If you are an advisor via our partner program using Kinvault, there may also be data protection
terms in our contract that apply to our processing of Personal Data.
Definitions and interpretation
|a small text file placed on your computer by our Website when you visit certain parts of the Website and/or when you use certain features of the Website. Details of the cookies used by this Website are set out in the clause below (Cookies);
|Data Protection Laws
|any applicable law relating to the processing of Personal Data,
including but not limited to the GDPR, and any national implementing laws or related laws, regulations and secondary legislation;
|the General Data Protection Regulation (EU) 2016/679 and any UK
equivalent following the UK’s exit from the European Union;
we or us
|Kinherit LTD, a company incorporated in England and Wales with
registered number 11500962 whose registered office is at Equinox
South Great Park Road, Bradley Stoke, Bristol, England, BS32 4QL;
|any information that enables us to identify an individual, either directly or indirectly;
|UK and EU Cookie Law
|the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 and any legislation that supersedes, amends or replaces all or part of such Regulations in the UK;
|User or you
|any individual that accesses the Website, takes products or services from Kinherit LTD or otherwise engages with Kinherit LTD and is not either (i) employed by Kinherit LTD and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to Kinherit LTD and engaging with Kinherit LTD in connection with the provision of such services.
- the singular includes the plural and vice versa;
- a reference to a person includes firms, companies, government entities, trusts and partnerships;
- “including” is understood to mean “including without limitation”;
- reference to any statutory provision includes any modification or amendment of it;
- For purposes of the applicable Data Protection Laws:
- Where you use the Kinvault platform provided to you by your advisor, with your advisor’s branding, Kinherit LTD is the “data processor” and your advisor is the “data controller”. This means that your advisor determines how and why your Personal Data is processed and is ultimately responsible for ensuring compliance with applicable Data Protection Laws. We
- We collect the following Personal Data, which you give us when you use a Website, contact us, register with us, set up an account, use our services or otherwise when we engage with you to provide products and services:
- date of birth;
- marital or relationship status;
- next of kin details;
- contact Information such as email addresses and telephone numbers;
- demographic information such as postcode, preferences and interests;
- financial information such as details of assets and relevant policies; and
- other information that you provide in your Customer Summary Document or otherwise when you communicate or engage with us.
- The following Personal Data is automatically collected from you when you use our Websites, by using Cookies (further information can be found in the section headed “Cookies” below):
- IP address;
- web browser type and version;
- operating system;
- a list of URLs starting with a referring site, your activity on this Website, and the site you exit to;
- You will also provide us with Personal Data about other individuals, such as executors and beneficiaries, and we will use this data to deliver the services that we provide to you. Where we may deal with such other individuals, we will identify your arrangements as the basis for us storing the data.
- Kinherit does not seek to collect special category data (as defined on the ICO website) other than in relation to unstructured specific items which customers may choose to incorporate in their end-of-life planning. Where customers choose to upload their own information, it is stored in compliance with Kinherit’s data security protocols which include restrictions on access to areas necessary to deliver Kinherit’s service.
Our use of Personal Data
- We use your Personal Data for the following purposes:
- to provide you with our services;
- to allow you to use, and store Personal Data in, our Websites;
- to communicate with you and respond to any queries, comments or issues that you raise;
- to allow you to register for, and to run and manage, accounts that you set up on our Websites;
- for internal record-keeping purposes;
- to improve our products and services; and
- where you have consented to receiving electronic direct marketing
(or where you are an existing customer and have not opted out), to market our products and services to you.
- Where we use your Personal Data to provide you with our services, to allow you to use our Websites and to allow you to register for, and to run and manage, your accounts, the legal basis for this processing is the performance of a contract between you and us and/or taking steps
to enter into such a contract.
- In all other circumstances, we process your Personal Data on the basis that the processing is necessary for the purposes of our legitimate interests. We have a legitimate interest in ensuring that we provide the best service possible to our customers and respond to customer
queries, as well as in promoting our business. We also have a legitimate interest in keeping accurate records of services we provide, for example for tax and accounting purposes. You have a right to object to us processing your Personal Data for these purposes, but we may not always need to comply with any such request. Please see the section headed “Your rights” below for more information.
Who we share Personal Data with
- We share your Personal Data with the following groups of people for the following reasons:
- anyone else who instructs us jointly with you, for example your partner;
- your advisor, if you authorise us to do so (for example, by granting your IFA access to your Kinvault);
- your executors, trustees, relatives, family and other named persons by you at the time of decease as part of our core service;
- professional advisors – to obtain legal or non-legal advice;
- relevant authorities – to facilitate the detection of crime and where required at the time of decease; and
- third party service providers that we engage in connection with the provision of our services, such as website developers, IT support providers and our hosting provider (Amazon Web Services) and online payments & identity verification provider (Stripe).
Keeping Data secure
- We will use technical and organisational measures to safeguard your Personal Data, for example:
- access to your account is controlled by a password and an email/username that is unique to you;
- we store your Personal Data on secure servers in the UK and we do not transfer your personal data outside the UK/EEA;
- data is encrypted in transit and “at rest” (i.e, backups);
- all traffic is encrypted using SSL technology (typically you will see a lock icon or green address bar (or both) in your browser when we use this technology.
- Our payments provider Stripe is fully PCI compliant, and no credit card details are stored on our servers.
- Technical and organisational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorised access to your Personal Data, please let us know immediately by contacting us via this email address: firstname.lastname@example.org.
- If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
- Even if we delete your Personal Data, it may persist on backup or archival media for legal, tax or regulatory purposes. If this is the case, we will ensure that the Personal Data can only be accessed by authorised individuals in exceptional circumstances.
- You have the following rights in relation to your Personal Data:
- Right to access – the principal Personal Data that we hold about you will be available to you at any time via your kinvault. If you request a copy of the detailed notes underpinning your advisor discussions, we will provide this subject to an administration charge. Should we be called on to support a court case involving a disputed Will, there may be extra charges in order to extract individual call recordings and otherwise provide support, and this will depend on the situation. If you request information that we are bound to provide under GDPR regulations, this will be provided in accordance with appropriate laws. Where we are legally permitted to do so, we may refuse your request, in which case we will tell you the reasons why.
- Right to correct – the right to have your Personal Data rectified if it is inaccurate or incomplete. If you think that we are holding inaccurate Personal Data about you, or
if any of your details change, you must inform us immediately by emailing email@example.com.
- Right to erase – the right to request that we delete or remove your Personal Data from our systems in certain circumstances. We do not always need to comply with such a request, but if we do not, we will tell you the reasons why.
- Right to restrict our use of your Data – the right to “block” us from using your Personal Data or limit the way in which we can use it. This right only applies in certain circumstances and we may not be legally obliged to comply with your request; if this is the case, we will tell you the reasons why.
- Right to data portability – the right to request that we move, copy or transfer your Personal Data, in a common electronic format, to you or another provider where possible. This right only applies to the Personal Data that we process for the purposes of providing our services, our Websites or running and managing your account.
- Right to object – the right to object to our use of your Personal Data where we use it for our legitimate interests. If we have compelling legitimate grounds to continue to process your Personal Data, we will be able to continue to do so.
- Right to opt out of electronic marketing –
the right to let us know that you do not want to receive further electronic direct marketing from us. You can do this by clicking “unsubscribe” in any marketing emails that we send.
- To make enquiries or exercise any of your rights set out above, please contact us via this email address: firstname.lastname@example.org.
- If you are not satisfied with the way a complaint you make in relation to your Data is handled by us, you may be able to refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioner’s Office (ICO). The ICO’s contact details can be found on their website at https://ico.org.uk/.
- It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period for which we hold it.
Links to other websites
statement of other websites prior to using them.
Changes of business ownership and control
- We may also disclose Personal Data to a prospective purchaser of our business or any part of it.
- In the above instances, we will take steps with the aim of ensuring your privacy is protected.
- All Cookies used by our Websites are used in accordance with current UK and EU Cookie Law.
- You may, if you wish, prevent your browser placing Cookies; however certain features of the Website may not function fully or as intended
- Our Websites may place the following types of Cookies:
|Type of Cookie
|Strictly necessary cookies
|These are cookies that are required for the operation of the Website. They include, for example, cookies that enable you to log into secure areas of our Website, use a shopping cart or make use of e-billing services.
|They allow us to recognise and count the number of visitors and to see how visitors move around our Website when they are using it. This helps us to improve the way the Website works, for example, by ensuring that users are finding what they are looking for easily.
|3rd Party Cookies
|These are set by 3rd parties in order to provide specific
services such as embedded video.
- You can find a list of Cookies that we use in the Cookies Schedule below.
- You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept Cookies but this can be changed. For further details, please consult the help menu in your internet browser.
- You can choose to delete Cookies at any time; however you may lose any information that enables you to access the Website more quickly and efficiently including, but not limited to, personalisation settings. Not accepting cookies will limit any authenticated session on our website(s) to a maximum 15 minutes.
- It is recommended that you ensure that your internet browser is up-to-date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.
- For more information generally on cookies, including how to disable them, please refer to aboutcookies.org. You will also find details on how to delete cookies from your computer.
Below is a list of the cookies that we use. We have tried to ensure this is complete and up to date, but if you think that we have missed a cookie or there is any discrepancy, please let us know.
We use the following strictly necessary cookies:
|Description of Cookie
|We use this session cookie to remember you and maintain your session whilst you are using our Website. This is not set until you login and are a registered user.
We use the following analytical/performance cookies:
|Description of Cookie
|Google Analytics, Facebook
|We use this cookie to help us analyse how users use the Website.
3rd Party Cookies
When viewing a video on our website, we make use of various cookies
|Description of Cookie