Could also see an implementation where you generate a keypair per secret that saves a hashid (or just an incrementing integer) that you add to the URL fragment. The original sender's browser can then retrieve the private key in localstorage by that hashid. Now secrets can be kept or deleted individually, or given separate expirations.

The only issue is that you can't magically remove the encrypted data in the URL you sent over, so it's really just removing your _own_ access to the data.