Privacy Policy
Last updated: March 2026
Your privacy matters. This policy explains exactly what data InCaseIDie collects, why, and how it is protected.
1. Overview
InCaseIDie ("we", "the Service") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and what rights you have over it. InCaseIDie is operated by a single individual. We collect only what is necessary to provide the Service and never sell your data to third parties.
2. Information We Collect
We collect the following information when you use the Service: • Account information: your name and email address, provided at registration. • Vault content: messages, passwords, and any other information you store in your vault. This content is encrypted with 256-bit AES encryption before storage. We cannot read it. • Emergency contact information: names, email addresses, and dates of birth of contacts you designate. • Check-in activity: timestamps of your last check-in and scheduled deadlines. • Payment information: processed entirely by Stripe. We do not store your card details. We receive only a confirmation of payment and your email address from Stripe. • Technical data: IP address and approximate location recorded when an emergency contact attempts vault access, for your security notification.
3. How We Use Your Information
We use your information solely to provide and operate the Service: • To create and manage your account. • To store and protect your encrypted vault content. • To send verification and notification emails to you and your emergency contacts. • To process payments via Stripe. • To enforce your check-in schedule and trigger access requests accordingly. • To detect and prevent unauthorised access or abuse. We do not use your data for advertising, profiling, or any purpose beyond what is described here.
4. Encryption & Zero-Knowledge Storage
Your vault contents are encrypted using 256-bit AES encryption with a key derived from your vault password. This means that even we - the operator - cannot read, access, or recover the contents of your vault. We have no ability to decrypt your data. If you lose your vault password, the contents cannot be recovered by anyone.
5. Data Sharing & Third Parties
We do not sell, rent, or share your personal data with third parties for marketing purposes. We use the following third-party services to operate the platform: • Stripe - payment processing. Stripe's privacy policy applies to data you provide during checkout. • Proton Mail - transactional email delivery (verification emails, access notifications). These services receive only the minimum data required to perform their function.
6. Email Communications
We send transactional emails only - these include contact verification emails, vault access attempt notifications, and check-in reminders. We do not send marketing emails. You cannot opt out of transactional emails as they are essential to the operation of the Service.
7. Data Retention
We retain your account data and encrypted vault contents for as long as your account is active. If you delete your account, all associated data - including your vault contents, emergency contacts, and check-in history - is permanently deleted from our systems. Payment records may be retained for legal and accounting purposes as required by applicable law.
8. Your Rights
You have the right to: • Access the personal data we hold about you. • Correct inaccurate data via your account settings. • Delete your account and all associated data at any time through your dashboard. • Request a copy of your data by contacting us at [email protected]. Because vault contents are encrypted and we hold no decryption key, we cannot provide a readable export of your vault data - only the encrypted form.
9. Cookies
We use a single session cookie to keep you logged in. We do not use tracking cookies, analytics cookies, or advertising cookies. No third-party cookies are set by InCaseIDie.
10. Security
We take reasonable technical measures to protect your data, including encryption at rest, secure HTTPS connections, and access controls. However, no system is completely secure. You are responsible for keeping your account password and vault password strong and confidential.
11. Children's Privacy
The Service is not intended for anyone under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has created an account, please contact us and we will delete it.
12. Changes to This Policy
We may update this Privacy Policy from time to time. If we make significant changes, we will notify you by email or by a prominent notice on the website. Continued use of the Service after changes constitutes acceptance of the updated policy.
13. Contact
If you have any questions or concerns about this Privacy Policy or your data, please contact us at [email protected].