Frequently asked questions.

SecureVault is a Canadian enterprise document platform with two services: Secure File Sharing (encrypted vaults, branded client portals, compliance reporting) and Managed Archiving (long-term retention management, legal holds, eDiscovery). Both are hosted exclusively on Canadian servers under Canadian jurisdiction.

No. Secure File Sharing and Managed Archiving are independent services. Many organizations use File Sharing for day-to-day client document exchange and add Archiving only when they need managed long-term retention.

Full white-labeling is available exclusively on the Enterprise plan. This includes your custom domain, logo, email templates, and colour palette.

No — SecureVault is a secure document exchange and archiving layer, not a full practice management system.

AES-256-GCM for all data at rest, with per-file encryption keys. TLS 1.3 for all data in transit. Encryption keys are managed securely and never leave your tenancy.

No. SecureVault operates a zero-knowledge architecture for file content.

Yes. All data is backed up daily to AWS ca-west-1 (Calgary) using encrypted snapshots. Backups are retained for 90 days.

Yes — regular security reviews and vulnerability scanning are part of our security program.

Yes. SecureVault's privacy-by-design architecture satisfies PIPEDA's 10 Fair Information Principles.

Yes. SecureVault provides PHIPA agent agreements for health information custodians, stores all PHI exclusively on Canadian servers, and includes breach notification workflow.

Not fully. US companies — including those with Canadian data centres — are subject to the US CLOUD Act.

Yes — signed DPAs are included as standard for all Enterprise plan clients.

Unlike storage products where you configure everything yourself, SecureVault Managed Archiving is a service. Our team configures your retention schedules, verifies policy compliance annually, handles legal hold requests, and provides quarterly review calls.

Yes. Managed Archiving is available as a standalone service.

We notify you 90 days before scheduled disposition. You review and approve, and we provide a certificate of secure deletion after disposition.

Yes — all prices are in CAD. We bill in Canadian dollars to avoid currency conversion surprises for Canadian organizations.

All self-serve plans (Solo, Firm, Office) include a 14-day free trial with no credit card required. Enterprise clients receive a guided pilot program.

Upgrades take effect immediately. Downgrades take effect at the next billing cycle.

Enterprise clients receive: signed DPA, 99.9% uptime SLA, dedicated account manager, quarterly business reviews, white-glove onboarding, SSO + MFA enforcement, IP allowlisting, advanced DLP, and a full security documentation package.

Yes — contact our enterprise team. We offer preferred pricing for Canadian government bodies, healthcare networks, and registered non-profits.

You have 30 days after cancellation to export all your data. After that, files are securely deleted from our Canadian servers. A certificate of deletion is available on request.

Never. We do not sell, share, monetize, or profile your data or your clients' data for any purpose.