An honest explanation of how we protect your data, what we can and cannot access, and our commitments to you.
Last updated: March 2026
Live canary statement
Legacy Vault staff have accessed 0 user accounts in the last 30 days.
This number updates automatically. Every instance of staff access is logged, timestamped, and the affected user is notified by email immediately and automatically.
Every file you upload to Legacy Vault is encrypted using AES-256-GCM — the same standard used by banks, governments, and the military. Encryption happens on our servers before the file is written to storage. Each file receives its own unique encryption key, derived from a master key that is never stored in the database.
Encrypted files are stored privately. There is no public URL or guessable path that anyone could use to access them. All file access is gated behind authenticated API routes that verify your identity on every request.
Legacy Vault is not a zero-knowledge encryption service. This means that our servers technically control the decryption process. In an extreme scenario where an attacker gained full server access, or if compelled by a valid court order, encrypted files could theoretically be decrypted.
We do not make claims we cannot keep. The correct description of our security is:
"Your documents are encrypted using AES-256, stored privately, and only released through tightly controlled, authenticated, and fully audited workflows. Legacy Vault does not access, read, or share your documents."
If you require true zero-knowledge encryption where even the service provider cannot access your files, we recommend looking at tools like Tresorit or Proton Drive for that specific need.Legacy Vault's strength is in the controlled release workflow — not raw storage privacy.
Occasionally, a member of Legacy Vault's team may need to access an account — for example, to investigate a security report, diagnose a technical fault, or respond to a support request you have made.
Every single instance of staff access is subject to these rules without exception:
Permanently logged
The access event is written to a tamper-evident audit log with timestamp, IP address, and the reason given.
Instant user notification
You receive an email within seconds of any staff access to your account. This alert cannot be suppressed by staff.
Publicly reported
The aggregate count of staff access events appears on this public transparency page, updated in real time.
Visible in your audit log
The event appears in your personal Security Centre page with full details of when, where, and why.
Your documents are stored on servers located in the United Kingdom and European Union.
We do not sell, share, or transmit your documents to third parties under any circumstances.
If you delete a document, it is soft-deleted immediately (removed from your view) and permanently purged from storage within 30 days.
If you close your account, all documents are scheduled for permanent deletion within 30 days.
Under UK GDPR, you have the right to access all data we hold about you, request correction of inaccurate data, request deletion of your account and all associated data, and object to processing of your personal data.
To exercise any of these rights, contact us at privacy@legacyvault.app.
If you believe your account has been accessed without authorisation, or you have discovered a security vulnerability, contact us immediately at security@legacyvault.app. We take all security reports seriously and respond within 24 hours.