Legacy Assured - Privacy Policy

1. Information We Collect

We collect information from you directly, from your use of the Service, and sometimes from third parties such as your Next of Kin or authorised persons.

1.1 Information you provide directly

When you create an Account or use the Service, you may provide:

• Identity and contact information: name, date of birth, email address, phone number, address, gender and other similar details.
• Account and relationship details: information about your financial accounts, relationships, pensions, insurance policies, utilities, digital services and other entities you wish to record.
• Wishes and preferences: answers to questionnaires about your wills, executors, funeral arrangements, values and personal messages.
• Documents: wills, trusts, powers of attorney, funeral plans, personal letters and other files you upload to your encrypted vault.
• Next of Kin and authorised users: names, relationships, contact details (email, phone), and any other information you enter about people you designate.
• Payment and financial information: none is stored for your core record-keeping Service; where optional paid features are introduced, any payment information is processed by third-party payment providers and not stored by Legacy Assured.

1.2 Information we collect automatically

When you use the Service, we may collect:

• Technical and usage data: IP address, device type, browser type, operating system, pages viewed, clicks, time spent on the Service, error logs and other usage information.
• Cookies and similar technologies: we use cookies, web beacons and similar technologies to operate the Service, remember your preferences, analyse performance and improve user experience.

1.3 Information from third parties

• We may receive information when you or your Next of Kin invite or access your Account (for example, contact details provided by an invited person, or identity-verification information from third-party providers).
• We may receive information from third-party service providers (e.g., identity verification or analytics providers), in accordance with this Privacy Policy.

2. How We Use Your Information

We use your information to:

2.1 Provide, operate and maintain the Service, including:

• creating and securing your Account;
• allowing you to store and manage your records and documents;
• enabling you to designate Next of Kin and authorised users;
• notifying invited users about their role;
• supporting your access to the Service and your Account.

2.2 Improve and personalise the Service, including:

• analysing usage patterns and user behaviour;
• improving security, reliability and performance;
• conducting internal research and product development.

2.3 Communicate with you, including:

• sending service-related messages (e.g., registration confirmation, security alerts, account updates);
• responding to your enquiries and support requests;
• informing you about changes to the Service, Terms or this Privacy Policy.

2.4 Comply with legal obligations and protect rights, including:

• complying with applicable laws and regulatory requirements (for example, identity verification, data retention, anti-money laundering, or fraud prevention, where applicable);
• defending or enforcing our legal rights, or those of Users, third parties, or public authorities;
• preventing, detecting and investigating fraud, abuse, security breaches or misuse of the Service.

2.5 Use information in anonymised or aggregated form for statistical and business purposes, such as internal reporting and improving the Service, without identifying you personally.

We will not use your information in any way that is materially inconsistent with this Privacy Policy unless we have obtained your consent or are required by law.

3. Legal Basis for Processing (for EU, UK and similar jurisdictions)

Where applicable, we rely on the following legal bases for processing your information:

• Contractual necessity: processing is necessary to provide the Service you have requested (for example, creating your Account, storing your records, and enabling Next of Kin access).
• Legitimate interests: processing for security, fraud prevention, service improvement, analytics and similar business-related purposes, where this is not overridden by your individual rights.
• Legal obligations: processing required by law or to comply with regulatory, tax, anti-money laundering or other legal requirements.
• Consent: where required by law, for specific activities (for example, certain marketing or third-party data sharing), which you may withdraw at any time, though this may affect your ability to use certain features.

4. Sharing Your Information

We may share your information in the following ways:

4.1 With persons you designate

• Your Next of Kin or authorised users may access your Account and information stored in the Service once your death has been confirmed, in accordance with applicable law and our access-control procedures.
• The information they can see is determined by your privacy settings and any restrictions you apply.

4.2 With service providers and third parties

• We may share your information with third-party processors who provide services such as hosting, cloud infrastructure, security, analytics, customer support, payment processing (for any optional paid features), and identity verification.
• We require these parties to process your information only on our instructions and in accordance with appropriate contractual and security safeguards.

4.3 For legal and safety reasons

• We may disclose your information if required by law, court order, government request, or regulatory authority, or to protect the rights, safety or property of Legacy Assured, Users, or others.
• We may share information where necessary to investigate, prevent or respond to fraud, abuse, security incidents or other illegal activity.

4.4 In business transfers

If Legacy Assured undergoes a merger, acquisition, sale, restructuring or similar transaction, your information may be transferred as part of that transaction, subject to appropriate safeguards.

4.5 In aggregated or anonymised form

We may share anonymised or aggregated data with partners, researchers or the public for statistical, research or business purposes, without identifying you personally.

We will not sell your personal information to third parties for advertising or marketing unrelated to the Service.

5. International Data Transfers

5.1 Your information may be transferred to, stored in and processed in countries outside your country of residence, including the United Kingdom, the European Economic Area, the United States, Singapore and other jurisdictions where our or our partners' cloud infrastructure and services are located.

5.2 Where information is transferred to countries that do not have an adequacy decision from the European Commission or that are not otherwise deemed to provide an equivalent level of protection, we will apply appropriate safeguards, such as standard contractual clauses, contractual commitments, or other mechanisms required by law.

5.3 You consent to such transfers to the extent permitted by applicable law.

6. Data Security

6.1 Legacy Assured implements technical and organisational measures designed to protect your information, including:

• encryption in transit (e.g., TLS) and at rest;
• access controls, role-based permissions and secure authentication (for example, multi-factor authentication options);
• monitoring, logging and incident-response procedures.

6.2 Despite these measures, no online service can guarantee absolute security. You are responsible for choosing strong passwords, keeping your credentials secure, and promptly notifying us of any unauthorised access.

6.3 Legacy Assured will report any personal data breach that is likely to result in a high risk to individuals' rights and freedoms, in accordance with applicable law.

7. How Long We Keep Your Information

7.1 We retain your information for as long as your Account is active and for such additional period as may be required:

• by law, regulation, or regulatory guidance;
• to comply with legal or regulatory obligations;
• to protect our legal rights or defend against claims.

7.2 After such periods, your information will be securely deleted or anonymised, except where retention is required by law.

7.3 If you delete your Account, we will remove your information from active access as soon as reasonably practicable, subject to any legal or regulatory retention requirements.

8. Your Rights

Depending on your country of residence, you may have one or more of the following rights in relation to your personal information:

8.1 Access: request a copy of the personal information we hold about you.

8.2 Rectification: request that inaccurate or incomplete information be corrected.

8.3 Erasure (Right to be forgotten): request deletion of your information, where applicable and subject to legal constraints.

8.4 Restriction of processing: request that we limit the processing of your information in certain circumstances.

8.5 Data portability: where applicable, request your information in a structured, commonly used and machine-readable format, or ask for it to be transferred to another controller.

8.6 Objection: object to certain types of processing, such as processing for direct marketing or for legitimate interests.

8.7 Withdrawal of consent: where processing is based on consent, you may withdraw consent at any time, though this may affect your ability to use certain features of the Service.

To exercise any of these rights, please contact us at privacy@legacyassured.io. We will respond within the timeframes required by applicable law. We may ask for proof of identity or further information to verify your request.

9. Children's Privacy

9.1 The Service is intended for users aged 18 and over.

9.2 Legacy Assured does not knowingly collect or solicit personal information from individuals under 18.

9.3 If Legacy Assured becomes aware that it has collected information from a child under 18, it will take steps to delete that information in accordance with applicable law.

10. Cookies and Other Tracking Technologies

10.1 Legacy Assured uses cookies and similar technologies to:

• enable the Service to function correctly;
• recognise you when you return;
• remember your preferences;
• analyse traffic and usage patterns;
• improve and personalise your experience.

10.2 You can manage or disable cookies through your browser settings, but doing so may affect the functionality of the Service.

10.3 We may also use third-party analytics providers who may set their own cookies in accordance with their own privacy policies.

11. Your Choices

11.1 You can:

• update your Account details and preferences at any time within the Service;
• designate, change or remove Next of Kin or authorised users;
• adjust your privacy settings (where available) to control who can access your record and what they can see;
• opt out of marketing or non-essential communications, where applicable.

11.2 You may also choose to delete your Account entirely (see section 7) if you no longer wish to use the Service.

12. Changes to This Privacy Policy

12.1 Legacy Assured may update this Privacy Policy from time to time to reflect changes in our practices, the Service or applicable law.

12.2 Any changes will be posted on this page with a revised "Last updated" date. Where material changes are made, Legacy Assured will, where reasonably practicable, notify Users via email or in-account messages.

12.3 Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

13. Contact Us

If you have questions, concerns or requests regarding this Privacy Policy, your data or your rights:

• For general privacy and data-protection enquiries: privacy@legacyassured.io
• For other support or legal-related enquiries: support@legacyassured.io
• For formal legal or regulatory correspondence: compliance@legacyassured.io

Legacy Assured will respond to your inquiry within a reasonable time.