family_history
famstory.app

Security & Trust

Trust and security information for famstory

verifiedThis is NOT a phishing site

famstory.app is a legitimate, secure family tree application. This site is operated by Gerrit Mädge and provides end-to-end encrypted family tree services.

If you received a warning from your security software, it may be a false positive. We are actively working to resolve these issues with security vendors. You can verify our legitimacy by visiting our main website at https://famstory.app/.

End-to-End Encryption

famstory uses client-side, end-to-end encryption to protect your family tree data. This means:

  • Your data is encrypted before it leaves your device
  • Only you can decrypt your data using your password
  • We cannot read your family tree data, even if we wanted to
  • Encryption keys are derived from your password and never transmitted to our servers

How it works

When you create an account or log in, your password is used to derive an encryption key (KEK - Key Encryption Key) on your device. This key is used to encrypt a master key (UMK - User Master Key) that encrypts all your family tree data.

The encrypted master key is stored on our servers, but without your password, it cannot be decrypted. Your password is never sent to our servers in plain text.

Data Handling Principles

  • Minimal data collection: We only collect data necessary for account management and service provision
  • No data sharing: We do not sell, rent, or share your data with third parties
  • GDPR compliant: We comply with the General Data Protection Regulation (GDPR)
  • Data retention: You can delete your account and all associated data at any time
  • Transparency: All data processing is documented in our Privacy Policy

For detailed information about how we handle your data, please see our Privacy Policy.

Responsible Disclosure

We take security seriously and appreciate the security research community's efforts to keep the internet safe. If you discover a security vulnerability, please report it responsibly.

How to report security issues

Please email security concerns to: security@famstory.app

Include the following information:

  • Description of the vulnerability
  • Steps to reproduce (if applicable)
  • Potential impact
  • Your contact information (optional, for follow-up questions)

We will acknowledge receipt within 48 hours and work with you to resolve the issue responsibly.

About famstory

famstory is a privacy-focused family tree application that allows you to:

  • Build and visualize your family tree
  • Import and export GEDCOM files
  • Store family photos and documents
  • Maintain complete privacy with end-to-end encryption

Learn more about our service at https://famstory.app/.

Contact

Operator: Gerrit Mädge

Address: Alpenstraße 77, 87509 Immenstadt, Germany

Email: support@famstory.app

Security: security@famstory.app

Last updated: March 1, 2026

Back to HomePrivacy PolicyImprintEnd-to-End Encryption