The policies, protocols, and protections we have in place were developed with one goal: to safeguard the privacy and security of your account and its data.
Data protection & encryption
Data at rest
Advanced Encryption Standard (AES) 256-bit encryption. All stored data is encrypted to the highest standard—the same as that used by all US financial institutions.
Data in motion
We use Transport Layer Security (TLS) 1.2 encryption protocol. This cryptographic protocol ensures secure delivery of data transferred over the internet. It protects that information that is being transferred, and also authenticates the website’s identity. Sites with a TLS/SSL certificate are identified as such by the https and the padlock icon in the browser’s address bar. Trust & Will holds an SSL/TLS certificate from DigiCert®.
Data stored in the cloud
We leverage Amazon Web Services (AWS) components to provide reliable fault-tolerant and highly available systems in the cloud. Read more about AWS Cloud Security.
Your account belongs to you. If you decide that you would like to end your membership and delete your account, we ensure that all information and documents associated with your account are completely and irreversibly removed—with final removal of any security backups occurring 35 days from your initial request.
Identity management & authentication
We prevent unauthorized activity through password limitations (including the recommendation of creating a password of 14 characters or more.) Additionally, we automatically log users out after an extended period of inactivity so that unauthorized users may not access the account.
SOC2 and HIPAA
We have undergone Type 2 Service Organization Control 2 (SOC 2 Type II) and Health Insurance Portability and Accountability Act (HIPAA) examinations , resulting in an independent CPA’s report and certification. This confirms that we have established and continue to follow strict information security policies and procedures, and provide independent third-party verification that our operations meet or exceed defined controls for the security of your data.
Better Business Bureau
As a BBB-accredited entity, we have met and continue to fulfill the criteria of accreditation, including operating with integrity, transparency, and a commitment to safeguarding customer privacy. Additionally, we commit to operating in good faith to resolve any customer complaints.
In the event of a system outage, we have processes in place to help keep all data safe and secure. We also have disaster recovery and business continuity plans in place. If you are aware of a security issue affecting Trust & Will or our members and you wish to disclose it, email us at email@example.com. Likewise, if you have any other security concern, please let us know.