Security & Privacy

Your Legacy,Protected

We built LifeDraft.ai with security and privacy at its core. Your most personal memories deserve the highest level of protection.

Built for Security

Enterprise-Grade Protection

End-to-End Encryption

Your vault contents are encrypted before leaving your device using AES-256 encryption. We cannot read your encrypted data.

Shamir's Secret Sharing

Vault keys are split among your trusted contacts using cryptographic secret sharing. No single person can access your vault alone.

Multi-Factor Authentication

Protect your account with TOTP-based two-factor authentication. We also provide encrypted backup codes for recovery.

Zero-Knowledge Architecture

For vault contents, we implement zero-knowledge principles. Your encryption keys never touch our servers in plaintext.

Secure Infrastructure

Data is stored in SOC 2 compliant data centers with encryption at rest. All connections use TLS 1.3.

Comprehensive Audit Logging

Every action is logged with tamper-detection using cryptographic hashes. You can review your complete activity history.

How We Protect Your Data

A deeper look at our security architecture

Vault Encryption

When you add an entry to your vault, it's encrypted on your device using a Data Encryption Key (DEK). This DEK is then encrypted with your Key Encryption Key (KEK), which is derived from your password and split using Shamir's Secret Sharing.

Each trusted contact receives a "share" of your vault key. A configurable threshold (e.g., 2 of 3 shares) is required to reconstruct the key and decrypt your vault. This ensures no single person—including us—can access your data.

Voice Data Security

Your voice recordings are stored securely with access controls that ensure only authorized systems can process them. Voice data is used exclusively for creating your memorial voice profile—never for training general AI models.

When your memorial is accessed, voice synthesis happens in real-time with your specific voice profile. Your original recordings remain protected.

Access Control & Verification

Memorial access is protected by multiple layers: authentication, relationship verification, and permission checks. Trusted contacts must accept invitations and verify their identity before gaining access.

The check-in and escalation system includes multi-party verification to prevent unauthorized memorial activation. Multiple trusted contacts must confirm before memorial mode is triggered.

Audit Trail & Transparency

Every significant action in your account is logged with cryptographic hashing to detect tampering. You can review who accessed what and when, including trusted contact activity.

Audit logs include IP addresses, timestamps, and action details. This transparency helps you maintain control and detect any unauthorized activity.

Our Security Commitments

We will never sell your data to third parties

We will never use your voice for training AI models without explicit consent

We will always be transparent about how your data is used

We will notify you promptly of any security incidents

We will provide you with tools to export and delete your data

We will maintain industry-standard security certifications

We will conduct regular security audits and penetration testing

Found a Security Issue?

We take security seriously. If you discover a vulnerability, please report it responsibly to our security team.

security@lifedraft.ai

Your Legacy, Secure with Us

Start preserving your stories with confidence. Your data is protected by enterprise-grade security.