By registering and using TrustKey (https://trustkeyapp.com), you ("the User") agree to be bound by these Terms and Conditions. TrustKey provides an encrypted digital vault and an automated "dead man's switch" service, operated by a self-employed individual (autónomo) established in Spain.
Our Philosophy: Our primary goal is to maximize your privacy. TrustKey administrators have no direct access to read or access the contents of your encrypted vault data during normal operation, and no manual backdoors or administrative tools exist to do so. We operate on the principle of minimum necessary data access. Please note that, to prevent irreversible data loss, our system includes an automated cryptographic escrow via AWS KMS that enables password recovery — this mechanism can only be triggered by you through a verified automated process and cannot be manually initiated by TrustKey staff. For full technical details, please refer to our Privacy Policy.
To use TrustKey, you must register using a valid email address and configure two distinct passwords:
Age Requirement: You must be at least 18 years of age (or the age of legal majority in your jurisdiction, whichever is higher) to create a TrustKey account. You expressly guarantee that all individuals you designate as Safety Contacts are also of legal age.
User Responsibility: It is the User's sole responsibility to remember and correctly use both passwords and to keep them secure. TrustKey is not liable for any data loss, distress, or false alarms caused by the User accidentally logging in with the Anti-Extortion password. Additional actions beyond logging in (such as modifying files or settings) require Multi-Factor Authentication (MFA) via a numeric code sent to your registered email address.
TrustKey offers different plans with specific limitations. The maximum file size for any single upload is 2 GB.
Downgrading Plans: If a User chooses to downgrade to a lower tier, they are strictly responsible for deleting sufficient files and/or Safety Contacts to meet the new plan's limits before the downgrade can be processed. TrustKey is not responsible for data locked or inaccessible due to quota restrictions.
Because TrustKey employs End-to-End Encryption (E2EE), we cannot monitor or review the content you upload. The User bears full and sole legal responsibility for all data stored or transmitted through our platform.
Technical License: You retain all intellectual property rights to the content you upload. However, by uploading files and messages, you grant TrustKey a limited, worldwide, royalty-free, non-exclusive licence to host, store, and transmit your encrypted data strictly for the purpose of operating the service and executing the automated emergency transmission to your designated Safety Contacts. This licence terminates upon deletion of your account or the expiry of the 30-day post-activation period, whichever occurs first.
Prohibited Content: It is strictly forbidden to use TrustKey to store, transmit, or share illegal material, including but not limited to child sexual exploitation or abuse material (CSAM), terrorism-related content, stolen data, or content that infringes third-party intellectual property rights.
Cooperation with Authorities: Given the E2EE architecture, TrustKey does not provide decrypted content outside of user-authorized automated processes. TrustKey will cooperate with law enforcement by providing available account metadata and encrypted data blobs (i.e., the encrypted ciphertext, not its readable contents) when required to do so by a valid court order issued by a competent Spanish court or, in the case of foreign authorities, through the applicable mutual legal assistance treaty (MLAT) or equivalent international judicial cooperation mechanism channelled through the competent Spanish judicial authority. TrustKey does not respond directly to foreign court orders, subpoenas, or law enforcement requests that have not been formally processed through Spanish judicial channels. TrustKey will not attempt to decrypt any data on behalf of any authority.
Sensitive Data Warning: We strongly advise AGAINST writing highly sensitive plain-text data directly in your emergency messages or in the file names of your uploaded documents. While the contents of your files are end-to-end encrypted, file names are stored as plain-text metadata. We recommend using generic file names and providing contextual guidance to your Safety Contacts within the encrypted message body (e.g., "The details are in the blue folder in my desk drawer").
Malware: The User guarantees that all uploaded files are free of viruses, trojans, or any malicious software. The User assumes full responsibility for any damage caused to their Safety Contacts or third parties resulting from downloading or opening infected material.
Express Consent Obligation: The User must obtain express, informed consent from any individual before adding their email address as a Safety Contact on TrustKey. Adding a person without their knowledge or consent may violate applicable privacy laws, and the User bears sole legal responsibility for this.
Initial Notification: Upon being designated as a Safety Contact, the individual will receive an automatic notification email from TrustKey explaining their role and providing an opt-out link.
Scope of Access: Safety Contacts do not gain access to any content unless explicitly authorized by the account holder through the configured automated process. Prior to activation (Phase 3), Safety Contacts receive only wellness-check notifications and a link to delay the timer — they are not granted access to any encrypted data, files, or messages at any stage before activation.
Opt-Outs and Deletions: Safety Contacts retain the right to opt-out or request deletion of their data at any time. If a Safety Contact opts out, their email address and any associated emergency message references will be permanently deleted from our system. TrustKey is not liable if a message fails to deliver because a Safety Contact opted out, changed their email, or blocked our notifications. The User is entirely responsible for monitoring the status of their Safety Contacts by logging in periodically.
The User sets a primary countdown timer (available options: 14, 30, or 90 days) that resets upon every successful normal login. All actions executed by TrustKey are triggered based solely on user-defined settings and activity signals — not on any external judgment, manual intervention, or interpretation of the User's circumstances. If this timer expires without a login, the following automated emergency protocol initiates:
Strictly Automated and Pseudonymous Process: TrustKey does not verify the real-world identity, legal status, or heirship of any user or third party. TrustKey does not adjudicate, determine, or recognize inheritance rights, ownership claims, or succession entitlements under any legal system. Consequently, TrustKey does not accept, process, or act upon death certificates, probate documents, medical records, court orders from heirs or family members, or any other manual request to trigger, delay, or grant early access to the switch. All actions executed by TrustKey are triggered exclusively and automatically by user-defined conditions (the countdown timer). TrustKey staff cannot intervene in, accelerate, delay, or reverse any automated process, nor respond to external claims regarding the ownership or destination of any account's data.
Grace Period & Revocation: Safety Contacts have a 30-day window to download the files following activation. However, if the User logs into their TrustKey account at any point during this 30-day period, the emergency activation is immediately and automatically revoked, and all Safety Contact access is instantly terminated. After 30 days of activation without revocation, the User's account and all associated data are permanently and irreversibly deleted. Once this 30-day grace period expires without revocation by the account holder, account and data deletion is permanent and irreversible.
Upon activation (Day 11), Safety Contacts are provided with a unique, one-time Access Key to decrypt the files designated to them. It is the sole responsibility of the Safety Contact to save and secure this key immediately upon receipt. TrustKey does not store this key in recoverable form and is technically unable to reissue it after delivery — this is an inherent consequence of the end-to-end encryption architecture, not a policy choice. TrustKey is not liable for loss of access resulting from the Safety Contact's failure to save the key, deletion of the notification email, or any failure to access the designated files within the 30-day grace period.
TRUSTKEY IS PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, TRUSTKEY EXPRESSLY DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
Not a Backup Service: TrustKey is designed strictly as an automated emergency transmission tool and NOT as a primary cloud storage or data backup service. The User is solely responsible for maintaining independent, secure backups of all files stored on TrustKey.
Security and User Error: While we employ strong encryption standards, no system is entirely infallible, particularly against user-side compromises. We are not liable for data breaches, lockouts, or losses resulting from: malware on the User's device, weak or reused passwords, sharing of access credentials, phishing attacks, or the User losing access to the registered email account required for MFA.
Automated Recovery: TrustKey utilizes an automated cryptographic escrow via AWS KMS that can only be triggered by the User through verified automated systems. TrustKey staff cannot and will not manually bypass encryption or retrieve plain-text data upon request. Any total data loss resulting from the User's inability to complete the automated recovery process is the sole responsibility of the User.
Email Delivery and Whitelisting: TrustKey is not liable for failure of email delivery due to spam filters, incorrect email addresses, full inboxes, or third-party service outages. It is the User's strict responsibility to whitelist our email address (mark as safe sender) and to instruct their Safety Contacts to do the same. TrustKey is not liable for accidental activations or delivery failures resulting from external email configurations.
No Legal Validity: The service and the documents transmitted through it do not constitute a legal will, testament, holographic will, advance healthcare directive, power of attorney, or any other legally binding instrument under the laws of Spain or any other jurisdiction. TrustKey holds no notarial or legal validity in any jurisdiction. Users requiring formal succession planning are strongly encouraged to consult a qualified legal professional in their country of residence.
Limitation of Liability: To the maximum extent permitted by the law of the User's own jurisdiction, the Owner's total liability for any claim arising out of or related to this service shall not exceed the amount paid by the User for the service in the twelve (12) months preceding the claim.
By using TrustKey, you agree to receive essential technical and administrative emails. These communications are strictly non-commercial and limited to: login reminders, timer countdown alerts, MFA codes, security/duress alerts, and important service updates (e.g., changes to these Terms, new features, or subscription plan changes). Because these emails are fundamental to the operation of the dead man's switch mechanism, opting out of technical alerts is not possible while the account remains active. If you do not wish to receive these communications, you must delete your account.
All paid plans are billed in advance on a recurring basis via Stripe. The User may cancel their subscription at any time; the cancellation will take effect at the end of the current billing cycle, and no further charges will be made.
Refunds: Due to the digital nature of the service and the infrastructure costs associated with encrypted storage, all payments are non-refundable once the service or storage has been actively used. However, if you are an EEA or UK consumer and have not actively used the service (i.e., have not stored any files, have not added any Safety Contacts, and have not sent any messages), you may be entitled to withdraw from the contract within 14 days of subscription under EU consumer protection law (Directive 2011/83/EU) and UK Consumer Contracts Regulations 2013. To exercise this right, contact us at [email protected] before the 14-day period expires and before actively using the service.
TrustKey reserves the right to modify or discontinue the service. The service is considered fully rendered by maintaining the continuous readiness and availability of the automated dead man's switch mechanism, regardless of whether a switch is ever triggered during the subscription period.
Material Changes: For any changes to these Terms that materially affect the User's rights or obligations, TrustKey will provide at least 30 days' notice via the User's registered email address. If the User does not accept the modified Terms, they may cancel their subscription without penalty before the changes take effect. Continued use of the service after that date constitutes acceptance of the updated Terms. Non-material changes (such as corrections, clarifications, or updates required by law) may take effect immediately.
Cessation: In the event of the definitive and permanent cessation of the platform, Users will be notified at least 30 days in advance via their registered email address so that they may retrieve their encrypted information before the service closes. Any prepaid subscription fees covering the period after the cessation date will be refunded on a pro-rata basis.
TrustKey is a technical automation tool, not a legal, fiduciary, or succession service. TrustKey does not act as an executor, trustee, notary, lawyer, or administrator of any estate. TrustKey does not verify the identity or legal standing of any user, Safety Contact, or third party claiming rights over an account. TrustKey does not determine, adjudicate, enforce, or mediate disputes regarding inheritance rights, ownership of digital assets, access rights, or any succession-related legal matter.
The designation of Safety Contacts and the configuration of the automated timer are decisions made exclusively and irrevocably by the account holder. TrustKey executes these instructions automatically and has no legal obligation, authority, or technical ability to override them based on the claims of any third party — including family members, legal heirs, courts outside Spain, or public authorities — except as expressly required by a valid court order issued by a competent Spanish court pursuant to applicable law.
These Terms shall be governed by and construed in accordance with the laws of Spain. Any dispute arising from these Terms shall be subject to the exclusive jurisdiction of the courts of [TU CIUDAD, ej. Madrid], Spain.
Notwithstanding the above, if the User qualifies as a consumer under the mandatory laws of their country of habitual residence (for example, under UK consumer law or applicable local law), and those mandatory laws grant the User the right to bring legal proceedings before the courts of their own country of residence, such consumer protection rights shall not be waived or excluded by this clause.
Online Dispute Resolution: In accordance with EU Regulation 524/2013, the European Online Dispute Resolution platform is available at https://ec.europa.eu/consumers/odr. TrustKey does not participate in alternative dispute resolution procedures before a consumer arbitration body.
Severability: If any provision of these Terms is found to be invalid, illegal, or unenforceable by a court of competent jurisdiction, that provision shall be modified to the minimum extent necessary to make it enforceable, or severed if modification is not possible. The remaining provisions shall continue in full force and effect.
Entire Agreement: These Terms, together with our Privacy Policy and Cookies Policy, constitute the entire agreement between the User and TrustKey regarding the use of the service and supersede all prior representations, agreements, or understandings, whether written or oral, relating to its subject matter.