Your Digital Vault

Protect your wishes in life and afterward

Security & Compliance

You're in Safe Hands

We recognize and appreciate the trust you have placed in us. Heirloom Safe is committed to protecting your most sensitive documents. That's why we have implemented the maximum possible security measures to keep your data safe. 

Encrypted Data Storage

All your data is encrypted using the military-grade AES-256 encryption algorithm. The United States government uses AES-256 for top-secret documents and it is widely used in the financial industry to protect sensitive information. Encryption technology ensures your data is protected from unauthorized access while at rest. Encryption scrambles your documents into a code that can only be accessed with your unique key or password.

Encrypted Data in Transit

Beyond encrypted storage, encryption is vital when your data is being transferred. Heirloom Safe has implemented Transport Layer Security (TLS 1.3) that uses 2048-bit certificates to ensure data remains secure while in transit. Banks and e-commerce websites use TLS technology for online transactions. TLS 1.3 provides Perfect Forward Secrecy meaning that each session key is unique and cannot be used to decrypt past or future communication, even if the private key is compromised.

Multi-Factor Authentication (MFA)

MFA is a secure login process that requires not just a username and password, but also a unique code generated by a physical device or sent via text message. This added layer of protection helps prevent unauthorized access to your account even if your credentials were compromised.

MFA prevents phishing attempts, man-in-the-middle attacks, and other malicious methods to access your account. Phishing occurs when a hacker poses as a legitimate company or individual to acquire sensitive information, such as usernames and passwords. Hackers use man-in-the-middle attacks to intercept communication between two parties, typically using malware. Malware is malicious software that can track keystrokes, capture screenshots, and steal passwords. 

Automated Logout

To prevent unauthorized access, we automatically log you out of your account after 15 minutes without activity. Activity simply means that a key on your keyboard is pressed, or your mouse is moved or clicked to indicate that you're still present in front of your computer or device.

Access to Your Documents

No one at Heirloom Safe has access to any of your documents. Only Legacy Contacts to whom you have granted access can view your documents upon your passing. Heirloom Safe administrator access is restricted to the information essential for account creation (email) performing multi-factor authentication (SMS, email), and triggering file access for Legacy Contacts.

Health Insurance Portability and Accountability Act (HIPAA) Compliance

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) means that data related to medical information must be protected and kept confidential. Heirloom Safe has implemented the necessary security measures to handle Protected Health Information (PHI). These precautions include restricting access to PHI data via MFA login and encrypting all PHI data at rest and in transit using TLS 1.3 and the AES-256 encryption algorithm respectively.

Service Organization Controls

Service Organization Controls (SOC) are reports from an independent auditor that evaluate the effectiveness of security controls. The American Institute of Certified Public Accountants (AICPA) created SOC and it is delineated through five Trust Services Criteria: Security, Availability, Processing Integrity, Confidentiality, and Privacy. SOC ensures that information and systems are protected against unauthorized access, unauthorized disclosure of information, and damage to systems that could affect an entity’s ability to meet its objectives. 

Heirloom Safe's data storage is SOC 1, SOC 2, and SOC 3 compliant. A third-party CPA firm performs semi-annual audits. Data is continually monitored to ensure the effectiveness of our security measures and to prevent unauthorized access.