well with Restic or Duplicati for automated encrypted backups
  • Self-hosted (Synology NAS + Restic) — the most control, no third-party access at all, but requires hardware and setup

What to store where

Not everything you export needs the same treatment. Some data is genuinely sensitive; some is just useful to have. Matching storage to sensitivity is more practical than encrypting everything equally.

  • Health data (<a href="/guides/fitbit-data-export">Fitbit</a>, <a href="/guides/how-to-download-apple-data">Apple Health</a>, MyFitnessPal) — E2EE cloud plus encrypted local copy
  • Location history (Google, Uber, Strava GPX) — same treatment; location data is among the most re-identifiable personal data that exists
  • Financial records (PayPal, Amazon) — encrypted cloud and local copy alongside tax records
  • Social archives (Instagram photos, Spotify history) — standard cloud or local is fine; sensitivity is lower
  • AI conversation exports (ChatGPT, Claude, Gemini) — treat like health data if you discussed anything personal; see the <a href="/guides/ai-tools-data-export-comparison">AI tools export comparison</a> for what each platform gives you
  • Code and GitHub exports — local plus standard cloud is fine; sensitivity is usually low

A practical setup in three steps

  1. Create a top-level folder called data-exports on your computer. Inside it, name subfolders by service and date — google-2026-04, fitbit-2026-04, spotify-2026-04.
  2. Copy that folder to an external drive. Keep the drive stored separately from your computer — a different room, bag, or location.
  3. Upload the sensitive subfolders (health, location, financial, AI exports) to Proton Drive. Use Proton Drive's mobile app or desktop client to keep it in sync. That is your off-site copy.

Related guides

FAQ

Can Google read files I store in Google Drive?

Yes. Google holds the encryption keys for Google Drive, which means they can access the content. Files may be used to improve Google products and personalise advertising.

What is end-to-end encryption and why does it matter?

End-to-end encryption means your files are encrypted on your device before upload. The storage provider receives only encrypted data and cannot read your files — even under legal compulsion.

Is Proton Drive free?

Yes, there is a free tier. Paid plans offer more storage. See current pricing at proton.me.

Do I need to stop using Google Drive?

Not necessarily. Google Drive is convenient for non-sensitive files. The practical approach is to use E2EE storage (like Proton Drive or Cryptomator-wrapped Dropbox) for sensitive exports and keep Google Drive for everything else.

What is the 3-2-1 backup rule?

Three copies of your data, on two different storage types, with one copy stored off-site. The off-site copy protects against hardware failure, theft, and location-specific disasters.

What is Cryptomator and when should I use it?

Cryptomator is a free tool that encrypts files locally before uploading them to any cloud service. Use it if you want real privacy without changing your current cloud provider.

Does Swiss jurisdiction actually mean anything?

Yes. Switzerland has strict data protection laws and is outside the legal frameworks of the US and EU, making it harder for foreign governments to compel access. This is one reason Proton is used by journalists and activists globally.