- How is my data encrypted?
- Vault items (passwords, secure notes, asset details) are protected with AES-256 envelope encryption — each user has a unique encryption key, and titles + details are encrypted before storage. File attachments are stored on encrypted cloud infrastructure (TLS in transit, provider disk-level encryption at rest), but the file content itself is not separately encrypted (planned for a future release). All access is protected by authentication, optional two-factor authentication, and strict role-based permissions.
- Can StayKeep staff see my passwords?
- Your vault data is encrypted with a per-user key before storage. StayKeep staff cannot read your passwords or notes without the master encryption key, which is stored separately from the database. All access is logged and auditable.
- What happens if I forget my master password?
- You can reset your password through the standard password recovery flow. We strongly recommend enabling two-factor authentication (2FA) for additional security and storing your backup codes in a secure location.
- How does asset transition work exactly?
- When you configure an Asset Transition Plan, we monitor your login activity. After your specified inactivity period (default 90 days), we send you reminder emails (and SMS for Premium). If you don't respond after all reminder rounds and the cooling-off period, we share a time-limited secure link with your trusted contacts so they can access their designated assets.
- What format do contacts receive data in?
- Your contacts receive a secure email with a time-limited link to access their designated assets. They can view asset details and download attachments through secure links. On Free, contacts receive all items. Premium users can customize exactly which items each contact receives.
- Is my data backed up?
- Yes. Data is stored on managed cloud infrastructure with disk-level redundancy. We are working on automated off-site backups as part of our post-launch roadmap — until then, we recommend keeping your own export of critical data via the Assets page.
- How do I export my data?
- You can export your assets as JSON and download attachments at any time from the Assets page. We provide full data portability. Contact support for bulk export assistance if needed.
- What happens if StayKeep shuts down?
- In the unlikely event of service closure, we commit to providing at least 90 days notice and will offer data export tools. Your data remains portable. We recommend periodic backups of critical data to your own secure storage as a best practice.
- A family member just passed away — can StayKeep open their accounts or phone?
- StayKeep is for setting things up while you're still alive. If your family member registered with StayKeep beforehand and listed you as a Trusted Contact, you'll receive an automatic email after their inactivity period and cooling-off elapse. If they didn't sign up first, StayKeep cannot unlock their accounts or device for you — the service has no way to access someone else's accounts. We suggest considering it now for yourself so your family won't face the same wall.
