LastReach exists to deliver your most important messages when you no longer can. That is a serious responsibility, and it only works if you can trust how your words are stored, who can see them, and what happens over the long run. Here is exactly how it works.
Your messages and any files you attach are encrypted at rest with AES-256-GCM, and your attachments are kept in private storage, encrypted before they’re ever written to disk. The keys that protect your data are stored as sensitive secrets that can’t be viewed — not even by us. Your account can be secured with two-factor authentication, and your content and account data sit behind row-level security. We don’t read your messages.
Under the hood: 256-bit keys, a unique initialization vector for every item, and an authentication tag that makes tampering detectable — the same authenticated encryption trusted to protect sensitive government data.
LastReach runs on a simple, predictable rule: you check in on the schedule you choose, and as long as you do, nothing is ever sent. When it’s time, we send you a check-in reminder. Confirm you’re okay and the clock resets. If you don’t respond — and only after the grace period you configured has fully elapsed — LastReach delivers the messages you prepared to exactly the recipients you chose, through the channels you selected: email, SMS, Telegram, or WhatsApp.
The decision to deliver is made automatically by the system, based on your settings. No staff member reviews your situation or presses a button. Your message contents stay encrypted until the moment of delivery, when they are decrypted only to be sent to your recipients. Once a message has been delivered, the attachments tied to it are removed from our storage.
A service like this only matters if it’s still there when it’s needed. LastReach is operated by LastReach LLC, a company registered in Wyoming, United States. You deserve to know what would happen if we ever had to wind the service down — so here is our commitment:
We would much rather over-communicate than leave anyone guessing. If our plans ever change in a way that affects these commitments, we will say so — in advance, in writing.
Yes. Your message bodies and any file attachments are encrypted at rest with AES-256-GCM, and attachments are kept in private, access-controlled storage.
No. Your messages are encrypted at rest, and the keys are held as sensitive secrets that can't be viewed, even by our team. They're decrypted only to be delivered to the people you chose.
That's what the grace period is for. Nothing is sent until the full grace window you set has elapsed after a missed check-in, and we send reminders throughout. You control both how often you check in and how long the grace period lasts.
You choose your recipients and how to reach them: email, SMS, Telegram, or WhatsApp. They're only ever contacted if your switch actually triggers — or when you send a test — and the message they receive is the one you wrote.
Yes. You can delete individual messages and files, or your entire account, at any time. Account deletion follows a short grace period and then permanently removes your data.
No card details are stored on our servers. Payments are handled by our processors — Stripe on the web, and the App Store or Google Play for in-app purchases. LastReach never sees or stores your full card number.
Delivery is logged so there's a record it happened, and any attachments tied to a delivered message are removed from our storage.
See “What happens if LastReach disappears” above: at least 90 days' notice, export tooling, and a best-effort final delivery.