Protecting the data you store in LegacyApp is our priority. We ensure this in four ways:
First: Security by Design
We designed LegacyApp so that your private notes are never stored on our servers. They are stored exclusively (i) on your smartphone, and if you save a backup copy of your notes, (ii) on your private cloud account, either on your Google Drive or Apple iCloud account. This way, no one can steal your data from us by hacking our server (nor demand access to your data from us). This also means, that we can't sell your data to third parties as we just don't have access to it.
Second: Data Encryption and SSL
Any notes you store in LegacyApp are encrypted with the AES 256 algorithm (Advanced Encryption Standard - Wikipedia). This algorithm is commonly used by financial institutions and the military. The encryption key consists of two halves: your key, which you create when encrypting your notes (minimum 8 characters), and our half, which is over 90 characters long. Therefore, your backup file and notes are encrypted with a password of over 100 characters - hacking into and decrypting your notes by a third party is practically impossible today.
Additionally, any data transmission between LegacyApp or your browser is encrypted using the SSL protocol (Secure Sockets Layer (SSL) protocol - IBM). This is the go-to solution that's commonly used to protect and connect all sensitive services on the internet (e.g. financial and government institutions).
Thanks to this security architecture, no one will be able to decrypt your notes. Even if someone hacks into your personal cloud account and downloads the backup file with your encrypted LegacyApp notes, they would not be able to decrypt the notes without knowing both the encryption key that you create when saving the backup copy of your notes, as well as our half of the key.
Third: Trusted Friends
For anyone who wants to ensure that their LegacyApp notes only reach their chosen beneficiary after their death, we have created the (optional) Trusted Friends function. If you enable this function in LegacyApp, you can designate three (or more) people who will be asked (by email or SMS) to confirm if you are OK (and if your notes should be passed to your chosen beneficiary) after you stop responding to LegacyApp's notifications. This is also additional safeguard in case you forget to, or are unable to, confirm that you are alright.
Only once at least two of your Trusted Friends confirm that something has happened to you, will LegacyApp initiate the process of granting your chosen beneficiary access to your data (you can read more about this process here: ...)
Correct configuration of trusted friends: green box and name of the Trusted Friend
Fourth: Supervision by an External Law Firm
The specialist technology law firm LBK&P oversees LegacyApp's compliance with GDPR regulations (GDPR - Wikipedia), both in respect of the app and the website. LBK&P supervises our compliance with data processing procedures and represents LegacyApp before the General Inspector of Personal Data Protection.
You can find more details about this in the Privacy Policy document available on the website:
Let's assume you are a frequent user of LegacyApp, organising all your important information on the app for yourself and your loved ones. Whenever the app asks you to confirm if you are OK, you do so. But you ask yourself:
What if something happens to me? How will my notes be passed to my Beneficiary?
Depending on whether you use the Trusted Friends function, one of two scenarios will occur:
Scenario 1: You do not use the optional and free Trusted Friends function in LegacyApp
If you do not use the Trusted Friends function, the Secure Access Procedure will start right after you miss the second “Is everything OK?” notification. This means that if your notifications are set to weekly, we will notify your Beneficiary if you miss the notifications over the course of 2 weeks; if your notification period is set to 2 weekly, we will contact your Beneficiary if you have not responded to the notifications for 4 weeks. LegacyApp gives you time (1 day, 1 week or 2 weeks depending on your settings) to respond to a notification.
Go to the "Secure Access Procedure" section below to read more.
Scenario 2: You use the Trusted Friends fuction (and at least 3 people have accepted to be your Trusted Friend)
In this situation, LegacyApp will first automatically send questions (via email and/or SMS – depending on the preferences each Trusted Friend has set) with a simple question: "Is [Your Name] okay?"
Your Trusted Friends will only be able to respond YES or NO to the question. When at least two people respond NO, the Secure Access Procedure to your data will begin. Go to the "Secure Access Procedure" section below to read more.
Secure Access Procedure
Imagine that John Smith (e.g. using his email john@email.com) was gathering notes in LegacyApp and set up his wife, Anna Smith, as his Beneficiary. Therefore, in LegacyApp, he would enter the email that his wife uses most frequently (e.g. anna.smith@email.com) in the Beneficiary field. He also used the Trusted Friends function.
John regularly used the app for several years, and has set LegacyApp's check-in period set to weekly. For some reason he forgets, or chooses not to, inform Anna that he was using LegacyApp. When creating backups in LegacyApp, he created an encryption key and provided the following hint for Anna: “The jeweler where I bought your engagement ring + the name of your first cat + @ (symbol)". All written together, and all letters capitalized.” He knew Anna would be able to guess the encryption key based on the hint.
John rides his bike often. During one of his rides, he falls so badly that he goes into a coma. His smartphone, which he used and which has LegacyApp installed on it, was also damaged. Therefore, he stops responding to notifications in the app and via email.
In this situation, the Secure Access Procedure automatically starts on the account registered to john@email.com, after John misses the second weekly notification sent to him by LegacyApp.
Step 1: LegacyApp sents emails and SMS messages to the Trusted Friends as indicated by John. John's friend and his sister respond "NO" to the question "Is John OK?"
Step 2: LegacyApp sents an email to anna.smith@email.com entitled “Secure access to information in LegacyApp.”
From LegacyApp's email, Anna lerns that user john@email.com has been gathering notes for her in the app, and now Anna has the ability to access these notes. In order to do so, Anna is asked to:
Step 3: When Anna logs into LegacyApp with the above credentials, she sees the hint for the Encryption Key created by John: "The jeweler where I bought your engagement ring + the name of your first cat + @ (symbol)". All written together, and all letters capitalized.” She easily guesses the Encryption Key. It is: “TIFFANYSONIA@”.
Step 4: After entering the correct Encryption Key when requested, LegacyApp automatically decrypts the location of John's backup file on his personal cloud account, and then downloads and decrypts the notes on Anna's phone, allowing Anna to browse through the notes.
Thanks to accessing John's notes, Anna learns a lot of valuable information necessary for her daily life without John: information about bank accounts and recurring payments that John has been handling. John also noted that he signed up for a group accident insurance policy at work, which he had forgotten to mention to Anna. Thanks to this information, Anna is able claim compensation from the insurance company.
Below, we have set out the steps that allow your Beneficiary to access your LegacyApp notes (assuming they are unable to log into your phone using your PIN or fingerprint and password):
1. Setup: When you set up LegacyApp on your smartphone, you'll need to enter the Beneficiary's email address under which we can contact them.
2. Backup and Encryption Key: As part of onboarding process you will be asked to back up your notes on your personal cloud with Google or Apple. We encourage you to do this each time you add to or change your LegacyApp notes. Whenever you save a new backup copy of your notes, you will be asked to create an Encryption Key. LegacyApp requires the Encyption Key to consist of at least 8 characters, one of which must be capitalised and one must be a special character.
3. Hint to Encryption Key: As part of setting an Encyption Key, you will be be able to enter a hint, which will be shown to your Beneficiary when they try to restore your LegacyApp notes (nb: this hint will also be shown to you, if you ever need to restore your notes, for example because you lost your phone or if you buy a new one). The hint should be written in a way that allows your Beneficiary to guess, remember or find the Encryption Key. It could state the location of where the Encryption Key is written down (e.g. "The Encryption Key is written on the back of our wedding photo in the living room"), or provide a hint that only your Beneficiary is able to guess (e.g. “The name of the town in which we first kissed + the year we met + @ (symbol)". All written together, and all letters capitalised.”). It is your job to ensure that your Beneficiary is able to guess, remember or find the Encryption Key using the hint they will be shown - otherwise they will not be able to restore your notes.
4. Notification of Beneficiary: Once you stop responding to LegacyApp's notifications (and, if you use the Trusted Friends function, only after two of your Trusted Friends confirm that you are not OK in response to the email or SMS message we send them), your Beneficiary will receive an email from us (which we will resend if the original email is not actioned by your Beneficiary) containing a unique link and instructions to create a new password for your account.
5. Downloading the App: Your Beneficiary will need to download LegacyApp and log in using your app credentials, which we'll provide to them. They'll use the password they created in step 4 above.
6. Encryption Key and Access: When the Beneficiary is logged into your account, they'll be shown the hint to the Encpryption Key. Once they are able to guess, remember or find the Encryption Key (based on the hint they are shown, which you created under step 3 above), they will need to enter it in the app. After your Beneficiary enters the correct Encyption Key, LegacyApp will automatically locate the encrypted backup file with your notes on your personal cloud account and decrypt it in the app. The Beneficiary will see your notes in a view-only format – no edits or deletions will be possible.
You can use LegacyApp to securely store any information that may be important for your loved ones after you are gone, but also any information that's useful for you - and which you may want to have securely stored at your fingertips.
If you are not sure what to include, open LegacyApp and click on the Add Note or "+" button. This is part of the onboarding process and is prominently shown at the bottom of the home screen once you are onboarded. After you click the Add Note or "+" button you will see a list of categories and documents which may be relevant for your Beneficiary. Select one of the categories and see what documents, we have suggested.
Of course there may be other things that are specific to you or your family, which you may want to save in the app. You can include any texts, photos or screenshots under the "Personal Notebook" category.
If you are not yet using LegacyApp, consider the following:
Please note that we do not recommend that you pair login details with any passwords in any single entry, but you are free to include whatever you want. While we trust our security measures, be mindful of prying eyes when LegacyApp is open on your phone or other accidental exposure.
Please also remember that LegacyApp does not replace the need for a will, last testament or general estate planning. The app is a very useful way to securely pass any information to your Benecifiary but LegacyApp does not relpace or substitute the need to put your affairs in order, for which you may want to speak to a lawyer, estate planner, accountant, tax specialist or other adviser.
LegacyApp is completely free to download and use.
We show occasional adverts to support our work and LegacyApp's development. If you enjoy our app, please spread the word.
If you would like to use LegacyApp without adverts or would like to support the development of this app, please subscribe to the premium version of the app. . You can do this by purchasing the Premium code and entering it in the app. To do that, click on "Unlock the Premium Version" in the app menu.
Alternatively, look out for our corporate and charity partners - you can use the Premium Codes they provide to access the premium version of the app.