How we protect your family's information
The information in your vault is some of the most sensitive your family will ever share. Here's how we keep it safe — in plain language.
Encryption
All data is encrypted with AES-256 at rest and TLS 1.3 in transit. Uploaded documents are stored in encrypted object storage, and database backups are encrypted as well.
Access control
You own your vault. Trusted contacts only see what you explicitly grant them, and you can revoke any contact's access in one click. Every view, share, and update is recorded in an activity log you can review at any time.
Infrastructure
EverKeep runs on Supabase (managed Postgres with row-level security) hosted in AWS US data centers, and is fronted by Cloudflare for DDoS protection and a web application firewall.
Authentication
Sign in with email and password or Google. Passwords are checked against the Have I Been Pwned database to block known-breached credentials, and sessions can be revoked from any device.
How we handle your data
We do not sell your data. We do not share your policy information with carriers, agents, or marketers. You can export or permanently delete your vault at any time.
What we're working toward
We're actively investing in independent third-party security audits and expanded audit logging. As those programs complete, we'll publish the results on this page.
Responsible disclosure
If you believe you've found a security vulnerability in EverKeep, please email us before sharing it publicly. We respond to every report and credit researchers who help us keep families safe.
support@geteverkeep.comReady to protect your family's information?
Set up your encrypted vault in under three minutes.