Privacy Policy

Introduction

Pass It On ("we", "us", "our") operates the estate planning platform at passiton.now. This policy explains what personal information we collect, how we use it, and what choices you have.

By creating an account or using the service, you agree to the practices described here.

Information We Collect

We collect the following categories of information:

• Account credentials: Your email address and a hashed version of your password. Passwords are hashed with Argon2id before storage. We never store your password in plaintext, and we cannot recover it.
• Legal profile information: If you choose to provide it: your full legal name, date of birth, mailing address, phone number, and executor or trustee contact details. These fields are optional and are used to populate your estate planning documents.
• Estate planning data: Items, beneficiaries, assignments, notes, and photos you add to your account. This may include item descriptions, monetary values, beneficiary names, contact details, relationship information, and percentage allocations.
• Encryption keys (if encryption is enabled): An encrypted copy of your Master Encryption Key and an encrypted backup of that key. See the Zero-Knowledge Encryption section below for details.
• Technical data: IP addresses, browser type, and related request metadata collected by our infrastructure and third-party services (described below).
• Account activity logs: We log events about your account activity (e.g. when you create an item, complete onboarding, or enable encryption) to operate and improve the service. These logs stay on our servers and are never shared with third parties.

We do not collect payment information, Social Security numbers, or government-issued ID numbers.

Zero-Knowledge Encryption

Pass It On offers optional encryption that works entirely on your device. When you turn it on, your estate data is scrambled on your computer or phone before it ever reaches our servers. We only store the scrambled version. We cannot read it, and neither can anyone else without your password.

Here is how it works, in more technical detail:

1. Your browser generates a secret encryption key (called a Master Encryption Key, or MEK) entirely on your device. This key never leaves your device in readable form.
2. That MEK is protected by a second key derived from your password (using a standard called PBKDF2). Only the password-protected MEK is sent to our servers.
3. You are shown a 12-word recovery phrase exactly once. This phrase is your only backup if you forget your password. We do not store it. Write it down and keep it somewhere safe.
4. All estate data — item names, descriptions, beneficiary details, and photos — is encrypted on your device using AES-256-GCM before transmission. Our servers receive and store only the encrypted version.

When encryption is enabled, we cannot read your estate data. We have no technical ability to access, decrypt, or hand over the contents of your estate plan to anyone, including ourselves.

If you lose your password and your recovery phrase, your encrypted data cannot be recovered. There is no backdoor.

How We Use Your Information

We use your information only to:

• Provide and operate the Pass It On service.
• Authenticate you and maintain your session.
• Send transactional emails you request, such as email verification and password reset messages.
• Detect and prevent abuse, fraud, and security threats.

We do not sell your personal data. We do not run behavioral advertising. We do not build profiles for marketing purposes. We do not share your data with third parties except as described in the Third-Party Services section below.

Third-Party Services

We use a small number of external services to operate the platform. Each acts as a data processor on our behalf.

hCaptcha

We use hCaptcha, operated by Intuition Machines, Inc. (IMI), on our login, registration, and password reset pages in invisible mode to detect and block automated bot activity.

hCaptcha may collect your IP address, browser characteristics, and mouse movement patterns to distinguish humans from bots. This processing occurs under IMI's own privacy policy.

• hCaptcha Privacy Policy: https://www.hcaptcha.com/privacy
• hCaptcha Terms of Service: https://www.hcaptcha.com/terms

For the purposes of GDPR, IMI acts as a data processor under Article 28. For the purposes of CCPA, IMI acts as a service provider.

Google Fonts

We load fonts from Google's CDN for typography. When your browser requests a font file, Google may collect your IP address and browser information. Google's Privacy Policy applies: https://policies.google.com/privacy

Google Cloud Platform

Our servers, database, and file storage run on Google Cloud Platform (GCP). Your data is physically stored in the United States (us-central1 region). GCP's terms of service apply: https://cloud.google.com/terms

Data Storage and Security

Here is how your data is stored:

• Database: Account data and estate planning records are stored in a PostgreSQL database on Google Cloud SQL. Connections use TLS. GCP applies server-side encryption at rest.
• Photos: Item photos are stored in Google Cloud Storage. Connections use TLS.
• Sessions and rate limiting: Redis holds ephemeral session and rate-limit data. This data is not persisted to disk and is not backed up.
• Client-side encryption: When enabled, your estate data is encrypted with AES-256-GCM before it leaves your browser. The ciphertext is what gets written to the database.

No security system is perfect. We take reasonable technical and organizational measures to protect your data, but we cannot guarantee absolute security.

Data Retention

We retain your data for as long as your account is active.

When you delete your account, a 30-day grace period begins during which you can cancel the deletion and restore access. After 30 days, all of your data, including items, beneficiaries, photos, and encryption keys, is permanently and irreversibly deleted from our systems.

Backups may retain deleted data for a short window beyond that, but those backups are themselves on a rolling deletion schedule.

Data Export

You can export all of your estate planning data at any time from your account settings. The export includes a JSON file of all your records and a ZIP archive of any photos you've uploaded. No request to us is needed.

Cookies

We use the following cookies:

• Access token (HttpOnly, 15 minutes): A short-lived JWT used to authenticate your requests.
• Refresh token (HttpOnly, 7 days): A longer-lived token used to obtain a new access token when the current one expires.
• CSRF token: A token used to prevent cross-site request forgery attacks.

We do not use tracking cookies, advertising cookies, or analytics cookies. We do not use any third-party cookie-based tracking.

Your Rights

You have the right to:

• Access the personal data we hold about you.
• Correct inaccurate data in your account.
• Delete your account and all associated data.
• Export your data at any time via the account settings page.
• Restrict certain processing by deleting your account.

If you have encryption enabled, we cannot access the contents of your estate plan at all, even in response to a valid legal request. The server holds only ciphertext.

To exercise any of these rights, or if you have questions about your data, contact us at support@passiton.now.

Children

Pass It On is not directed at children under 13. We do not knowingly collect personal information from anyone under 13. If you believe a child has provided us with personal data, contact us at support@passiton.now and we will delete it.

Changes to This Policy

We may update this privacy policy from time to time. When we do, we'll update the "Last updated" date at the top of this page. For material changes, we'll make reasonable efforts to notify you, such as by sending an email to the address on your account. Continued use of the service after changes take effect means you accept the updated policy.

Contact

Questions, requests, or concerns? Reach us at support@passiton.now.