TRUST & SECURITY
Trust & Security
When families store important memories, documents, and legacy materials, trust has to be earned. This page explains exactly how IOUHome and IOULegacy protect your data, who can access it, and what controls you have.
Zero-Knowledge Encryption
When you enable encryption, your data is encrypted and decrypted entirely on your device using a passphrase that only you know. The server never sees your plaintext content or your passphrase.
Client-Side Encryption
AES-256-GCM encryption runs in your browser using the Web Crypto API. Your passphrase never leaves your device.
Key Splitting
Your encryption key is split into three shares using Shamir’s Secret Sharing. Any two of three shares can recover your key — no single point of failure.
We Cannot Read Your Data
Because encryption happens on your device, we have no ability to decrypt your content. Even if our servers were compromised, your encrypted data remains unreadable.
Sealed Capsules & Tamper Protection
Legacy capsules are designed to be permanent once you seal them.
Digital Fingerprint
Every capsule gets a unique SHA-256 hash when sealed. If even one character changes, the fingerprint changes completely. Nobody — not even us — can alter your capsule without detection.
Sealed = Locked Forever
Once sealed, content, attachments, and recipients are frozen. The digital fingerprint proves nothing was changed. You can verify this at any time.
Tamper-Proof Audit Trail
Every action in your vault is recorded in a tamper-proof audit log. Each entry is linked to the previous one using SHA-256 hashing — the same concept behind blockchain verification. If anyone attempted to alter or delete an entry, the chain would break and the tampering would be immediately visible.
You can verify the integrity of your entire audit chain at any time from within the app.
Release Rules — You Decide When
Your capsules are delivered on your terms. You set the rules, and the system follows them.
📅 Date-Based
Release on a specific date you choose — a birthday, anniversary, or any date that matters.
⏱ Inactivity
If you do not log in for a period you define, your capsules are released to your designated recipients.
👥 Multi-Party Verification
Require trusted contacts to confirm before release. No single person can trigger delivery alone.
✋ Manual
Release a capsule yourself whenever you are ready. You are always in control.
Access Control & Data Isolation
Your data is stored in its own isolated partition. There is no shared database where one user’s data could accidentally be visible to another. Each account is completely separate at the infrastructure level.
Only you can see your capsules, documents, and photos. Recipients see only the specific capsules you addressed to them — and only when your release rules trigger.
Infrastructure & Hosting
AES-256 encryption at rest
HTTPS / TLS encryption in transit
AWS Web Application Firewall
U.S.-based data centers
Our Privacy Commitment
No third-party analytics.
We do not collect or share browsing or usage analytics data.
No data selling.
We will never sell, rent, or share your personal information with advertisers or data brokers.
No AI training on your data.
Your content is never used to train AI models. AI features process your content only when you ask them to, and nothing is retained.
Minimal data collection.
We collect only what is needed to run your account: your name, email, and the content you choose to store.
Questions?
If you have questions about how your data is protected, contact us at
IOUMore, LLC operates IOUHome and IOULegacy. Free legacy programs are provided through IOU, Inc., a registered 501(c)(3) non-profit (EIN 81-2203628).