Your privacy is important to us. This privacy statement describes what personal data SecureTheFile collects from you, through our interactions with you and through our Services and how we use that data. We are committed to protecting and respecting your privacy.
For the purpose of the Data Protection Act 1998 (the Act), the data controller is Securethefile Limited of Wsm Advisors Connect House, 133-137 Alexandra Road, Wimbledon, London, United Kingdom, SW19 7JY.
Who We Are
SecureTheFile is an all-in-one personal digital archive for your most important Life Documents, optimised to ensure your loved ones and trusted advisors have everything they need, in a structured and intuitive way, whilst putting you in full control of your data. Our digital Vault is the best place to store your personal documents: a digital filing system to help you organise your paperwork. Our unique guides are free and help people better plans and organise their affairs.
We also help professional advisors better connect with their clients; offering a turnkey solution for GDPR compliance and document storage, in addition to visibility into clients’ other professional advisors.
The SecureTheFile team have made online security one of the highest priorities and take the safety of your personal data extremely seriously. SecureTheFile has been built with GDPR in mind, created to certify you have all the information you need as it relates to your interactions with SecureTheFile.
It is important to us that you feel confident in the security and data protection we deploy at SecureTheFile, therefore before signing up to the Services, we want you to understand clearly how we process and use data. This includes, but is not limited to, the collection of data; storage of data; usage of data; sharing of data and time allocation for hosting the data.
Securethefile Limited is a company incorporated and registered in England and Wales with company number 11597076.
Information We May Collect on You
We may collect and process the following personal data that you provide to us when using our Website (www.securethefile.com) and any of our Services:
- Full Name
- Contact Number
- Date of Birth
- Email Address
- Date of birth
In addition, we will collect and process the following information:
Information that is provided as it relates to the Services you request on our Website
- Correspondence records between you and us
- Details of transactions you carry out through our Website and of fulfilment of your orders
- Information that you provide in surveys on our Website (these are optional) (if applicable)
- Details of website visits including, but not limited to, traffic, location data, communication data and weblogs, whether this is necessary for our own billing reasons or otherwise and the resources that you access.
Note: SecureTheFile uses end-to-end encryption and cannot read, retrieve or otherwise see any user’s information using the Services pertaining to the digital Vault (herein, the “Vault”). i.e. SecureTheFile has no access to information that is stored in the digital Vault as part of the Services.
Personal Information and Data
- “Secure Information” means your private, sensitive, personal information that you privately submit through the Services, including your health and medical information, financial information and legal information. While we may know whether and when you submitted a particular type or category of Secure Information, we do not in the course of our standard daily business operations have access to the content or details of any Secure Information you privately submit through the Services because it is encrypted. We will share your Secure Information only with your designated Read Or Write Access Nominee (as defined below) and only pursuant to your, or (if applicable) your Nominees, explicit instruction, except when we are required to by law or in other rare circumstances, as described below. There may also be set, defined, roles for certain types of professional advisors. e.g. your Financial Advisor will have access to Basic Information, in addition to your Financial Advice library and subsequent folders unless otherwise specified.
- “Use Information” means certain high-level information about your use of and access to the Services that may be visible to a professional advisor or Partner Provider if you accepted an Invitation from that professional advisor or Partner Provider, as applicable, to sign up for and access the Services (as defined below) (if applicable), which may include the sign-up session length, the date and time of your last login to the Services, your total number of logins to the Services, and which sections and libraries of your SecureTheFile library you have completed. We may share your Use Information only with your professional advisor and potentially other Nominees when applicable.
- “Public Information” means any personally identifying information you post in any public forum through the Services (e.g., in the comments section below articles). Please remember that any Public Information you post publicly on the Services is not private, and thus may be used or disclosed by any third party who reads such Public Information without our control and without your knowledge, and search engines may index that information. Accordingly, please think carefully before publicly posting any Public Information on the Services, or otherwise on the Website.
Non-Personal Information and Data
- As opposed to Personal Information, “Non-Personal Information” does not, on its own, uniquely identify you or anyone else as a specific individual, but rather offers and delivers technical data, such as information about your interaction with the Services or about your browser. Non-Personal Information may include Aggregate Information, and Cookie Information, each of which is described in further detail below.
- “Aggregate Information” means statistical information about how, how often, and when you use the Services and your demographic information. We may use Aggregate Information in order to understand how and how often people use the Services, which in turn allows us to improve them, but never in a way that is individually or directly identifiable.
iii. “Cookie Information” means information collected via cookies which enable our servers to recognize your web browser and tell us how and when you visit the Site and otherwise use the Services. Cookies are small pieces of data that are stored on your computer through your web browser when you access a website. Our cookies by themselves do not contain Personal Information, and we do not combine Cookie Information with your Personal Information to tell us who you are.
- While many browsers have an option to turn off the cookie feature (which may prevent your browser from accepting any new cookie or may allow you to decide which cookie to accept from any website on a case-by-case basis), we strongly recommend that you leave cookies active because the Cookie Information we derive enables us to provide you with the most advantageous and attractive features of the Services.
Information SecureTheFile Typically Does Not Collect (But May)
How SecureTheFile Stores Your Data
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers, likely Microsoft. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is processed to the same standards as if it were being processed within the EEA.
Sharing with Nominees
We will share your Secure Information (information which has been placed in your digital Vault) only with your designated Read Or Write Access Nominees and only pursuant to and in accordance with your opt-in authorisation (“Authorisation”) and explicit instruction, including the permissions you set that give any particular Read Or Write Access Nominee access to only certain designated portions of your SecureTheFile Vault. If you designate any of your Secure Information as only shareable with Read or Write Access Nominees after you are Declared Dead, then SecureTheFile will only share such Libraries or folders according to the instructions explicitly provided. If no instructions are left, we will act in accordance to UK law and grant access to information through a verification process of an acting representative. As part of your use of the Services, you may designate one of your Nominees or another individual.
6b. Sharing with Professional Advisers
Signing up to the Services using an Invitation you received from your professional advisor or a Partner Provider, enables us to potentially share your Use Information with such professional advisor or Partner Provider, all of whom are contractually bound to protect the confidentiality of your Personal Information. For the avoidance of doubt, we don’t share any of your Secure Information with Professional Advisers or Partner Providers unless you have designated them as Access Nominees for the particular Secure Information you have chosen to share.
6c. Sharing with Proxys
We may share certain of your Basic Information with certain partners or service providers we use to perform, facilitate or improve the Services (collectively, “Procys”), but only in order for SecureTheFile to be able to provide you the Services. All of our Proxys are contractually bound to protect the confidentiality of your Personal Information. We may also share non-personal Aggregate Information with our Proxys so that they understand how and how often people use our Services and their services, which in turn allows both us and them to improve. We do not share your Secure Information with Proxys.
We may collect information about your computer or mobile device, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
Third Party Advertising
Age of Consent
Individuals can only register an account with SecureTheFile if they are 18 years or over.
If you are under 18 years of age please do not use the Services provided by SecureTheFile, and do not provide us with any of your personal data.
If you are a parent and you are aware that your child has provided SecureTheFile with personal data, please contact us immediately at firstname.lastname@example.org
Data Holding and Deletion
We keep your personal data only for as long as required to manage your account and provide you with our Services. All of your data will be retained by SecureTheFile for as long as you remain a user. All of your account details will be deleted 12 months after a Notice of Death has been successfully processed against your account (as supplied by your chosen account executors, Nominees or verifiable representative).
You have the right to delete your SecureTheFile account at any time. Please contact us at email@example.com
All information you provide to us is either stored on our secure servers or hosted on Microsoft Azure’s web hosting services. Any payment transactions are encrypted using SSL technology and security is provided by GoCardless on their website. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. We also ask you enable and utilise two-factor authentication for the best possible security protection.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. These procedures and processes go above what is expected and compliance to both UK and EU law.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such reasons or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can exercise your right at any time by contacting us at firstname.lastname@example.org
In addition, under the GDPR legislation, you have specific rights in regard to your personal data. These rights are as follows:
Right to access – You have the right to be informed of or request access to the personal data we hold on you.
Right to Erasure – You have the right to request that we delete your personal data.
Right to Rectification – You have the right to request that we amend or update your personal data where it is inaccurate or incomplete.
Right to Restrict – You have the right to request that we stop processing some or all of your data, either temporarily or permanently.
Right to Data Portability – You have the right to ask for a copy of your personal data and the right to transfer this personal data for use by another provider.
Right to Object – You have the right to object to us processing your personal data and you have the right to object to your personal data being used for direct marketing activities.
Right not to be subjected to automated decision making – You have a right not to be subjected to decisions being made solely by automation. You have a right to object to profiling of your data.
Right to lodge a complaint – You have the right to lodge a complaint if you are not happy with what we do with your data. This can be sent to Information Commissioners Office, Wycliffe House Water Lane, Wilmslow, Cheshire, SK9 5AF.
The Requirements of Data Protection Laws
- We will only collect sufficient personal information for the uses set out above.
- We will endeavour to keep personal information up-to-date.
- We will not retain personal information longer than necessary unless required to do so by law.
To find out more about data protection, you may visit the following sites:
Disclosure of Your Information
We may disclose your personal information to any member of our group, which means our subsidiaries or third-parties, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
Furthermore, to the purposes stated above in relation to third party goods and/or services you have consented to, we may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If SecureTheFile or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
Disclosure pursuant to applicable law
- Other than sharing with Nominees, Proxys or to sellers or buyers as described above, we can only share Personal Information, including your Secure Information, in the limited circumstances described below relating to your abuse or misuse of the Services or legal process.
- If we deem that you have mistreated or abused the Services or the Personal Information of any other user, or have attempted to interfere with or harm the Services, we will investigate and cooperate with appropriate law enforcement officials, which may include sharing your Basic Information with them in order to protect our rights or property or that of other users, Nominees, Proxys, and others. We will give our full cooperation in any legal process or criminal investigation into any misuse or abuse of the Services.
- We may also share your Personal Information solely to the extent required by law to comply with a subpoena or analogous legal process or governmental request; while this may include certain of your Secure Information, rest assured that we will never willingly share any of your Secure Information unless required by law. We also do not have the ability to decrypt information which is held in your Vault. We may also share your Personal Information as otherwise necessary to protect our rights or property or that of other users, Nominees, Proxys and others.
- We will promptly notify you if we receive any request for your Personal Information or Secure Information from any governmental entity or other third party pursuant to a subpoena or analogous legal process before sharing any such requested information, unless we are legally prohibited from so notifying you or we have a good faith reason to believe that such sharing is or may be necessary to protect someone’s life, avoid serious physical injury or property loss or damage, or to prevent or investigate any ongoing crime.
Access to Information
The Access to Information Act (1985) (The “Act”) gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.
SecureTheFile Contact Information
Our corporate details and address and other contact details are Securethefile Limited of Wsm Advisors Connect House, 133-137 Alexandra Road, Wimbledon, London, United Kingdom, SW19 7JY.