Security & Compliance
Your vault is encrypted on your device with a passphrase only you hold. The notes below explain, in plain language, what we do, where your data lives, and how access works.
When you set a vault passphrase, your browser uses it to encrypt everything you save - notes, account numbers, contacts, instructions - before it is uploaded. We do not store your passphrase on our servers.
We receive and store the encrypted version. Without your passphrase, the contents cannot be decrypted. If you forget your passphrase, recovery is not possible on your behalf.
Documents you upload - wills, ID copies, policy schedules, title deeds - travel over an encrypted connection and are encrypted on our servers before they are written to storage. Each file gets its own random key, which we then lock with a master key our servers hold, so the storage provider only ever sees the locked version. Unlike the structured vault entries above, the encryption happens on our servers and not in your browser.
Each file is checked when you download it again. If anything has been changed or swapped, the download is refused and the event is written to your audit log so you and we both see it.
Logins, vault unlocks, record changes, sharing, LifeKey requests and key-holder consents are all written to an audit log on your account. You can review it at any time and export it as a PDF pack for executors or attorneys.
The log is append-only and chained at the database: every row carries the hash of the previous row, so any attempt to edit, delete or reorder entries is rejected and surfaces as an alert. The chain hash is included in the audit-log PDF export so executors and attorneys can verify the log offline.
You can request deletion from your settings at any time. Your vault becomes inaccessible immediately, and your records and files are then removed from our active storage.
Encrypted backups roll over on their normal schedule; the vault contents in those backups remain encrypted and age out with the rest of the backup.
We keep a minimal record (account identifier, deletion timestamp, audit-log chain) for the period required by South African financial-services law, so we can answer regulatory queries. No vault contents are retained.
When I Am Gone (Pty) Ltd is the responsible party for your personal information under POPIA. We process it lawfully and only for the purposes set out in our privacy policy.
Vault data and uploaded files are held with our cloud and database providers under written POPIA processing terms. Third parties we use (e.g. email via Resend, card payments via Paystack) only see the operational data they need.
You have the right to access, correct, delete or object to the processing of your personal information. Email our Information Officer at support@wheniamgone.co.za.
We monitor for unusual sign-ins, file-integrity failures and audit-log gaps. Security alerts go to a dedicated inbox that is checked during business hours with on-call escalation outside of them.
If personal information is accessed by someone who should not see it, we will notify the Information Regulator and affected users in line with POPIA, no later than 72 hours after we become aware of the breach.
Report a security issue
Spotted something that looks wrong? Email our security team and we will respond within one business day.
security@wheniamgone.co.zaA plain summary of the boundaries built into the product.