I'm not sure about the implementation details, but I think the general logic would be as follows:

1) They sign a timelocked transaction using their private key, sending the coins to the target address but not redeemable until date x.
2) The timelocked transaction is stored on your server
3) Before date x arrives, they move their coins to a new address and sign another timelocked transaction using the private key of the new address.
4) Rinse and repeat until date x arrives when your server publishes the timelocked transaction to the network.

This way their private keys never touch the server, they can spent their coins however they like and the owner of the receiving address can't spend the coins until the dead man's switch has triggered.

Alternatively they could also lock a hardware wallet away in a bank tresor and have a dead man's switch email send the passphrase and PIN to unlock said hardware wallet in case of their demise as it's rather unlikely that someone would manage to prematurely get access to both.