Creator journey

Three verified stages before a farewell can be armed.

Each milestone locks in audit evidence (who, what, when) and stores only encrypted payloads within Supabase using row-level security.

  1. Phase 1Verified by dual-channel OTP

    Verified identity

    • Email + phone verification with optional 2FA
    • Collection of legal full name and jurisdiction
    • Consent record stored with immutable timestamp
  2. Phase 2Verified by dual-channel OTP

    Encrypted message drafting

    • Client-side AES-256 encryption before upload
    • Optional attachments with checksum validation
    • Executor passphrase escrow for disaster recovery
  3. Phase 3Verified by dual-channel OTP

    Trusted circle setup

    • Invite recipients via secure magic link
    • Add executor with override permissions
    • Define alternate delivery emails and SMS

Compliance artifacts generated automatically

We log each onboarding action for DSAR responses.

  • GDPR compliant lawful basis (contract + consent).
  • Data residency locked to EU-West Supabase region with RLS.
  • At-rest encryption using pgcrypto + per-message keys.
  • Comprehensive audit log for data subject requests.
Configure recipient invitesBack to overview