Trust & Safety

Trust & safety

Your family’s wishes are sensitive. Here’s exactly how we protect them.

Encryption at rest

PPS numbers and bank account details are encrypted with AES-256-GCM using a key separate from your session key. We never see them unencrypted, even when we need to display them to you.

Audit logging

Every access to sensitive data (your PPS number, your accounts, your healthcare directive) is logged with timestamp, user, and action. You can request a full audit trail anytime.

Death verification (not automation)

When an executor opens a case, we don’t auto-send letters. A human on our team verifies corroboration:

  • A public death notice or news article
  • A certificate reference from the General Register Office
  • A second family member confirming the death
  • A referral from a verified partner (funeral director, solicitor, credit union)

Only when we’re confident do letters go out. Grief is too important for automation.

72-hour cooling-off

If you’re a plan holder and someone opens a case on your behalf (in error, or before you expected), you get an email with a one-click freeze link. You have 72 hours to freeze the case. Nothing leaves our service until after that window.

No client funds

We never hold your money, prepaid plans, trust funds, or estate accounts. Membership is paid upfront to us; concierge fees are arranged at case creation. No deferred liabilities.

Data retention & deletion

You can delete your plan anytime. We delete your data within 30 days unless you’re involved in an active case. After probate closes, we keep records for 7 years (Irish legal requirement) then purge.

Code of Practice

We’ve published a voluntary Code of Practice covering client money, data protection, death verification, and complaints. It’s our way of shaping regulation before regulators do it for us.

Read the full Code of Practice (PDF)

Complaints

If you believe we’ve mishandled your data, email support@familyvault.ie with details. We’ll investigate within 14 days. If you’re unsatisfied, escalation is available.

GDPR & data protection

We’re GDPR-compliant. You have rights to access, correction, deletion, portability, and objection. See our privacy policy for details.

View privacy policy

Questions about safety?

Email us anytime. We’re here to explain in plain language.

Contact support