A privacy policy is a must! If the whole point of the site is to share secrets, with a second party, we need to know just what the third-party is planning to do with them.

Agree. I know it says that you can't do anything with the data, since necessary information isn't available. But... even if its random, it is known that it is a password. So, it's feasible to build a table of known passwords, at least.

How would that work? The URL only works once, so even if they crawled every possibility, the intended recipient would never get it, and would alert the sender.

I'm just theorizing. But let's say the site gets compromised for a few days/weeks and they don't find out.