GetWill

Privacy Policy

How we collect, use, and protect your data

← Back to GetWill

Privacy Policy

GetWill — Last updated: February 2026

1. Who We Are

GetWill is a technology platform provided by Ailex Ltd. Legal services are provided by Fifty Six Law Ltd, an SRA-regulated law firm.

For will drafting and legal-service records, Fifty Six Law Ltd acts as data controller. Ailex Ltd provides platform infrastructure and processing support for delivery of the service.

2. Contact and Data Protection

For privacy questions or data rights requests, contact privacy@fiftysixlaw.co.uk.

You can also write to Fifty Six Law Ltd at its registered office (shown in the site footer and legal pages).

3. Personal Data We Collect

  • Identity and contact data: name, email, phone, address and related contact details.
  • Will-intake and family data: details about your circumstances, wishes, executors, beneficiaries, dependants, and related notes.
  • Authentication and security data: magic-link/login events, request metadata, and audit trail records.
  • Payment data: transaction status and references from Stripe. We do not store full card details.
  • Technical and analytics data: device/browser information, page and funnel events, referral/UTM parameters, and consent state.

4. How We Use Data and Legal Basis

  • Service delivery (contract): create, review, amend, and store wills; provide account access and customer support.
  • Regulatory and legal duties (legal obligation): maintain records and auditability required for legal-service delivery.
  • Security and fraud prevention (legitimate interests): protect accounts, investigate abuse, and maintain platform integrity.
  • Analytics and advertising (consent): measure campaign performance, understand journey drop-off, and build remarketing audiences.

5. Cookies, Analytics and Remarketing

Essential cookies are used for core functionality. Analytics/advertising technologies are activated only when you select Accept All.

  • Consent state: we store your choice in local storage and a first-party cookie-consent cookie.
  • Analytics/attribution cookies: may include Google Analytics cookies (for example _ga and stream-specific _ga_*), plus advertising identifiers such as Meta _fbp/_fbc when consented.
  • Remarketing: where consented, conversion and behavioral events may be used to build audiences (for example started journey but did not complete purchase).

You can change your preference by clearing site storage and revisiting the site, or by contacting us.

6. Data Sharing

We share data only where required to provide the service:

  • Stripe for payment processing.
  • Cloud hosting/storage providers for secure platform operations.
  • Analytics/advertising providers (consent only) including Google, Meta, and TikTok.
  • Professional legal team members at Fifty Six Law for solicitor review.

We do not sell your personal data.

7. International Transfers

Where data is processed outside the UK, we use appropriate safeguards (such as UK IDTA or equivalent contractual protections) and provider security controls.

8. Data Retention

  • Legal-service records: retained in line with legal/regulatory obligations (typically up to 7 years after closure).
  • Analytics/marketing data: retained per configured platform retention settings and only where consented.
  • Security and audit logs: retained for operational, fraud-prevention, and compliance needs.

9. Your UK GDPR Rights

You have rights of access, rectification, erasure, restriction, portability, and objection.

Where processing is based on consent (including remarketing tags), you can withdraw consent at any time.

To make a rights request (including a Data Subject Access Request), contact privacy@fiftysixlaw.co.uk or support@getwill.co.uk. We may request verification details before release.

Our DSAR process includes account data, form submissions, support records, and operational logs linked to your identity. For unpaid work products, we may confirm drafting status and related metadata without disclosing the unpaid document output itself.

You may lodge a complaint with the ICO at ico.org.uk.

10. Security and Automated Decisions

  • Encryption in transit (TLS) and at rest.
  • Access controls, least-privilege permissions, and audit trails.
  • Automated systems may support operational steps (for example routing, fraud checks, and analytics), with review and escalation controls in place.

11. Policy Updates

We may update this policy from time to time. Material changes will be reflected by updating the date above and, where appropriate, additional notice in-product.