Stay Secure

Your trust matters. This page explains how we protect your information and how you can stay safe while using your PassItOn-Digital Vault.

Our Commitment

  • Clarity first: plain-English guidance at every step.
  • Control stays with you: you choose what to store, who can see it, and when.
  • Privacy by design: we collect the minimum needed and keep your information confidential.

How Your Vault Access Works

  • Individual logins: each client has their own secure login to the portal.
  • No silent sharing: we do not grant access to anyone without your explicit permission.
  • Role-based access: within the portal, access is limited by purpose and need.
  • Session security: always log out on shared devices; sessions auto-expire after inactivity.

Security Measures We Use

We use reputable, security-conscious platforms and industry-standard protections, including:

  • Encryption in transit: HTTPS (TLS) protects data moving between your browser and our portal.
  • Access controls: staff access is tightly limited and logged on a need-to-know basis.
  • Data minimisation: we only store what is required to provide the service.
  • Audit & review: periodic checks of settings, permissions, and data locations.

Important: No online service can guarantee absolute security. We take reasonable and proportionate steps to protect your information and will continue to improve our safeguards.

What We Never Do

  • Sell your personal information.
  • Share your files or details without your permission, unless required by law.
  • Ask for your passwords to banks, email, or social media.

Your Safety Checklist

  • Use a password manager and a unique password for your vault.
  • Enable 2-step verification (2FA) on your email and any password manager you use.
  • Keep recovery codes safe and tell your trusted person where to find them.
  • Beware of phishing: we won’t ask you to share your password or send files by email unless you started the request.
  • Check the URL: only sign in through links you trust from our website/portal.
  • Keep devices updated: apply operating system and antivirus updates promptly.

File Storage & Sharing

  • Your choice: upload documents to your vault, or provide a note of where they are securely stored.
  • Controlled sharing: if you choose to share, you decide who sees what and for how long.
  • Revoking access: you can ask us to remove or restrict access at any time.

Data Retention & Deletion

  • Retention: we retain your information while your account is active and as needed to provide the service.
  • Deletion: on request, we will delete or return your files unless we are legally required to keep them.
  • Backups: routine backups exist to protect against accidental loss; deletions will flow through backup cycles.

Legal Basis & Your Rights

We follow UK GDPR principles. Depending on the situation, we process data on the basis of contract (to deliver your vault), consent (where you choose to share), and legitimate interests (to improve security and service reliability). You have rights to access, correct, and request deletion of your data.

For full details, please see our Privacy Policy and Terms of Service.

Trusted People & End-of-Life Access

  • Your instructions first: we will only follow the sharing instructions you have set or confirmed.
  • Verification: if someone requests access, we will verify identity and check your documented wishes.
  • Changes: you can update your trusted contacts and access settings at any time.

Third-Party Services

We use reputable hosting and portal providers to run PassItOn-Digital. Where third-party services are involved, we ensure contracts and settings align with our privacy and security standards.

Reporting a Concern

If you suspect unauthorised access or receive a suspicious message, contact us immediately:

Updates to This Page

We review this guidance regularly. Significant changes will be highlighted here.

Last updated: 4 October 2025 • PassItOn-Digital

Security FAQs

Tip: Click or tap a question below to reveal the answer.

Is my vault private by default?
Yes. Only you can access your vault unless you choose to share specific items with a trusted person.
Can you see my files?
We don’t open or read your files unless you explicitly ask us to during a support request (and even then, we’ll confirm in writing first).
How do trusted people get access if something happens to me?
We follow your instructions. We’ll verify identity and check the contacts and permissions you’ve set before granting access.
Do you store my passwords?
No. We encourage you to use a password manager. You can upload a note explaining where your credentials or recovery codes are stored.
Where is my data stored?
Your data is hosted with reputable providers and encrypted in transit (HTTPS). We apply strict access controls and review settings regularly.
Can I delete my data?
Yes. You can request deletion at any time. Backups exist to prevent accidental loss, so removal will flow through routine backup cycles.