← Back to LegacyShield

Privacy Policy

Last updated: February 15, 2026

The short version

LegacyShield uses zero-knowledge encryption. Your documents are encrypted on your device before they ever reach our servers. We can’t read them. We don’t want to. This policy explains what little data we do handle and how we protect it.

Who we are

LegacyShield is operated by Stephen Ballot, based in the Netherlands. You can reach us at support@legacyshield.eu.

What data we collect

Account information

  • Email address (for login and notifications)
  • Name (if you provide one)
  • Payment information (processed by our payment provider — we never store card details)

Your documents

Your files are encrypted with AES-256-GCM on your device before upload. We store only the encrypted data. We cannot decrypt, read, or access your documents — this is zero-knowledge encryption by design.

Emergency contacts

We store the name and email address of people you designate as emergency contacts, plus the access conditions you define. Emergency contacts do not have access to your documents unless your specified conditions are met.

Technical data

  • Server logs (IP address, timestamp, request path) — retained for 30 days
  • We do not use analytics, trackers, or third-party cookies

How we use your data

  • To provide and maintain the service
  • To authenticate you and manage your account
  • To process payments
  • To send essential service notifications (e.g., emergency access requests)
  • To detect and prevent abuse

We do not sell your data. We do not use it for advertising. We do not share it with third parties except as described here.

Legal basis (GDPR)

We process your data on the following legal grounds:

  • Contract performance — providing the service you signed up for
  • Legitimate interest — security, abuse prevention, server logs
  • Legal obligation — tax and financial record-keeping

Where your data lives

All data is stored on Hetzner Cloud servers in Helsinki, Finland. Hetzner is a European-owned infrastructure provider. Your data never leaves the European Union. We do not use US cloud providers.

Cookies

We use only essential session cookies to keep you logged in. No tracking cookies. No third-party cookies. No cookie banner needed because we’re not doing anything shady.

Data retention

  • Account data: kept while your account is active, deleted within 30 days of account deletion
  • Encrypted documents: deleted immediately when you delete them, or within 30 days of account deletion
  • Server logs: 30 days
  • Payment records: retained as required by Dutch tax law (7 years)

Your rights

Under GDPR, you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — correct inaccurate data
  • Erasure — delete your account and all associated data
  • Portability — export your data in a machine-readable format
  • Restriction — limit how we process your data
  • Objection — object to processing based on legitimate interest

To exercise any of these rights, email us at support@legacyshield.eu. We’ll respond within 30 days.

You also have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl.

Third-party services

We use a minimal number of third-party services:

  • Hetzner Cloud (hosting) — EU-based, data stays in Finland
  • Payment processor — handles card payments; we never see or store your card number

Changes to this policy

We’ll update this page when things change and note the date at the top. For significant changes, we’ll notify you by email.

Contact

Questions about this policy? Email us at support@legacyshield.eu.