;}%3c/style%3e%3clinearGradient%20id='linear-gradient'%20x1='76.02'%20y1='75.98'%20x2='297.63'%20y2='297.6'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20offset='.02'%20stop-color='%232f9e9e'/%3e%3cstop%20offset='.18'%20stop-color='%2338a098'/%3e%3cstop%20offset='.45'%20stop-color='%2351a789'/%3e%3cstop%20offset='.79'%20stop-color='%237bb370'/%3e%3cstop%20offset='1'%20stop-color='%2398bb5f'/%3e%3c/linearGradient%3e%3c/defs%3e%3cpath%20class='cls-1'%20d='M188.51,25.02l2.7.77c44.65,25.75,89.57,51.17,133.81,77.58,1.01,1.16,2.03,2.45,2.57,3.91.37.99.47,1.95.78,2.94v153.36c-.38.59-.23,1.32-.47,2.05-.8,2.47-2.71,4.77-4.83,6.21l-131.28,75.78-2.56.92h-4.8l-4-1.64-129.84-75.06c-2.01-1.37-3.73-3.43-4.62-5.69-.34-.85-.26-1.89-.91-2.57V110.22c.86-2.63,1.73-4.96,3.71-6.97,44.25-26.29,89.07-51.76,133.69-77.45l2.7-.77h3.36ZM177.47,117.54V49.98l-109.16,63,60.56,35.17c10.78-16.33,28.71-27.75,48.19-30.29l.4-.32ZM196.18,49.98v67.56c1.22.58,2.96.62,4.37.91,18.56,3.85,35.12,15.07,45.18,31.14l61.29-35.41-110.83-64.2ZM63.52,247.26l58.67-33.84c-.6-2.54-1.75-5.06-2.46-7.63-4.84-17.29-2.78-36.25,5.69-52.02l-61.9-35.87v129.36ZM309.89,247.98V119.82l-60.95,35.18c7.63,15.37,9.65,33.16,5.23,49.83-.84,3.16-2.07,6.18-3.03,9.29l58.76,33.86ZM177.47,136.62c-2.78.29-5.66,1.19-8.28,2.16-22.33,8.22-36.11,30.82-33.19,54.57.16,1.27,2.01,10.3,2.74,10.46l38.73-22.43v-44.76ZM196.18,136.62v45.48l38.51,22.43c6.58-16.47,3.12-35.62-7.7-49.41-7.48-9.53-18.79-16.53-30.8-18.5ZM147.96,219.91c-.39.56,6.88,6.9,7.7,7.53,18.07,13.85,42.97,14.15,61.36.72,3-2.19,5.82-4.77,8.18-7.65l-38.98-22.47-38.26,21.87ZM184.91,256.62c-5.54-.35-10.98-1.02-16.36-2.47-14.44-3.88-27.58-12.72-36.65-24.54l-.35-.12-58.42,33.97,111.79,64.44v-71.28ZM191.14,256.38v70.32l108.91-63.12-58.22-33.57c-.59-.06-2.32,2.54-2.83,3.09-12.64,13.57-29.02,22.37-47.86,23.28Z'/%3e%3c/svg%3e)
Security
How we keep your information safe
Kinvault is designed to hold some of the most sensitive information in your (or your client's) life. That only works if you can trust how it is protected.
Security by design
- Hosted on UK-based Amazon Web Services (AWS) infrastructure
- We use strong encryption to protect your data
- Kinvault holds Cyber Essentials Plus certification
- We carry out regular independent penetration testing
- Multi-factor authentication and strict access controls to protect accounts
Where your data is stored
Kinvault runs on Amazon Web Services with data stored in UK datacentres. That means your data stays in the UK, and it sits on infrastructure operated by one of the major global cloud providers.
We add our own application-level controls on top of AWS, including how information is structured, protected and handed over.
Encryption
Kinvault uses AES-256-GCM encryption to protect data.
- AES (Advanced Encryption Standard) is a widely used encryption standard adopted around the world for protecting sensitive information
- 256-bit keys (AES-256) are used where a high level of cryptographic strength is required
- GCM (Galois/Counter Mode) is a mode of operation that provides both confidentiality and integrity, helping detect if encrypted data has been altered
In practical terms, this level of encryption means that even if someone were able to get hold of the stored data, they would not be able to read it without the correct keys.
Independent testing
The Kinvault platform is regularly penetration-tested, independently audited and assessed for vulnerabilities. This helps confirm that key security controls are working as intended.
Access and sign-in
Signing in uses multi-factor authentication as well as a password to confirm the person logging in is really you. This reduces the risk of someone accessing an account or system simply by guessing or stealing a password.
Safely stored and carefully handed over
When the time comes to hand over a vault, our bereavement team confirms identity and carries out detailed checks.
This is designed to balance security and privacy with the need for families and advisers to get the information they need.
- Kinvault does not automatically release information as soon as a death is reported
- A specialist bereavement team checks what has happened and who is asking for access
- Information is only handed over when those checks have been completed
Shared responsibility
No online service can remove every risk. Good security is always a partnership between the people who build the service and the people who use it.
Our role is to provide:
- Secure infrastructure and encryption
- Independently assessed cyber security controls
- Careful processes for verifying identity and handing over information
In return, we ask that you:
- Keep your sign-in details private
- Choose a strong, unique password
- Tell us or your provider promptly if you think your account has been compromised
Together, those things help make sure the information in your Kinvault is protected and only reaches the people you choose, at the time you intend.
If you have questions about security or privacy that are not covered here, you can contact the Kinvault team at support@kinvault.com.