Security & Privacy
Your most sensitive family information deserves more than a password. Here is how we protect it.
Encrypted Uploads
Files are protected in transit with HTTPS/TLS and stored using encrypted storage. Documents are never served via public URLs — access requires authentication.
Controlled Access
Only the account owner and approved trusted contacts can access private information. Access levels are set by you — Viewer, Family Admin, Emergency Contact, or Memorial Contributor.
Private Share Codes
Families can share a private access code instead of sending sensitive files through text messages or email. Codes are hashed and stored — never as plain text. They can be revoked at any time.
No Casual Admin Browsing
Our system is designed so support staff cannot casually browse uploaded documents. Administrative access is limited, logged, and used only for security or support reasons.
Privacy-First Controls
Sensitive documents are protected with access controls, encryption, audit logs, and least-privilege permissions — so your information is seen only by you and the people you invite.
Row-Level Security
TechnicalEvery database table uses Row-Level Security policies. Users can only read and write their own records. There is no way to query another user's data — even with a valid session token.
Short-Lived Signed URLs
TechnicalPrivate files are never served via permanent URLs. All file downloads use signed URLs that expire in 5 minutes — too short for a leaked link to be useful.
Audit Trail
Every access is recorded
Our platform maintains a complete audit log of sensitive actions so you always know who accessed what and when.
Legal Disclaimer
FinalKeepSake is not a law firm and does not provide legal, financial, medical, or estate-planning advice. Uploading a document does not create, validate, or replace a legal will. Users should consult qualified professionals for legal documents and estate planning.
FinalKeepSake is an organizational and legacy-preservation service. It is not a substitute for an attorney, estate plan, will, trust, medical directive, or professional advice.
Privacy questions answered
Can FinalKeepSake employees see my documents?
No. Your uploaded documents are stored in private, encrypted cloud storage buckets. Access requires authentication — documents are never served via public URLs. Our support staff cannot browse your files. Access codes are stored as bcrypt hashes: we cannot read them, and neither can anyone else with database access.
Is my personal information sold to third parties?
No. We do not sell your personal information or documents to third parties. Your data is used only to provide the FinalKeepSake service to you.
Does FinalKeepSake use my documents to train AI?
No. Your personal documents and information are never used to train AI models. Our AI writing features use only the information you provide in that specific session.
How are family access codes protected?
Access codes are stored as bcrypt hashes — a one-way cryptographic function. This means the original code is never stored in our database. Even if our database were compromised, the codes themselves would be unreadable. Codes can be revoked at any time from your account.
What happens to my data if I close my account?
You can request deletion of your account and all associated data at any time by contacting hello@finalkeepsake.com. Upon deletion, your documents, vault contents, messages, and profile information are permanently removed from our systems.