Data & Privacy

We minimise data collection. Reports are generated from your answers. We also record anonymised website journey metrics to keep the service reliable — without putting your answers, name, email or payment card details into those metrics.

What we collect

  • Assessment answers (to generate your report)
  • First name (to personalise emails we send you)
  • Email address (to deliver your report and receipts if you choose email delivery)
  • Outward postcode (for example "G72, SW1A") to support future location-based signposting to services if you opt in
  • IP address (for geo-specific identification to display country-specific questionnaires applicable to your country of origin, and for security/rate limiting purposes)
  • Country/jurisdiction (because processes and terminology differ by jurisdiction; may be pre-populated based on IP address but can be manually selected or changed)
  • Technical diagnostics needed to keep the service reliable (for example error events and performance timing), designed to avoid personal data
  • Anonymised website journey and conversion metrics (for example pages viewed, tiers selected, checkout steps, and assessment progress signals — see funnel measurement below)
  • Browser and device information (user agent, screen size) for technical compatibility and service improvement
  • Payment information (processed securely through our payment service provider; we do not store full payment card details)

We aim to collect the minimum data needed to run the service and deliver your report.

Website journey and conversion measurement (non-PII)

To keep pricing, assessment start, checkout and report delivery working reliably, we record aggregated journey events when you use the public website. These metrics are designed for service improvement and conversion monitoring — not for advertising profiles and not for legal decisions about you.

Funnel measurement uses first-party browser session storage for an anonymous session identifier and may use local storage only to distinguish new vs returning visits within your browser. We do not use third-party advertising cookies or cross-site tracking for this purpose. If your browser sends Do Not Track, funnel events are not recorded.

Types of journey events

  • Pages viewed (homepage, product pages, pricing, assessment start, checkout, report delivery)
  • Buttons and links clicked (for example start assessment, choose tier, unlock report, download PDF)
  • Assessment progress signals (for example question flow loaded, progress milestones, completion or abandonment)
  • Checkout and payment step signals (for example checkout started, payment failed or abandoned, purchase completed — amounts may be recorded as numbers only, without card details)
  • Report and add-on interactions (for example report preview viewed, email report requested, add-on offer viewed)

What each stored event may include

  • Event name (for example pricing_page_viewed or assessment_completed)
  • Timestamp
  • Anonymous browser session identifier (first-party session storage; not your name or email)
  • Correlation identifier (to group events within one visit; not linked to your account by default)
  • Assessment type and tier selected (for example probate / enhanced)
  • Route or page path (for example /uk/pricing)
  • Device type and browser family (for example mobile / chrome)
  • Referrer category (for example direct, search, or internal — not the full referrer URL with query strings)
  • Storefront or region key (for example uk)
  • Optional step index or technical context (for example load duration in milliseconds or failure reason codes)
  • Hashed user-agent fingerprint (server-side; not the raw user-agent string)

What funnel metrics never include

  • Your assessment answers or free-text responses
  • Names, email addresses, postal addresses, or dates of birth
  • Beneficiary, executor, donor, or spouse names
  • National Insurance numbers or identity document details
  • Payment card numbers or CVV codes
  • Passwords, access tokens, or session secrets

Payloads are validated server-side. Events that appear to contain personal data are rejected rather than stored.

Why we record these metrics

  • Measure whether pages render correctly and journeys complete reliably
  • Understand where users need clearer guidance before choosing a report tier
  • Monitor checkout and payment friction without storing card details
  • Improve the service based on aggregated, non-personal statistics

What we do not collect

  • We do not ask for full address, date of birth, bank details, ID documents, or National Insurance number.
  • We do not ask for names of beneficiaries or other individuals.
  • We do not store your assessment answers inside funnel conversion metrics or application error logs.
  • We do not include names, emails, addresses, assessment answer text, or payment card details in funnel analytics events.
  • We do not use third-party advertising or cross-site tracking cookies for funnel measurement.
  • Screenshots for error reporting are disabled by default.
  • We do not use cookies for third-party advertising or cross-site tracking.
  • We do not share or sell your personal data to third parties for marketing purposes.

How we use data

  • To generate your report from your answers
  • To personalise emails we send you using your first name (optional field)
  • To deliver your report by email if you choose email delivery
  • To identify your country of origin using IP address geo-location, enabling us to display country-specific questionnaires and content that are applicable to your jurisdiction
  • To adapt wording, process notes, and legal terminology by country/jurisdiction to ensure accuracy and relevance
  • To protect against abuse and ensure service availability through rate limiting and security monitoring (IP addresses are used temporarily for this purpose and are not stored long-term)
  • To maintain and improve reliability using non-PII diagnostics (structured error logs with redaction)
  • To support payment processing via our payment service provider where used (payment data is processed securely and we do not store full payment card details)
  • To ensure technical compatibility and improve user experience by understanding browser and device capabilities
  • To measure anonymised website journeys and conversion steps (see funnel measurement) so we can fix broken pages, reduce abandonment, and improve clarity before checkout

Free and paid assessments are treated the same from a data protection perspective. The difference is in coverage, not data handling.

Optional future signposting (not enabled by default)

If we add optional signposting to third-party services in future, we would use postcode and country to show relevant providers. This would be optional and you would be able to choose whether to use it.

This feature is not active yet. If it becomes available, we will ask you before using your location information for signposting.

Retention

  • Assessments and reports: kept only as long as needed for delivery and reasonable access. If automated deletion is enabled, records are deleted according to the configured retention policy.
  • Logs: stored as structured events and rotated/deleted on a schedule (for example 14 days for file logs and up to 90 days for database logs, depending on configuration).
  • Funnel analytics events are retained for service monitoring and improvement for a limited period (aligned with other operational logs, typically up to 90 days unless a shorter period is configured), then deleted or aggregated.
  • If you request deletion, we will delete records where we are able to, subject to legal/financial record-keeping requirements (for example payment records).

Security measures

  • Access controls and least privilege
  • Encrypted connections in transit
  • Service-role keys kept server-side only
  • Structured logging with redaction enabled

Application error logs are designed to avoid personal data. We do not log assessment answers, email addresses, or names in error logs. Logs use correlation IDs (such as assessment ID and request ID) to diagnose issues without recording the content of your answers.

Your choices

  • You can choose not to provide first name or postcode (optional fields)
  • You can request deletion (contact support if you have a support contact method)
  • If your browser sends Do Not Track (DNT), we do not record funnel journey events

IP Address Geo-Identification

We use geo-specific IP address identification to determine your approximate country of origin. This enables us to:

  • Display country-specific questionnaires that are applicable to your jurisdiction
  • Pre-populate country/jurisdiction fields to save you time (you can always change this selection)
  • Show relevant content, pricing, and legal terminology for your location
  • Ensure you receive assessments that match your country's legal processes

How it works: When you visit our website, we temporarily process your IP address to identify your country. This information is used to customize your experience and is not stored long-term. IP addresses are also used for security purposes (rate limiting and abuse prevention) but are not retained beyond what is necessary for these legitimate purposes.

Your control: You can manually select or change your country/jurisdiction at any time during the assessment process. The IP-based identification is only used as a convenience feature to pre-populate fields.

UK GDPR Compliance

All personal data we collect and process is handled in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We are committed to protecting your privacy and ensuring full compliance with UK data protection rules.

Our Legal Basis for Processing

  • Contractual necessity: Processing your assessment answers and contact information is necessary to provide you with the assessment service you have requested
  • Legitimate interests: Using IP addresses for geo-identification, security, and service improvement (we have balanced our interests against your privacy rights); recording anonymised funnel journey metrics to monitor reliability and improve the website experience (see funnel measurement)
  • Consent: Where you provide optional information (such as first name or postcode for future signposting), we process this based on your consent, which you can withdraw at any time

Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right of access: You can request a copy of the personal data we hold about you
  • Right to rectification: You can ask us to correct any inaccurate or incomplete data
  • Right to erasure: You can request deletion of your personal data (subject to legal/financial record-keeping requirements)
  • Right to restrict processing: You can ask us to limit how we use your data in certain circumstances
  • Right to data portability: You can request your data in a structured, machine-readable format
  • Right to object: You can object to processing based on legitimate interests
  • Rights related to automated decision-making: You have rights regarding automated processing (though our assessments are not fully automated decision-making under GDPR Article 22)

To exercise any of these rights, please contact us through our Contact page or Report a Problem page.

Data Controller Information

We are the data controller for the personal data we collect. If you have concerns about how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's data protection regulator. You can find more information at ico.org.uk.

Data Processing Principles

We process your data in accordance with the UK GDPR principles:

  • Lawfulness, fairness, and transparency: We only process data for specified, legitimate purposes and are transparent about our practices
  • Purpose limitation: We only collect data for specified, explicit purposes and do not use it for incompatible purposes
  • Data minimisation: We only collect data that is necessary for our purposes
  • Accuracy: We take steps to ensure data is accurate and kept up to date
  • Storage limitation: We do not keep data longer than necessary (see Retention section above)
  • Integrity and confidentiality: We implement appropriate security measures to protect your data
  • Accountability: We are responsible for demonstrating compliance with these principles

International Data Transfers

Your data is primarily processed and stored within the UK and European Economic Area (EEA). If we need to transfer data outside the UK/EEA, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the UK government
  • Adequacy decisions by the UK government
  • Other legally recognized transfer mechanisms

Our payment service provider (Stripe) may process payment data in accordance with their own privacy policy and applicable data protection laws. We ensure all third-party processors meet UK GDPR standards.

International Use

If you select a country outside the UK, the report will use general process language and may include different official guidance links where available. All data processing remains subject to UK GDPR principles regardless of your location.

Final disclaimer: We provide information and process guidance only, not legal advice.

Information only. Not legal advice or tax advice.