diff --git a/automysqlbackup b/automysqlbackup
index 02ca79e..bf33869 100755
--- a/automysqlbackup
+++ b/automysqlbackup
@@ -110,6 +110,8 @@ load_default_config() {
   CONFIG_mail_address='root'
   CONFIG_encrypt='no'
   CONFIG_encrypt_password='password0123'
+  CONFIG_gpg_encrypt='no'
+  CONFIG_gpg_encrypt_recipient='SHORT_ID'
 }
 
 mysql_commands() {
@@ -346,6 +348,27 @@ files_postprocessing () {
 	}
 	# <- CONFIG_encrypt
 
+	# -> CONFIG_gpg_encrypt
+	[[ "${CONFIG_gpg_encrypt}" = "yes" && "${CONFIG_gpg_encrypt_recipient}" ]] && {
+	  if (( $CONFIG_dryrun )); then
+	    printf 'dry-running: gpg --encrypt --recipient ${CONFIG_gpg_encrypt_recipient} --output ${1}.gpg --batch ${1}'
+	  else
+	    gpg --encrypt --recipient ${CONFIG_gpg_encrypt_recipient} --output ${1}.gpg --batch ${1}
+	    if (( $? == 0 )); then
+		  if rm ${1} 2>&1; then
+		    echo "Successfully encrypted archive as ${1}.gpg"
+		    let "flags |= $flags_files_postprocessing_success_encrypt"
+		  else
+		    echo "Successfully encrypted archive as ${1}.gpg, but could not remove cleartext file ${1}."
+		    let "E |= $E_enc_cleartext_delfailed"
+		  fi
+	    else
+		  let "E |= $E_enc_failed"
+	    fi
+	  fi
+	}
+	# <- CONFIG_gpg_encrypt
+
 	# -> CONFIG_mysql_dump_latest
 	[[ "${CONFIG_mysql_dump_latest}" = "yes" ]] && {
 	  if (( $flags & $flags_files_postprocessing_success_encrypt )); then
@@ -732,7 +755,7 @@ process_dbs() {
 	db="$1"
   fi
 
-  if [[ "x$CONFIG_mysql_dump_differential" = "xyes" ]] && [[ "x${CONFIG_encrypt}" != "xyes" ]] && (( $activate_differential_backup )); then
+  if [[ "x$CONFIG_mysql_dump_differential" = "xyes" ]] && [[ "x${CONFIG_encrypt}" != "xyes" ]] && [[ "x${CONFIG_gpg_encrypt}" != "xyes" ]] && (( $activate_differential_backup )); then
 
 
 	  unset manifest_entry manifest_entry_to_check
@@ -784,7 +807,7 @@ process_dbs() {
 
   fi
 
-  if [[ "x$CONFIG_mysql_dump_differential" = "xyes" ]] && [[ "x${CONFIG_encrypt}" != "xyes" ]] && (( $activate_differential_backup )) && ((! ($filename_flags & $filename_flag_encrypted) )); then
+  if [[ "x$CONFIG_mysql_dump_differential" = "xyes" ]] && [[ "x${CONFIG_encrypt}" != "xyes" ]] && [[ "x${CONFIG_gpg_encrypt}" != "xyes" ]] && (( $activate_differential_backup )) && ((! ($filename_flags & $filename_flag_encrypted) )); then
 
 	  # the master file is encrypted ... well this just shouldn't happen ^^ not going to decrypt or stuff like that ...at least not today :)
 
diff --git a/automysqlbackup.conf b/automysqlbackup.conf
index fc72be0..b64aabf 100644
--- a/automysqlbackup.conf
+++ b/automysqlbackup.conf
@@ -258,6 +258,12 @@ CONFIG_db_exclude_pattern=()
 # Choose a password to encrypt the backups.
 #CONFIG_encrypt_password='password0123'
 
+# Do you wish to encrypt your backups using GPG?
+#CONFIG_gpg_encrypt='no'
+
+# ID of the Public PGP Key to use. The key must already be in your keyring.
+#CONFIG_gpg_encrypt_recipient='SHORT_ID'
+
 # Other
 
 # Backup local files, i.e. maybe you would like to backup your my.cnf (mysql server configuration), etc.