Frequently Asked Questions

Client-side encryption means your vault data is scrambled in your browser before it ever leaves your device. By the time anything reaches our servers, it's already unreadable ciphertext — not the original text you typed.

This is what Fern & Echo can see: your name, email address, account creation date, section names and types (e.g. "Banks", "Legal"), the number of entries per section, and timestamps.

This is what Fern & Echo cannot see: entry titles, account credentials, URLs, notes, MFA methods, or any content stored within entries. These are all encrypted client-side using AES-256-GCM before reaching our servers.

For a complete breakdown, see our Privacy Policy data transparency table.

Your vault data is permanently and irrecoverably lost. This is not a policy — it's a technical reality.

Your vault password is the encryption key for everything in your vault. It is never transmitted to or stored by Fern & Echo in any recoverable form. We have no backdoor, no master key, and no way to decrypt your data on your behalf.

We strongly recommend storing your vault password in a physical location you trust — a safe, a lockbox, or written down somewhere only you can access. You can also store it in a separate password manager.

Partially. All vault entry contents — including titles, credentials, notes, and MFA methods — are encrypted client-side. Fern & Echo genuinely cannot read these.

However, some structural metadata is stored unencrypted: section names and types, entry counts, and timestamps. This is required to render your vault structure before you unlock it.

We are transparent about this distinction and have published a full data transparency table in our Privacy Policy. We plan to encrypt section names in a future release.

We store the minimum necessary to operate the service:

Always collected: your name, email, account creation date, subscription tier, section names and types, entry counts, and timestamps.

Encrypted — unreadable to us: entry titles, MFA methods, credentials, URLs, notes, and all vault content.

Opt-in only: anonymized field usage patterns — which fields you fill when saving entries, recorded as true/false only. No values are ever collected.

See the full breakdown in our Privacy Policy.

An executor is a person you designate to access your vault after your death or incapacitation. They're your trusted representative for your digital estate.

When you designate an executor, you complete a key exchange in your browser that gives them decryption access to your vault. Fern & Echo cannot grant or override executor access — it is entirely controlled by you.

Your executor also gets access to your customized executor playbook — a checklist of tasks you want them to complete — and a curated set of guides for common estate tasks like notifying banks, filing final tax returns, and closing accounts.

Both sharing and executor access give someone read-only access to your vault. The difference is intent and context.

Sharing is for giving a trusted person access to your vault while you're alive — a spouse, a business partner, someone who needs to reference your accounts. You can revoke it at any time.

Executor access is specifically designed for post-death or incapacitation scenarios. The executor view presents your vault differently — organized for estate management rather than day-to-day reference — and includes your playbook and estate guides.

Technically, both use the same encryption mechanism. The distinction is in how the information is presented to the recipient.

Fern & Echo does not offer family plans. This is a deliberate architectural decision, not a missing feature.

Every vault is inherently personal. Your vault is encrypted with a key that only you hold — it is technically impossible for anyone else to read your vault contents, including us. A shared or joint vault would require sharing encryption keys,

Your account and all associated data — including your encrypted vault — are permanently and irrecoverably deleted. This cannot be undone.

We recommend exporting your vault before deleting your account. The export file is encrypted with your vault key and can serve as a permanent offline backup.

Your account converts to the free tier. Your vault data is never deleted unless you explicitly request it — a lapsed subscription does not remove anything.

On the free tier you are limited to the default free plan limits — sections, entries per section, exports, and shares are capped. You can still access, view, and export your existing data. Upgrading at any time restores full access.

Prices will never decrease without explicit public communication explaining why. This is a deliberate policy commitment — if we ever lower prices, we will announce it publicly and explain the reasoning.

When someone signs up using your referral link and subscribes to a paid plan, you earn one free month. They get 20% off for their first 12 months — $4/month or $40/year instead of the standard rate.

Your referral link is available at Settings → Referrals. It's also automatically embedded in any vault you share — anyone viewing your shared vault sees an invitation to sign up with your link.

Your free month is applied when the person you referred converts to a paid subscription. You'll receive a notification when this happens. The reward is one calendar month of free service regardless of which plan they choose.

No limit on how many people you can refer. However, rewards do not stack — each conversion earns you one free month for that billing cycle only. If multiple people convert in the same month, you still receive one free month, not multiple. Each new conversion resets your free month from the date it triggers.

No. The best vaults are built gradually. Start with one section and a few entries — whatever feels most important. A few minutes today, a few more next week.

The vault readiness score helps you track your progress over time and shows you what's missing.

Think about what would cause the most confusion if you were suddenly gone tomorrow. Common starting points:

Financial: bank accounts, investment accounts, credit cards, loans, insurance policies.

Digital: email accounts, social media, subscriptions, domain names, hosting accounts.

Devices: computers, phones, home network, smart home devices.

Legal & property: location of physical documents, insurance policies, property deeds, vehicle titles.

You don't need to store passwords — just enough context that your loved ones know where things are and who to contact.

Yes. From the Export page you can download your vault in four formats: HTML (readable in any browser), Markdown, JSON, and CSV. You can also generate an Emergency Access export — a standalone offline document designed for your executor.

All exports contain your complete vault data in plaintext — store them securely and delete them when no longer needed.