Security
Your legacy is end-to-end encrypted from the moment you create it to the moment it's delivered. No exposure windows, no intermediate access. Security isn't an add-on. It's the foundation the system is built on, from the very first line of code.
Encryption
AES-256 is one of the strongest encryption standards in use today. In plain terms, it means no one reaches your content without the right keys.
Protection for your legacy starts the moment you create anything. Every message, memory, and document is encrypted individually with its own key, so each item is protected on its own and any risk is kept to a minimum.
End-to-end encryption applies at rest, while your content is stored, and in transit, while it's moving. There's no point in the life of your data when it's exposed without protection. That covers your messages, memories, documents, and anything personal you choose to keep.
Key management
The keys that encrypt your content are handled in an isolated environment running on dedicated hardware. The keys protecting your content live physically apart from the data itself, designed so that no one, including us, can reach them. Keys and data are never exposed in the same place.
Encryption keys are managed in AWS Key Management Service, on certified hardware modules that never expose the keys in plain text.
The keys that protect your content live apart from the data they encrypt. Every account has its own master keys, and they never leave the secure environment.
Keys are renewed periodically and automatically, with no service interruption and no action from you. The infrastructure is designed to prevent unauthorized access at every step.
The security of your legacy doesn't come from marketing promises. It comes from how the system is built, from the very start.
Principles
Not marketing promises. Architectural decisions that define how Eternalia works.
We can't read your content. It's encrypted, and the system is designed so Eternalia never has access to the text. Activating your legacy is a separate process, and being able to activate doesn't mean being able to see what you wrote.
We don't sell, share, or monetize your data. We don't use it to train models, build profiles, or serve ads. Under any circumstance.
We don't plug in third-party services that could reach your encrypted content. The systems handling your data are under our direct control.
Privacy isn't a feature we added later. It's the architectural foundation the whole platform stands on. Every technical decision starts from that principle.
You can see how the whole thing works in How it works.
The security of your legacy doesn't depend on promises. It depends on how the system is built, from the very start.
