Here are the steps this platform does with your message:

• Once you click on Make the drop!, the message is encrypted in your browser with a password generated in your browser.
• This means, that the data does not leave your browser unencrypted, as well as your password.
• The encrypted data is then sent to the backend, where it is stored for a maximum of 24 hours (or when the drop is fetched, whichever is earlier).
• When getting the drop, the encrypted data is fetched from the server (and instantly deleted when doing so), and is only encrypted in the browser. So, also here, the inserted password never leaves the browser.
• So the server (we) cannot see your message, as we never get the password for it.

The encryption algorithm used is github.com/bitwiseshiftleft/sjcl, which is a JavaScript crypto library developed at Stanford.
The code is open source, and you can easily inspect what is going on on this website with your developer tools.
Furthermore, feel free to host your own instance of this service, so that we do not even get to see your encrypted data at any time, so that you do not have to rely on us not trying to decrypt your data.