Security Document
At TimeCapsule, we understand that entrusting us with your most sensitive information—financial details, personal messages, and unfulfilled wishes—requires the highest standards of security and privacy. Our mission is to provide a secure and private digital will service that ensures your legacy is protected and delivered only to your designated recipients when needed. This security document outlines the comprehensive measures TimeCapsule implements to safeguard your data, maintain privacy, and ensure reliable delivery. Our commitment to security is rooted in advanced technology, strict compliance, and user-centric design, providing you with peace of mind as you plan your legacy.
1. End-to-End Encryption
Overview
TimeCapsule employs end-to-end encryption to ensure that your sensitive information remains secure and inaccessible to anyone except your designated recipients. This industry-standard encryption protocol protects your data during creation, transmission, and storage, guaranteeing that your digital will is only accessible to those with the correct password.
How It Works
Client-Side Encryption: When you create a digital will, the sensitive content is encrypted directly on your device using a password you set. This ensures that the data is encrypted before it leaves your device and is transmitted to our servers in an unreadable, ciphertext format.
Decryption by Recipients: Only your designated recipients, using the correct password, can decrypt and view the contents of your will. The password is never stored on our servers, and even TimeCapsule’s system administrators cannot access your encrypted data.
Password Requirements: Passwords must be between 6 and 128 characters long, allowing flexibility to use a string or even a sentence. Users can paste complex passwords (e.g., non-Latin characters) using the Ctrl+V shortcut, ensuring compatibility with diverse password formats.
Password Hint System: To assist recipients in accessing your will, you create a password hint—a clue known only to you and your recipients (e.g., “The place we first met” or “The last page of my diary”). This hint is stored separately and sent to recipients when trigger conditions are met, ensuring secure access without compromising the password itself.
Security Benefits
Your sensitive information remains private, even from TimeCapsule’s staff.
Encrypted data is protected against unauthorized access during transmission and storage.
The password hint system balances security and accessibility, ensuring recipients can access your will without storing passwords in plain text.
2. Strict Privacy Policies
Overview
TimeCapsule is committed to complete privacy, ensuring that your personal information is entirely under your control and never shared with third parties. Our privacy-first approach is designed to give you confidence that your data is handled with the utmost care and respect.
Privacy Measures
User Control: You have full ownership of your data and can modify, update, or delete your digital wills at any time through your account. This ensures you maintain control over your information throughout your subscription.
No Third-Party Sharing: TimeCapsule adheres to strict policies that prohibit sharing your personal information with third parties. Your data is used solely for the purpose of creating, storing, and delivering your digital will as per your instructions.
Minimal Data Collection: We collect only the essential information needed to operate the service, such as your email address for account creation and confirmation emails. No unnecessary personal data is requested or stored.
Recipient Privacy: When notifying multiple recipients, TimeCapsule sends individual emails to each recipient, ensuring that no recipient sees the email addresses of others. This maintains privacy among your designated recipients.
Compliance with Global Standards
TimeCapsule is fully compliant with leading global privacy regulations, including:
General Data Protection Regulation (GDPR): Ensures that your data is handled in accordance with European privacy standards, emphasizing transparency, user control, and data security.
California Consumer Privacy Act (CCPA): Provides additional protections for users in California, including the right to know, delete, and opt out of data sharing.
These certifications reflect our commitment to maintaining the highest standards of privacy and data protection.
3. Smart Time Control and Confirmation Mechanisms
Overview
To prevent accidental or premature delivery of your digital will, TimeCapsule implements a smart time control system with customizable trigger conditions and periodic confirmation emails. This ensures that your will is only delivered when you are truly unable to respond, providing a reliable safeguard against errors.
How It Works
Periodic Confirmation Emails: TimeCapsule sends regular confirmation emails containing an “I’m OK” button to verify your status. You can customize the frequency of these emails, choosing from options such as weekly, biweekly, monthly, quarterly, or semiannually.
Customizable Trigger Conditions: When creating your will, you specify the number of consecutive missed confirmation emails (e.g., 2, 3, or more) before the system notifies your recipients. This threshold ensures that temporary lapses, such as missed emails due to travel, do not trigger delivery.
Secure Notification Process: If the trigger conditions are met (i.e., you fail to respond to the specified number of confirmation emails), TimeCapsule sends a notification to your designated recipients with instructions to access your will and the associated password hint. The encrypted content remains secure and can only be decrypted with the correct password.
Security Benefits
Prevents accidental delivery by requiring multiple missed confirmations.
Allows you to tailor the confirmation frequency and threshold to your preferences, balancing convenience and reliability.
Ensures that notifications are sent securely to individual recipients, maintaining privacy and security.
4. Secure Password Management
Overview
The security of your digital will hinges on the password you choose. TimeCapsule’s password management system is designed to balance ease of use with robust security, ensuring that only authorized recipients can access your encrypted content.
Key Features
Flexible Passwords: Passwords can be any string or sentence between 6 and 128 characters, allowing you to create complex and memorable passwords. Non-Latin characters, numbers, and punctuation are supported via the Ctrl+V shortcut for both input and decryption.
Password Warning: TimeCapsule provides a clear warning that the password is not stored on our servers and cannot be recovered if lost. Users are reminded to create a password hint that aligns with the password to ensure recipients can access the will.
Password Confirmation: When creating a will, you must confirm the password to prevent errors. If the passwords do not match, the system alerts you to correct the issue, ensuring accuracy.
Decryption Security: Recipients must enter the correct password to decrypt the will. If an incorrect password is entered, the system provides an error message (e.g., “Decryption failed, please check if the password is correct”), protecting the content from unauthorized access.
Security Benefits
Eliminates the risk of password storage by keeping passwords client-side.
Encourages secure password practices through hints and confirmation checks.
Protects against brute-force attempts by requiring precise password entry.
5. Reliable Infrastructure with 99.9% Uptime Guarantee
Overview
TimeCapsule’s reliability guarantee ensures that our platform is always available to send confirmation emails and deliver your digital will when needed. Our robust infrastructure is designed to minimize downtime and ensure consistent performance.
How It Works
High Availability: TimeCapsule’s servers maintain a 99.9% uptime guarantee, ensuring that confirmation emails, recipient notifications, and will access are delivered without interruption.
Redundant Systems: Our infrastructure includes redundant systems to prevent service disruptions, ensuring that your will is accessible and deliverable even during unexpected technical challenges.
Secure Transmission: All communications, including confirmation emails and recipient notifications, are sent over secure channels using industry-standard encryption protocols (e.g., TLS for email delivery).
Security Benefits
Ensures that your will is delivered reliably when trigger conditions are met.
Minimizes the risk of service interruptions, providing confidence in the platform’s dependability.
Protects email communications with secure transmission protocols.
6. Secure Account Access with Password-Less Login
Overview
TimeCapsule uses a password-less login system to enhance security while simplifying the user experience. This system eliminates the need to remember complex passwords, reducing the risk of unauthorized account access.
How It Works
Email-Based Login: When you log in, TimeCapsule sends a secure login link to your registered email address. Clicking this link authenticates you and grants access to your account without requiring a password.
Verification Process: The login link is time-sensitive and can only be used in the browser where the request was initiated, adding an extra layer of security.
Spam Protection: If you don’t receive the login email, TimeCapsule advises checking your spam or junk folder and provides an option to resend the email, ensuring accessibility without compromising security.
Security Benefits
Eliminates the risk of password theft or phishing attacks.
Simplifies the login process while maintaining high security standards.
Ensures that only authorized users with access to your email can log in.
7. Error Handling and User Protections
Overview
TimeCapsule’s platform includes robust error handling and user protections to prevent data loss, unauthorized access, or operational errors. These measures ensure that your experience is secure and reliable.
Key Protections
Data Validation: The platform validates inputs such as email addresses, passwords, and will content to prevent errors (e.g., “Invalid email address” or “Password too short”). This ensures that your will is created and stored correctly.
Decryption Safeguards: If a recipient enters an incorrect password, the system provides clear feedback (e.g., “Decryption failed, please check if the password is correct”) without exposing the encrypted content.
Content Size Limits: To prevent performance issues, TimeCapsule limits the size of encrypted content and alerts users if the content exceeds the maximum size (e.g., “The encrypted content is too large, please reduce the sensitive content and try again”).
Duplicate Email Prevention: The system prevents duplicate recipient email addresses to avoid confusion and ensure accurate delivery.
Security Benefits
Reduces the risk of errors that could compromise your will’s integrity.
Protects against unauthorized access by validating inputs and decryption attempts.
Enhances user trust by providing clear error messages and guidance.
8. Secure Recipient Notification Process
Overview
When trigger conditions are met, TimeCapsule notifies your designated recipients securely, ensuring that only authorized individuals receive access to your will.
How It Works
Individual Notifications: Each recipient receives a personalized email notification containing instructions to access the will and the associated password hint. Recipients do not see each other’s email addresses, maintaining privacy.
Multiple Recipients: You can specify multiple recipient email addresses for each will, providing redundancy in case a primary recipient cannot access their email. This ensures that your will reaches the intended individuals.
Secure Delivery: Notifications are sent over secure email channels, and the encrypted content remains inaccessible without the correct password.
Security Benefits
Protects recipient privacy by sending individual notifications.
Ensures reliable delivery with multiple recipient options.
Maintains security by requiring password-based decryption.
9. Regular Security Updates and Monitoring
Overview
TimeCapsule is committed to maintaining a secure platform through regular security updates and proactive monitoring. Our team continuously improves the platform to address emerging threats and enhance performance.
How It Works
Security Patches: We regularly update our encryption protocols, server infrastructure, and application code to address vulnerabilities and incorporate the latest security best practices.
Proactive Monitoring: Our systems are monitored for suspicious activity, ensuring that any potential threats are identified and mitigated promptly.
User Notifications: If security updates require user action (e.g., updating a will or password), we provide clear guidance to ensure continued protection.
Security Benefits
Keeps the platform secure against evolving cyber threats.
Ensures long-term reliability and trustworthiness.
Provides users with confidence that their data is protected by the latest security measures.
10. User Education and Transparency
Overview
TimeCapsule prioritizes user education and transparency to empower you to make informed decisions about your digital will. We provide clear guidance on security practices and limitations to ensure you understand how your data is protected.
Key Features
Legal Disclaimer: TimeCapsule clearly communicates that digital wills created on the platform may not have full legal effect and are intended to complement, not replace, physical legal wills. We recommend recording ultra-sensitive information (e.g., account numbers) on paper and guiding recipients to its location via the digital will.
Password Warning: The platform emphasizes the importance of remembering your password and creating an effective password hint, as lost passwords cannot be recovered.
FAQ and Support: Our comprehensive FAQ section addresses common security questions, such as “How does TimeCapsule ensure my information is secure?” and “How do you prevent accidental message delivery?” Our priority customer support is available to answer additional queries.
Security Benefits
Empowers users to make secure choices through clear guidance.
Enhances trust by being transparent about the platform’s capabilities and limitations.
Reduces the risk of user errors that could compromise security.
Conclusion
TimeCapsule’s security framework is built on a foundation of end-to-end encryption, strict privacy policies, and reliable delivery mechanisms, ensuring that your digital will is protected at every stage. From client-side encryption to customizable trigger conditions and GDPR/CCPA compliance, we prioritize your security and privacy above all else. Our 99.9% uptime guarantee, password-less login, and proactive monitoring further enhance the platform’s reliability, while user education ensures you can use TimeCapsule with confidence.
We are committed to maintaining the highest standards of security to protect your legacy. For any questions about our security practices or to get started with TimeCapsule, please visit https://hnw.email/en/feedback or contact our support team. With TimeCapsule, you can create a secure digital will, knowing that your most important information and wishes are safe and will be delivered exactly as intended.
Last Updated: May 22, 2025
Contact: For further inquiries, please reach out via our Feedback page.