Your data is yours.

LifeAccount is a secure digital vault and end-of-life planning service operated by Damon Gilmore, doing business as LifeAccount.

When this policy says “we,” “us,” or “LifeAccount,” it means LifeAccount, the service operated by Damon Gilmore.

We are based in the United States. The Service is currently offered only to U.S. residents. We expect to incorporate as a Wyoming entity in the near term; when that filing completes we will update this page to reflect the new entity.

This policy explains what we collect about you, what we do with it, who we share it with, how long we keep it, and your rights. It applies to lifeaccount.com, app.lifeaccount.com, and any communication we send you.

It does not cover other companies’ sites we link to (such as a partner advisor’s site, an attorney directory, or a funeral pre-planning service). Those have their own privacy policies.

We collect three kinds of information.

a. Things you give us.

When you create an account or fill in your vaults, you provide:

• Account details— your name, email address, password (hashed, never stored in plain text), and optionally your phone number, state, and birthday.
• Vault contents— whatever you choose to put in your Legal, Insurance, Identity, Financial, People, Digital, Story, Final Wishes, and Time Capsule vaults. This can include sensitive information: medical preferences, insurance policies, financial account references, beneficiary designations, passwords, and personal letters.
• Uploaded files— documents, photos, audio, or video you upload.
• Inner Circle data— the name of your Circle, who you invite, who joins, and which items you choose to share with Circle members.
• Executor and contact information — the people you designate to receive access after you pass, and the people you list in your People Vault.
• Conversations with Grace — messages you exchange with our AI companion.
• Payment information— processed by Stripe. We never see or store your card number.
• Signup acknowledgments— the three explicit acknowledgments you made when creating your account (age + U.S. residency, Terms + Privacy Policy agreement, depository disclaimer acknowledgment), along with the IP address, browser, and exact document versions you saw at the time. We retain these permanently as a legal record.

b. Things we collect automatically.

• Sign-in records— date, time, IP address, and approximate city of each sign-in, so we can alert you to logins from new locations.
• Usage data— the pages you visit inside LifeAccount and the features you use, to keep the service running.
• Device data— browser type, operating system, and general device characteristics, used for security and bug reporting.

We do not place tracking cookies or use third-party advertising trackers on the signed-in product. The marketing pages may use basic analytics; see our cookie notice in section 16.

c. Things others tell us about you (with your consent).

If you accept an Inner Circle invitation, we receive the invitation record from the person who invited you. If you ask a partner advisor to contact you (see section 5), we record that consent and pass your information to that advisor only after you click to confirm.

We use the information you give us to:

• Run and improve the service
• Send you transactional emails (welcome, sign-in alerts, billing)
• Send occasional emails you can opt out of (birthday, annual review)
• Deliver letters and Time Capsules you’ve scheduled
• Verify the identity of an executor when you pass, and grant them access to your account per your instructions
• Detect and prevent fraud, abuse, and security incidents
• Comply with legal obligations

We do not sell your information. We do not share it with advertisers. We do not use it to train any AI model. (See section 7 for how Grace works.)

From time to time we work with carefully chosen partner advisors — insurance brokers, estate planning attorneys, funeral pre-planning services, financial planners, notary services, and similar professional service providers. Our relationships with these companies vary:

• Some partners are completely independent of LifeAccount and pay us no compensation
• Some partners pay LifeAccount a referral fee, commission, or affiliate payment for customers we send them
• Some partners share common ownership, leadership, or other material relationships with LifeAccount

We never share your information with a partner unless you have given us specific, explicit consent for that specific partner, for that specific purpose. When you click a partner referral button inside LifeAccount, we show you exactly what information will be shared, who it will be shared with, and what our relationship with that partner is, and ask you to confirm. Until you confirm, nothing is sent.

If you give consent and later change your mind, you can revoke that consent at any time in Settings → Consent & sharing. When you revoke a consent, we notify the partner (where reasonable) that you no longer wish to be contacted, and we stop sharing further information with them. The partner’s own privacy policy controls what they do with information they already received before your revocation.

You are never required to use any LifeAccount partner. You are always free to use any provider you prefer.

These disclosures are made in compliance with the Federal Trade Commission’s Endorsement Guides and equivalent state requirements.

An Inner Circle is an optional feature that lets you connect your LifeAccount with other LifeAccount members (a spouse, an adult child, a sibling, a close friend). When you join a Circle, other members see your name, city, and the fact that you have an account. Members do not see any of your vault data unless you explicitly share a specific item with the Circle.

Sharing is per-item and revocable. You can unshare any item at any time. If you leave a Circle, all your future sharing stops; items you shared before leaving remain visible to members who already saw them — we cannot un-see something.

Being in an Inner Circle does not grant another member legal authority over your account or your estate. It is a sharing feature, not a legal designation.

Every action inside an Inner Circle — joining, leaving, sharing, unsharing, removing a member — is logged in an immutable audit record that you can view at any time.

Grace is an AI companion built on Anthropic’s Claude API. When you chat with Grace, your messages are sent to Anthropic for processing and the response is sent back to you and saved to your conversation history.

Anthropic does not use API conversations to train their models. By default Anthropic retains API request data for up to 30 days for trust and safety monitoring, after which it is deleted from their systems. LifeAccount keeps your conversation history in your account so you can return to it later; you can delete any conversation in Settings.

LifeAccount does not use your conversations, vault content, or personal information to train any AI model — our own or any third party’s.

Grace is not a lawyer, doctor, or financial advisor. She may occasionally provide outdated or incorrect information. For any important decision, please verify with a qualified professional.

To run the service, we use a small set of trusted vendors (“subprocessors”). They process information on our behalf, under contract, and only for the purposes we’ve authorized.

• Supabase— database, authentication, file storage. U.S.-hosted. SOC 2 Type 2.
• Vercel— application hosting. U.S.-hosted. SOC 2 Type 2.
• Anthropic— AI processing for Grace. U.S.-hosted. SOC 2 Type 2.
• Stripe— payment processing. PCI DSS Level 1.
• Resend— transactional email delivery. SOC 2 audited.

We do not transfer your data outside the United States.

LifeAccount is a depository, not an estate administrator. We hold your data securely; we do not act on your behalf after you pass.

When you die, it is the responsibility of the executor you designated to initiate access to your LifeAccount. We do not monitor public records, obituaries, or any other source to detect a member’s passing. Nothing happens to your account automatically — including the release of letters or Time Capsules tied to your passing — until your designated executor begins the activation process described in our Terms of Service section 8.

When your executor initiates activation and provides the required documentation (death certificate, identity verification, and a 30-day anti-fraud waiting period), they receive access to the parts of your account you chose to make available to them. Posthumous delivery triggers — Time Capsules and letters tied to your passing — fire at the end of the 30-day waiting period, per your instructions.

Your data remains your data after you’re gone. We do not sell, share, transfer, or repurpose the data of a deceased member. Your executor may export everything for the estate, or request that we delete it.

If your account becomes inactive for more than five years with no designated executor activity, we will attempt to reach you and your listed contacts before taking any action. We will never delete a member’s data without notice.

The default rule: we keep your data for as long as you have an account.

If you cancel your subscription:

• Your free vaults (Legal, Insurance, Identity, People) remain available indefinitely on the Free plan.
• Paid-only vault contents (Financial, Digital, Story, Final Wishes, The Last Chapter, Time Capsule) remain encrypted on file but read-only until you re-subscribe.

If you delete your account:

• We delete your vault contents, files, conversations with Grace, and Inner Circle membership within 30 days.
• We keep a minimal record of your account’s existence (email, signup acknowledgment record, and deletion date) for up to 7 years to comply with tax and anti-fraud obligations. This record contains no vault contents.
• Audit log entries you participated in (for example, Inner Circle actions taken on circles where other members remain) are retained with your identity anonymized.
• Your permanent signup acknowledgment record is retained as a legal-compliance artifact and is not deleted.

Conversations with Grace older than 24 months are automatically archived; you can permanently delete any conversation immediately.

You have the right to:

• See what we have.Use Settings → Export my data to download everything we hold about you in a portable format.
• Correct what’s wrong. You can edit your vault contents and account details at any time.
• Delete your account.Settings → Delete my account. This is final after a 30-day grace period.
• Take your data with you. Your export is a standard format (JSON + PDF archive) you can take anywhere.
• Withdraw consents.Settings → Consent & sharing lets you revoke any consent you have previously given for partner referrals, Inner Circle sharing, occasional emails, and other optional activities.
• Opt out of marketing.Settings → Email preferences. Transactional emails (welcome, sign-in alerts, billing) cannot be turned off while you have an active account.
• View your signup acknowledgment record. Settings → Privacy → My acknowledgments shows the exact text and date of each agreement you made.
• Ask us a question. Write to hello@lifeaccount.com and we will respond within 5 business days, and within 45 days for formal data requests.

If you live in one of the states listed below, you have additional rights under your state’s privacy law. These rights are additions to, not replacements for, the rights described in section 11. To exercise any state-specific right, email hello@lifeaccount.com with the subject “Privacy request — [your state].”

California (CCPA / CPRA)

You may request a list of the categories of personal information we collect, use, and share; request deletion; request correction; and opt out of any “sharing” or “sale” of personal information. LifeAccount does not sell or share personal information in the sense those terms are used by the CCPA / CPRA. California residents may also designate an authorized agent to make requests on their behalf.

Colorado, Virginia, Connecticut, Utah

You have substantially similar rights to access, correct, delete, and port your data, and to opt out of profiling and targeted advertising. We do not engage in profiling that produces legal or similarly significant effects, and we do not engage in targeted advertising.

Health information

We are not a covered entity or business associate under HIPAA. The medical information you enter into LifeAccount (medical directives, DNR status, healthcare proxies) is treated as sensitive personal information subject to additional protections. California residents have additional protections under the Confidentiality of Medical Information Act (CMIA).

• Encryption in transit (TLS 1.2+) and at rest (AES-256).
• Row-level security so one member’s data is invisible to any other member at the database level.
• Two-factor authentication (TOTP) available on every account and recommended for paid plans.
• Backup codes issued at 2FA setup, single-use, never reusable.
• Sign-in alerts on logins from new locations.
• Auto-logout after extended inactivity. Configurable in Settings.
• Vault file storage uses signed URLs with short expirations; files are never publicly accessible.
• Daily database backups via Supabase Pro, retained 7 days. We are working toward nightly off-site backups with a separate cloud provider, a 1-hour Recovery Point Objective, and quarterly tested restore drills — tracked publicly on our Security page.
• Background checks and least-privilege access for any team member with administrative access. Administrative access does not include reading vault contents as part of normal operations.
• No security system is perfect, and no service can guarantee against every threat. Please use a strong, unique password and enable two-factor authentication.

We have made a commitment to our members about what happens if LifeAccount ever ceases operations.

• We will give every member at least 12 months’ written notice before any wind-down.
• We will provide a complete data export in standard formats for every member during that period.
• We will publish a transition plan describing what happens to data after the wind-down, including any successor or escrow arrangements.
• Your family’s information belongs to you. It is not a company asset to be sold, transferred, or repurposed in the event of a sale or shutdown.

This commitment is contractual under our Terms of Service (Section 15) and survives any transfer of LifeAccount’s ownership or legal form, including any future incorporation.

LifeAccount is intended for adults 18 and older. We do not knowingly collect personal information from anyone under 18. If you believe a child has created an account or provided us with personal information, please email hello@lifeaccount.com and we will delete it promptly.

You may, of course, mention or reference your minor children or grandchildren in your own vaults (a Time Capsule for a grandchild, a beneficiary designation). That information is yours and is handled like any other vault content.

The signed-in product uses only essential cookies needed for authentication and session management. We do not use any third-party advertising cookies, retargeting pixels, or cross-site tracking.

The marketing pages on lifeaccount.com may use basic analytics (page views, referrer) to understand which content is useful. We do not associate marketing analytics with any logged-in account identity.

LifeAccount currently serves U.S. residents only. We do not market to or knowingly accept members from outside the United States. If you are in the European Union, the United Kingdom, Canada, or another jurisdiction with its own data protection laws, please do not provide personal information to LifeAccount until we are able to serve your region under your local law.

If we learn that a member is not a U.S. resident, we reserve the right to close their account and delete their data, with reasonable notice and an opportunity to export.

We will update this policy when our practices change or when the law requires us to. For material changes— changes that affect your rights or how we use your data — we will email every active member at least 30 days before the changes take effect. On your next sign-in after a material change, we will require you to acknowledge the updated policy before continuing to use the service. The new acknowledgment is recorded permanently alongside your original signup acknowledgment.

Minor edits (spelling, clarification, formatting) will be posted here with the “Last updated” date at the top.

Questions, requests, complaints, or curiosity all welcome at hello@lifeaccount.com.

LifeAccount
30 N Gould St, #43019
Sheridan, WY 82801
United States

If you’re not satisfied with our response to a privacy concern, you have the right to file a complaint with your state attorney general’s office or, if you are a California resident, with the California Privacy Protection Agency.