I like them too, but their file management and clients are far from polished (last time I tried was about 3 months ago). If we take Mega as another example, their UX is far superior. Oh, and Filen is also lacking collaboration features.
Filen is still very new and only has one developer at the moment, so you can’t compare it to services which have been in development by a bigger team for a long time. It’s okay though, for me it mostly needs some visual polish. Right now I only use it as a backup service with a hosted Nextcloud as the main thing.
I haven’t used it before but it doesn’t really matter what cloud provider you use if you encrypt the files before they are on the cloud service. I use rclone and you can set up encryption for the supported providers or any other service that supports protocols like WebDAV and cryptomator is a good tool to use as well.
I put it on my list of stuff to dig in as it’s a promising service but as @Feradin said it’s too early to tell if it’s really secure.
Open source ≠ Secure
As it’s open source more talented developers will take a look, contribute, fix vulnerabilties (every software have some) and in 2-3 years we should see it mentioned on Privacy Guides and Techlore if it’s trustworthy
A great example of this is Mega, all the clients are open source but the server is not. They had a key recovery bug and their fix was to retrofit in a fix instead of fixing the core issue as that would require everyone to reset their passwords. More information can be found at the given link: https://mega-awry.io/#rsa-key-recovery
When they started they used Cloudflare.
At least I can’t find connections to Cloudflare at the main site any more, but I’m not sure if they use it on the servers the data is stored. Their privacy statement is also pretty incomplete
I don’t know where you have heard that but that is not true. Every german business needs to have a complete privacy statement. A privacy statement has way more details then just if someone uses tracker or forwards information to third parties or not. If they have less then 20 employees the CEO of the company can act as a data privacy officer of the company. If the company has more then 20 employees, someone else (intern or extern) needs to do the job but that never implies you can have in any way an incomplete data privacy statement.
Statements like privacy contact, ‘Supervisory authority’ or your rights are completely missing.
Not a lawyer, not your lawyer, not anyone’s lawyer, no legal advice