SafeKept is built with security at its core. We use industry-leading encryption and robust application-layer security to ensure your most sensitive information stays private.
All sensitive data is encrypted at the application layer using AES-256-GCM before it reaches our database. Even if our servers were breached, your data remains unreadable.
All sensitive vault data is encrypted using AES-256-GCM at the application layer before it is written to the database. Encryption is applied server-side using securely managed keys – your vault data is never stored in plain text.
Our infrastructure runs on industry-leading cloud providers with SOC 2 Type II compliance. All data is stored in EU data centres with strict access controls.
Encryption keys can be rotated at any time. Our system supports seamless key migration without any downtime or data loss.
Every access, modification, and sensitive action is logged with immutable audit trails. You can review who accessed what and when at any time.
If suspicious activity is detected, our admin team can immediately lock down affected accounts while we investigate. Your security is our priority.
When someone claims executor access, we verify their identity through multiple layers of security.
Executors must complete identity verification including photo ID, a selfie with ID, and a death certificate. Our team reviews submissions before access is granted.
Death certificates and legal documentation are required and verified before any estate access is granted.
Once your identity is verified and approved, a mandatory 72-hour security period begins before notifications can be sent. This gives time for any concerns to be raised before estate notifications are dispatched.
Any family member or interested party can dispute an estate claim within the cooling period, triggering an admin review.
Executors can be granted different access levels – from view-only to full management rights.
All executor actions trigger notifications to remaining trustees and logged in perpetuity.
SafeKept is designed to meet the highest standards of data protection and privacy.
Full data export, right to erasure, and granular consent management.
Compliant with the UK Data Protection Act and ICO guidelines.
Our infrastructure providers maintain SOC 2 Type II certification.