SHELY Vault acts as a zero‑trust enclave: your data is encrypted on your device before upload and never decrypted without your key.

It stores cycle logs, journal entries, private reflections, and any other highly personal health records.

Refer to vaultOverviewGraphic for a visual summary of Vault’s role in data security.

Data is encrypted with your unique encryption key before leaving your device, ensuring even SHELY servers cannot read it.

All communication between your app and Vault uses TLS 1.3 for in‑transit protection.

See encryptionArchitectureGraphic for the encryption workflow.

• View: Allow specific contacts or care providers to view selected logs or entries.
• Share: Grant time‑limited sharing links that you can revoke at any time.
• Delete: Permanently remove data from Vault and backups with one click.

Every access, share, or deletion event is recorded in an unchangeable audit log.

You can review who accessed your data, when, and from which device.

Refer to auditLoggingGraphic for how the audit trail is maintained.

The dedicated Vault settings screen lets you toggle auto‑backup, set retention periods, and manage keys.

In‑app guides assist you in exporting your data or setting up a recovery phrase.

See uiSettingsGraphic for a mockup of the settings layout.

Vault performs encrypted backups nightly, retaining versions for up to 90 days.

You can restore any previous version or export a full encrypted archive.

Refer to backupPolicyGraphic for schedule and retention details.

Your keys and data belong solely to you—SHELY offers zero‑knowledge proofs to verify integrity without decryption.

Export your entire Vault in a standard encrypted format for portability or self‑hosting.

See userControlGraphic for steps to export or permanently delete your Vault.

SHELY Vault is designed to meet ISO 27001, GDPR, and local data protection regulations.

Periodic third‑party audits and penetration tests ensure ongoing security assurance.

Consult complianceGraphic for a list of certifications and audit schedules.

Q: Can SHELY recover my data if I lose my device? → A: Yes, if you have stored your recovery phrase securely.

Q: Who can see my data by default? → A: Only you. No one else, including SHELY support, can decrypt Vault contents.

Q: How do I revoke access I’ve previously granted? → A: In Vault settings under ‘Shared Access’, hit ‘Revoke’ next to any active link.

• Enable SHELY Vault in your app settings and complete the recovery phrase setup.
• Review and adjust your default sharing permissions using accessPermissionsGraphic.
• Export a test archive to verify your recovery process.
• Schedule a periodic audit of your Vault access via auditLoggingGraphic.