DMS.today logo
EN | FR | ID
Login Start Free Test
Security

Your private vault stays encrypted while DMS handles the workflow around it.

Encrypted Vault Contents

Your private materials stay protected.

  • Message bodies and secure notes
  • Titles and filenames
  • Uploaded documents and file contents
  • Private instructions prepared for release
  • Separate legal packet materials assigned to lawyer or notary contacts
  • Printable legal packet PDFs for formal review and handoff
  • Printable beneficiary packet PDFs and encrypted owner backup exports
Operational Metadata

DMS still needs a few details to operate.

  • Account email for OTP and reminders
  • Trusted contact, verifier, beneficiary, and legal contact routing details
  • Schedule settings, release windows, and activity state
  • Billing and activation information
Important Limits

Good security language is honest about limits.

  • Email delivery can fail or be delayed
  • Verifiers can make mistakes
  • Trusted contacts can also make incomplete or delayed judgments
  • User setup choices matter
  • Losing a vault secret may make content unrecoverable
Locked Dashboard

The dashboard makes privacy visible.

If a dashboard casually shows plaintext filenames or note bodies, users will naturally assume the service operator can see them too. That is why DMS defaults to placeholders like “Encrypted file” and “Encrypted message” until the browser locally unlocks the vault.

Browser Decryption

What you open in the browser is not what the server stores.

The server stores encrypted vault materials while the user's browser handles the session-based reveal of filenames, messages, and files after a local unlock. An optional secondary unlock code can add one more local hurdle before reveal.

Admin Visibility

Admin sees workflow metadata, not your private vault.

Admin tools stop at status, counts, dates, reminder state, payment state, and release workflow visibility. No plaintext vault contents appear there.

Your Role

Strong privacy still depends on careful setup.

Users still need to choose trustworthy trusted contacts and verifiers, keep recovery instructions safe, review the recovery pack, and test the full workflow before relying on it.

Plain-English Promise

DMS protects the vault while managing the process.

“We process the operational data needed to run reminders, verification, and release. We do not read the encrypted contents of your private vault in ordinary use.”

Delivery health

Communication health should be visible before it matters.

Users can review recent delivery failures so broken beneficiary, legal-contact, or verifier email paths can be corrected before a real release depends on them.

Encryption

Private vault contents and service data are treated differently.

DMS uses strong authenticated encryption for vault contents together with a clear separation between encrypted payloads and service metadata. Encrypted owner backup exports add an offline recovery path without exposing plaintext vault contents.

Trust

Privacy is strongest when it is understandable.

DMS explains what is encrypted, what is not, what the service depends on, what the recovery pack proves, how printable legal packets are prepared, and what risks remain, without pretending any system can guarantee every outcome.

Open Trust Center