Protecting the data you store in LegacyApp is our priority. We ensure this in four ways:
First: Security by Design
We designed LegacyApp so that your private notes are never stored on our servers. They are stored exclusively (i) on your smartphone, and if you save a backup copy of your notes, (ii) on your private cloud account, either on your Google Drive or Apple iCloud account. This way, no one can steal your data from us by hacking our server (nor demand access to your data from us). This also means, that we can't sell your data to third parties as we just don't have access to it.
Second: Data Encryption and SSL
Any notes you store in LegacyApp are encrypted with the AES 256 algorithm (Advanced Encryption Standard - Wikipedia). This algorithm is commonly used by financial institutions and the military. The encryption key consists of two halves: your key, which you create when encrypting your notes (minimum 8 characters), and our half, which is over 90 characters long. Therefore, your backup file and notes are encrypted with a password of over 100 characters - hacking into and decrypting your notes by a third party is practically impossible today.
Additionally, any data transmission between LegacyApp or your browser is encrypted using the SSL protocol (Secure Sockets Layer (SSL) protocol - IBM). This is the go-to solution that's commonly used to protect and connect all sensitive services on the internet (e.g. financial and government institutions).
Thanks to this security architecture, no one will be able to decrypt your notes. Even if someone hacks into your personal cloud account and downloads the backup file with your encrypted LegacyApp notes, they would not be able to decrypt the notes without knowing both the encryption key that you create when saving the backup copy of your notes, as well as our half of the key.
Third: Trusted Friends
For anyone who wants to ensure that their LegacyApp notes only reach their chosen beneficiary after their death, we have created the (optional) Trusted Friends function. If you enable this function in LegacyApp, you can designate three (or more) people who will be asked (by email or SMS) to confirm if you are OK (and if your notes should be passed to your chosen beneficiary) after you stop responding to LegacyApp's notifications. This is also additional safeguard in case you forget to, or are unable to, confirm that you are alright.
Only once at least two of your Trusted Friends confirm that something has happened to you, will LegacyApp initiate the process of granting your chosen beneficiary access to your data (you can read more about this process here: ...)
Correct configuration of trusted friends: green box and name of the Trusted Friend
Fourth: Supervision by an External Law Firm
The specialist technology law firm LBK&P oversees LegacyApp's compliance with GDPR regulations (GDPR - Wikipedia), both in respect of the app and the website. LBK&P supervises our compliance with data processing procedures and represents LegacyApp before the General Inspector of Personal Data Protection.
You can find more details about this in the Privacy Policy document available on the website: