Privacy Policy

1. Who we are

Inheritas Wills (“we”, “us”, “our”) is a provider of will-writing and estate planning services. For the purposes of data protection law, the data controller is Inheritas Wills, registered at 12a Castle Street, Reading, RG17RD, with contact email Info@inheritaswills.co.uk and telephone 07835193488.

If you have questions about this policy or how we handle your personal data, please contact us using the details above.

2. The information we collect

We may collect, use and store the following categories of personal data:

  1. Identity data, such as your full name, title, date of birth and relationship information where relevant to your instructions.

  2. Contact data, such as your email address, telephone number, postal address and preferred communication method.

  3. Estate planning data, such as details about beneficiaries, executors, guardians, family circumstances, property ownership and wishes relevant to a will or related document.

  4. Financial and asset information where needed to support estate planning advice, trusts, lasting powers of attorney or related services.

  5. Special category or sensitive information only where it is necessary for the service requested and permitted by law, for example health-related information relevant to capacity, care planning or power of attorney arrangements.

  6. Technical data, such as IP address, browser type, device information, cookies and website usage data.

  7. Marketing preferences, including whether you want to receive updates, guides or service information from us.

3. How we collect your data

We collect personal data directly from you when you complete a form on our website, call us, email us, book a consultation, instruct us to provide services or otherwise communicate with us.

We may also receive information from third parties acting on your behalf, such as your spouse, partner, attorney, family member or professional adviser, where they are authorised to share that information.

Technical data may be collected automatically through cookies, analytics tools and standard website logs.

4. How we use your data

We use personal data to operate our business lawfully and provide estate planning services effectively. This may include using your information to:

  1. Respond to enquiries and arrange consultations.

  2. Prepare wills, mirror wills, trusts, powers of attorney and other estate planning documents.

  3. Verify your identity, confirm your instructions and maintain accurate records.

  4. Take payment, issue invoices and manage our business administration.

  5. Comply with legal, regulatory and professional obligations.

  6. Improve our website, services, client experience and internal processes.

  7. Send service-related communications and, where permitted, marketing communications.

5. Our lawful bases

Under UK GDPR, we rely on one or more lawful bases depending on why we are using your data. These may include:

  1. Contract, where processing is necessary to provide the services you ask us to deliver or to take steps before entering into a contract.

  2. Legal obligation, where we must process data to comply with applicable law or regulatory requirements.

  3. Legitimate interests, where processing is necessary for the running, protection or improvement of our business and those interests are not overridden by your rights.

  4. Consent, where you have clearly agreed to a specific use of your personal data, such as optional marketing cookies or email updates.

  5. For special category data, an additional condition under data protection law, such as explicit consent or the establishment, exercise or defence of legal claims, where applicable.

6. Sharing your information

We do not sell your personal data. We may share it only where necessary and appropriate with:

  1. Professional advisers, consultants or service providers who support our operations, such as IT providers, secure document storage providers, accountants or legal professionals.

  2. Payment processors and administrative software providers.

  3. Regulators, law enforcement bodies, courts or government authorities where disclosure is required by law or to protect legal rights.

  4. Other third parties where you have asked us to do so or where sharing is necessary to carry out your instructions.

Any third-party service provider is expected to handle personal data securely and only in line with our instructions or their own legal obligations.

7. International transfers

Where any of our suppliers store or process personal data outside the UK, we will take steps to ensure your data receives an appropriate level of protection. These steps may include using providers in countries recognised as adequate, the UK International Data Transfer Agreement, or other approved safeguards.

8. Data retention

We keep personal data only for as long as necessary for the purpose it was collected, including to meet legal, professional, tax, insurance and record-keeping obligations.

Retention periods should be documented internally and reflected here, for example: client matter records for [insert period], enquiry records for [insert period], and marketing preferences until you unsubscribe or we refresh consent.

When data is no longer required, we will securely delete it or anonymise it where appropriate.

9. Your rights

Subject to the law, you may have the right to:

  1. Request access to the personal data we hold about you.

  2. Request correction of inaccurate or incomplete data.

  3. Request erasure of your personal data in certain circumstances.

  4. Request restriction of processing in certain circumstances.

  5. Object to processing based on legitimate interests or for direct marketing.

  6. Request transfer of your data to you or another provider where the right to data portability applies.

  7. Withdraw consent at any time where we rely on consent.

To exercise any of these rights, contact us using the details in this policy. We may need to verify your identity before responding.

10. Cookies and website tracking

Our website may use cookies and similar technologies to keep the site functioning, understand how visitors use it and improve performance. Cookies may include essential cookies, analytics cookies and, where used, marketing cookies.

You should provide a separate cookie notice or cookie banner explaining the specific cookies in use, their purpose, duration and how users can manage preferences.

11. Data security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, disclosure or alteration. These measures may include access controls, secure devices, encrypted systems, password protection, confidential handling procedures and vetted service providers.

12. Complaints

We hope to resolve any concern directly. If you are unhappy with how we handle your personal data, please contact us first so we can investigate.

You also have the right to complain to the Information Commissioner’s Office (ICO). Details are available at ico.org.uk.

13. Changes to this policy

We may update this privacy policy from time to time to reflect legal, regulatory, operational or website changes. The latest version will always be published on this page with the updated effective date.