Stop pasting passwords into Teams and email, where they sit in a thread forever. Send a link that destroys itself once it has been read, locked with a key we never get to see.
Your browser encrypts the secret and puts the key in the part of the link after the #. Browsers never send that part to a server, so the key travels to your recipient and to nobody else.
All we ever store is the locked box. Not the key, not a copy, not a backup. If someone walked out with our entire database tomorrow, they would have nothing worth reading.
Once the last view is spent, the record is deleted. If nobody opens it, it expires on its own anyway. Either way it does not sit in a thread forever.
Not as a promise, and not as a policy we could quietly change later. The key is never sent to us, so there is nothing for us to lose, leak, or be made to hand over.