Privacy Policy – Data Protection & Confidentiality

1. Information We Collect

We collect personal data necessary for digital estate planning: full name, contact details, government-issued identification, digital asset credentials, estate planning documents, beneficiary designations. This includes sensitive data such as cryptographic private keys, passwords, and biometric data if voluntarily provided.

2. Use of Personal Data

Data is processed solely for: (a) creating and maintaining digital asset inventories; (b) executing transfer protocols upon verification of trigger events; (c) compliance with legal obligations under UFADAA, GDPR, and other applicable regulations; (d) improving our AssetVault™ platform.

3. Data Sharing & Disclosure

We never sell personal data. Limited sharing occurs with: (i) authorized estate executors upon validated death certificate; (ii) legal authorities pursuant to valid court orders; (iii) subprocessors bound by GDPR Article 28 data processing agreements. All transfers are encrypted using AES-256.

4. Data Retention & Deletion

Active client data retained for duration of estate plan plus 7 years per statute of limitations. After plan completion or client death, data is securely destroyed using NIST SP 800-88 guidelines. Clients may request deletion at any time except where retention is legally required.

5. Your Rights

Under GDPR, you have rights of access, rectification, erasure, portability, and objection. Under CCPA, you may opt out of data sales (none conducted) and request disclosure. Exercise rights via encrypted portal. Respond within 30 days.