The Legacy Binder is created by The Legacy Project 360, helping families prepare, protect, and pass on what matters most.
The Legacy Binder — Family Preparedness System
Security

How we protect your binder.

Plain English. No fluff. Here's what's actually keeping your family's most important information safe.

The 60-second version

Your binder lives in an encrypted database where only your account can see it. You sign in with a one-time email link, so there's no password to steal. Stripe handles every payment, so we never see your card. And we never — under any circumstances — sell or share your data. If you ever want out, one button wipes everything.

01

How we protect your account

Passwordless login

We sign you in with a one-time link sent to your email. There's no password to leak, reuse, or write on a sticky note.

Leaked-password protection

On the rare path where a password is set, we check it against the Have I Been Pwned breach database and reject anything that's already been exposed publicly.

Sessions expire automatically

Your sign-in session refreshes silently while you're using the app and times out when you're not. You can sign out from any device at any time.

02

How we protect your data

Encrypted in transit and at rest

Every byte between your browser and our servers travels over TLS. Every byte we store is encrypted at rest with AES-256.

Row-level isolation

Our database enforces, at the row level, that you can only ever see and edit your own binder. Even a software bug in our app can't override it.

Backups and monitoring

Your data is backed up continuously to encrypted storage. We monitor for unusual activity and unauthorized access attempts around the clock.

03

How we protect your payment

Stripe handles every payment

Your card number, CVC, and billing address never touch our servers. Stripe is PCI-DSS Level 1 certified — the highest standard for payment processors.

Signed webhooks

When Stripe tells us a payment succeeded, we cryptographically verify the message came from Stripe before unlocking your account. No spoofing.

04

What we don't do

  • We never sell your data. Not to anyone. Not for any price.
  • We never share your binder content with advertisers, brokers, or "partners."
  • We never use your binder content to train AI models.
  • We never run third-party advertising trackers on the app.
05

Your controls

Export your data

Download a complete copy of your binder anytime as a structured file you can re-import.

Open settings

Wipe your binder

One button clears every section of your binder and removes your action items. You stay signed in with an empty binder, ready to start fresh.

Open settings
06

Found a vulnerability?

We take responsible disclosure seriously. If you believe you've found a security issue, please email paul@thelegacyproject360.com with the details. We'll acknowledge your report within 2 business days and work with you on a fix.

Please don't publicly disclose the issue until we've had a reasonable chance to address it. We're a small team and we appreciate your patience.

Read the full Privacy PolicyBack to home