Privacy Policy

01Introduction

Heritance Technologies Inc. ("Heritance," "we," "us," or "our") is committed to protecting the privacy of individuals who visit our website, use our platform, or otherwise interact with our services. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you interact with tryheritance.com and any related services we provide.

This policy applies to personal information processed by Heritance as a data controller. When Heritance processes personal information on behalf of a customer firm — for example, data about the heirs or clients of a wealth management firm using our platform — Heritance acts as a data processor, and the customer firm acts as the data controller. Those processing activities are governed by the data processing terms in the customer agreement, not this policy.

By using our services, you acknowledge that you have read and understand this Privacy Policy. If you do not agree with the practices described here, please do not use our services.

02Information We Collect

We collect information that you provide to us directly, information collected automatically when you interact with our services, and information from third parties where permitted by law.

Information you provide directly includes: contact details (name, email, phone, firm) submitted through demo-request forms, contact forms, and careers applications; account credentials and profile information when you register for the Heritance platform; and any additional information you choose to provide in free-text fields, support tickets, or correspondence with our team.

Information collected automatically includes: device and browser information (user agent, operating system, screen resolution); IP address and approximate geographic location; log data (pages viewed, referring URL, timestamps, interaction events); and cookies or similar technologies as described in the Cookies and Tracking section below.

We may receive additional information from integrated third-party services — for example, from CRM platforms we integrate with at the direction of a customer firm, or from authentication providers when you log in using single sign-on.

03How We Use Your Information

We use personal information to provide, operate, and improve the Heritance platform and website; to respond to inquiries, schedule demos, and process applications; to communicate with you about product updates, service announcements, and — where you have opted in — marketing communications.

We also use information for analytics (understanding how visitors and customers use our services so we can improve them), security and fraud prevention (detecting and preventing unauthorized access, abuse, and violations of our Terms of Use), compliance with legal and regulatory obligations, and to enforce our agreements.

We do not use personal information to make automated decisions that produce legal or similarly significant effects about you without appropriate safeguards and human oversight.

04Legal Basis for Processing (GDPR)

If you are located in the United Kingdom or the European Economic Area, we process your personal data on one or more of the following legal bases:

Consent — where you have given us clear consent to process your personal data for a specific purpose, such as subscribing to our newsletter or allowing non-essential cookies. You may withdraw consent at any time.

Contract — where processing is necessary to perform a contract with you, such as providing you access to the Heritance platform, or to take steps at your request before entering into a contract, such as responding to a demo request.

Legitimate interests — where processing is necessary for our legitimate interests (or those of a third party), and those interests are not overridden by your rights and freedoms. Examples include improving our services, securing our platform, and conducting proportionate direct marketing to business contacts.

Legal obligation — where we are required to process personal data to comply with a legal obligation, such as responding to lawful requests from public authorities.

05Sharing and Disclosure

We do not sell your personal information. We share personal information only as described in this policy.

Service providers — we share information with vendors that provide infrastructure and operational services to Heritance, including Supabase (database and authentication), Vercel (hosting and deployment), SendGrid (transactional email), and Stripe (payment processing). These providers are contractually bound to use personal information only to perform services on our behalf.

Legal and safety reasons — we may disclose information when we believe in good faith that disclosure is required by law, regulation, legal process, or enforceable governmental request, or when necessary to protect the rights, property, or safety of Heritance, our users, or the public.

Business transfers — if Heritance is involved in a merger, acquisition, financing, reorganization, or sale of assets, personal information may be transferred as part of that transaction. We will notify you of any such transfer and any resulting changes to this policy.

With your consent — we may share information for any other purpose you consent to.

06Cookies and Tracking

Heritance uses cookies and similar technologies to operate the website and platform, remember your preferences, analyze usage, and — where applicable — support marketing activities.

Essential cookies are required for core functionality, including authentication, session management, and security. These cannot be disabled without affecting the service.

Analytics cookies help us understand how visitors interact with our services so we can improve them. We use these only in aggregate and do not use them to identify individual visitors.

Marketing cookies, where used, help us measure campaign performance and show relevant content. We only use these with your consent where required by applicable law.

You can manage cookies through your browser settings. Blocking essential cookies will prevent parts of the platform from functioning correctly.

07Data Security

We implement reasonable technical and organizational measures designed to protect personal information from unauthorized access, disclosure, alteration, and destruction. These measures include encryption of data in transit (TLS) and at rest, access controls and least-privilege policies, audit logging, and secure software development practices.

Heritance operates with SOC 2 framework alignment. Our platform is designed to meet the security expectations of enterprise wealth management firms, including role-based access control, multi-firm data segregation, and auditability of every heir-facing interaction.

No system is perfectly secure. We cannot guarantee absolute security, but we continuously review and update our practices to address emerging risks.

08Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this policy, unless a longer retention period is required or permitted by law — for example, to comply with tax, accounting, or regulatory obligations, to resolve disputes, or to enforce our agreements.

When personal information is no longer needed, we securely delete or anonymize it. If deletion is not technically feasible — for example, because information is stored in routine backup archives — we will isolate the information from further processing until deletion is possible.

09Your Rights

Depending on your location and applicable law, you may have the following rights with respect to your personal information:

Under the GDPR and UK GDPR — the right to access personal data we hold about you; the right to rectification of inaccurate data; the right to erasure (the right to be forgotten); the right to restrict or object to processing; the right to data portability; and the right to withdraw consent at any time where processing is based on consent.

Under the California Consumer Privacy Act (CCPA) — the right to know what personal information we collect, use, disclose, and sell; the right to request deletion of personal information; the right to opt out of the sale of personal information (we do not sell personal information); and the right to non-discrimination for exercising your privacy rights.

To exercise any of these rights, please contact us at support@tryheritance.com. We will respond within the timeframes required by applicable law. If you are in the UK or EEA and are not satisfied with our response, you may lodge a complaint with your local data protection authority.

10International Data Transfers

Heritance is based in the United States and operates infrastructure in the United States and other jurisdictions. When personal information is transferred outside of the United Kingdom or the European Economic Area, we rely on appropriate safeguards such as the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or the EU Standard Contractual Clauses adopted by the European Commission.

By using Heritance's services from outside the United States, you understand that your personal information may be transferred to, processed in, and stored in the United States and other countries where data protection laws may differ from those in your jurisdiction.

11Children's Privacy

The Heritance platform and website are not directed at children under the age of 16. We do not knowingly collect personal information from children under 16. If we learn that we have collected personal information from a child under 16 without verified parental consent, we will delete that information as quickly as possible.

If you believe we may have collected personal information from a child, please contact us at support@tryheritance.com.

12Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, our services, or applicable law. When we make material changes, we will notify you by updating the "Last updated" date at the top of this policy and, where appropriate, by providing additional notice through the platform or by email.

We encourage you to review this policy periodically to stay informed about how we are protecting your information.

13Contact Us

For questions about this Privacy Policy, to exercise any of your rights, or for any other privacy-related inquiries, please contact us at support@tryheritance.com.

Postal address and local representative details for jurisdictions that require them are available on request.