Privacy Policy

Last Updated: December 9, 2025

At Holograph, your privacy and the security of your sensitive information are our highest priorities. This Privacy Policy explains how we collect, use, protect, and handle your personal information.

Our Core Privacy Commitments

  • End-to-End Encryption: All sensitive data you upload is encrypted using industry-standard AES-256 encryption before it leaves your device.
  • Zero Access: Holograph employees cannot and will not decrypt your sensitive information without your explicit written consent.
  • No Data Sales: We will never sell, rent, or share your personal information or data with third parties for marketing purposes.
  • Customer Confidentiality: We will not disclose the fact that you are a Holograph customer without your explicit permission.
  • You Own Your Data: You retain full ownership of all information you store in Holograph. You can export or delete your data at any time.

1. Information We Collect

1.1 Information You Provide

When you create an account and use Holograph, you may provide:

  • Account Information: Email address, name, password
  • User Content: Documents, financial information, property details, insurance policies, and other estate planning information you choose to upload
  • Delegate Information: Names and email addresses of individuals you designate as delegates
  • Payment Information: Processed securely through our payment processor (we do not store complete credit card numbers)

1.2 Automatically Collected Information

When you use our Service, we automatically collect:

  • Usage Data: Pages visited, features used, time spent on the Service
  • Device Information: IP address, browser type, operating system, device identifiers
  • Log Data: Access times, error logs, performance data

2. How We Use Your Information

We use your information solely to:

  • Provide, maintain, and improve the Holograph Service
  • Process your transactions and send you related information
  • Send you technical notices, security alerts, and support messages
  • Respond to your inquiries and provide customer support
  • Monitor and analyze usage patterns to improve user experience
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations (only when required by law)

We do NOT use your information for advertising, marketing to third parties, or any purpose other than operating the Service you signed up for.

3. Data Encryption and Security

3.1 Encryption

Your sensitive data is encrypted at multiple layers:

  • Client-Side Encryption: Files and sensitive information are encrypted in your browser using AES-256 encryption before being transmitted to our servers
  • Encryption Keys: Your encryption keys are securely stored and managed separately from your encrypted data
  • Transport Security: All data transmission uses TLS 1.3 encryption
  • Storage Encryption: Encrypted data is stored in secure cloud infrastructure with additional encryption at rest

3.2 Access Controls

Holograph employees cannot access your encrypted data. Our technical architecture ensures that:

  • Only you (and delegates you authorize) can decrypt your sensitive information
  • Our support team can assist with account issues but cannot view your encrypted content
  • We will only attempt to access your encrypted data with your explicit written consent and a documented legal requirement

3.3 Security Measures

We implement industry-standard security practices including:

  • Regular security audits and penetration testing
  • Multi-factor authentication options
  • Intrusion detection and monitoring systems
  • Regular backups with encrypted storage
  • Employee security training and background checks
  • Limited employee access on a need-to-know basis

4. Information Sharing and Disclosure

4.1 We Do NOT Share Your Information

We will never sell, rent, trade, or share your personal information or the fact that you are our customer with third parties for their marketing purposes.

4.2 Limited Service Providers

We work with a minimal number of trusted third-party service providers who help us operate the Service. These providers:

  • Have access only to non-sensitive operational data (e.g., hosting infrastructure, payment processing)
  • Are contractually obligated to protect your information
  • Cannot access your encrypted content
  • Include: cloud hosting providers (Google Cloud Platform), payment processors (Stripe), email service providers

4.3 Legal Requirements

We may disclose information (excluding your encrypted content) only if required by law:

  • In response to a valid subpoena, court order, or legal process
  • To protect the rights, property, or safety of Holograph, our users, or the public
  • To detect, prevent, or address fraud or security issues

We will notify you of any legal requests unless prohibited by law.

4.4 Your Authorized Delegates

Information is shared with delegates only to the extent you explicitly authorize through the Service. You control what information each delegate can access and can revoke access at any time.

5. Data Retention and Deletion

You control your data. We retain your information for as long as your account is active or as needed to provide the Service.

  • Account Deletion: You may delete your account at any time through account settings
  • Data Deletion: When you delete your account, we will permanently delete your encrypted data within 30 days
  • Backup Retention: Backups are retained for up to 90 days for disaster recovery purposes, then permanently deleted
  • Legal Holds: We may retain data longer if required by law or to resolve disputes

6. Your Rights and Choices

You have the right to:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Update or correct your information through your account settings
  • Deletion: Delete your account and all associated data
  • Export: Download your data in a portable format
  • Opt-Out: Unsubscribe from marketing emails (we send very few, and only service-related communications)
  • Object: Object to processing of your information for certain purposes

To exercise these rights, contact us at privacy@holograph.com

7. Cookies and Tracking

We use minimal cookies and tracking technologies necessary to operate the Service:

  • Essential Cookies: Required for authentication and core functionality
  • Analytics: We use privacy-respecting analytics to understand how the Service is used (no third-party tracking)

We do NOT use advertising cookies or third-party tracking pixels.

8. Children's Privacy

Holograph is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected information from a child under 18, we will promptly delete it.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through a prominent notice in the Service. Your continued use after notification constitutes acceptance of the updated policy.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: privacy@holograph.com

For security-related concerns, please email: security@holograph.com

Summary: Your privacy matters to us. We encrypt your sensitive data, never access it without your permission, never sell your information, and give you complete control over your data. We keep things simple and transparent because trust is the foundation of what we do.