Privacy Policy

Welcome to Grateful Estate! This Privacy Policy describes how personal information is collected, used and stored through use of our legacy management platform and through use of our websites and web-based resources. We refer to our platform, websites and web-based resources as the “Services”.
In this Policy, we use the word “Subscriber” to refer to anyone who has subscribed to and paid for use of our legacy management platform. We use the word “you” to refer to any individual user of our Services, a loved one whose contact and relationship information has been uploaded onto our platform by a Subscriber, or an individual browsing or using our websites and web-based resources.


Notice to Loved Ones

If you are a loved one of one of our Subscribers, your Subscriber(s) controls your contact and relationship information, including your contact information, billing details and relationship records. Please contact your Subscriber(s) for any questions about your contact or relationship information. See the section titled Loved One Data below for further information.


Why Grateful Estate Collects Personal Information

Grateful Estate collects personal information in order to provide our Services to our Subscribers and their users, to learn about use of our Services (for improvement, accessibility and relevant content), and to provide you with information about our Services, including features and promotions. We collect only the minimum amount of personal information needed for these purposes. We do not sell or trade personal information, and we will only share your personal information with third parties in the ways that are described in this Privacy Policy.

Information Grateful Estate Collects from You

Contact Information. We collect your contact information, such as your name, email address and organization, when you fill out our online forms or set up your user account for our Services. We use your contact information to activate your user account, give you access to the Services, and to send you notices about your user account. We may also use your contact information for marketing purposes, such as promotional emails, direct mail and sales contacts. You can opt-out of our marketing communications at any time by unsubscribing or contacting us at
Please note that Grateful Estate does collect and manage the contact information of the Loved Ones you listed or uploaded within our platform , and distributes marketing or other communications between a Subscriber and its Loved Ones.
Billing Information. When a Subscriber subscribes to our Services, we also collect credit card information to process payment. Credit card information is provided directly to our payment processor and is processed in a PCI-compliant manner. We do not keep your credit card information. Note that when credit card information is referred to as being “stored”, this means we have a “token”. The token replaces sensitive information and acts as a non-sensitive placeholder that can be used by the payment processor to reference your credit card information when payments need to be processed.
Log and Device Information. When you access and browse our Services, we collect information about how you are accessing our Services, such as your internet or mobile network connection, your browser or the type of mobile device you are using (if applicable). We use this log and device information to identify how our Services are being accessed and used so we can optimize them for the types of connections, browsers and devices being used. This information is not used to market or send promotions at an individual user level.
Cookies and Tracking Information. Our website uses cookies. Cookies are small data files that are downloaded to your computer or device by a website. Your web browser lets you manage cookies through its “settings” or “options” menus. You can change your browser settings to display a warning before accepting a cookie or to refuse all cookies. You can also delete cookies at any time; however, please note that certain cookies must remain in order to use certain portions of the Services. We also use web beacons, which are tiny graphic objects embedded in a web page or an email which allows us to determine if a user has viewed the web page or email.
We use cookies and web beacons:
  • To learn about use of our websites, such as user traffic patterns and the effectiveness of our navigational structure
  • To identify email open rates in order to gauge the effectiveness of certain communications or marketing campaigns to clinics
  • To allow you to login to secure areas of our Services
  • To store your login credentials for easy access to our Services
For more information about cookies, see our Cookie Policy.
Social Media. If you login to our Services using a third-party sign-in service, such as Google, Facebook Connect or Twitter, we will receive personal information from those services, such as your name and email address in order to pre-populate our online forms. We also include social media “Like” and “Share” buttons on our websites. These features may collect your IP address and the page you are visiting on our website. They may also set a cookie to enable the feature to function properly. Your interactions with these features are governed by the privacy policies of the third parties who provide them.

Legal Basis (GDPR EU/UK)

For personal information that is subject to the General Data Protection Regulation (GDPR), we rely on the following legal bases for collecting and using your personal information:
  • Your consent
  • Our legitimate interests (which are not overridden by your privacy rights), such as operating our business, understanding and improving our
  • Services, direct marketing related to our Services, communicating with our Subscribers and users about our Services, events or related resources, improving our websites and protecting our legal rights and interests.
You may withdraw your consent at any time. Where we are using your personal information for our legitimate interests, you have the right to object to that use. See below under Your Rights for how to withdraw consent or object.
If you are a patient of one of our Subscriber clinics, please contact your clinic or practitioner if you have any questions about the legal basis for collecting and using your personal information. Our Subscribers may have a different legal basis for collecting and using a patient’s personal information, such as providing health care or treatments as a regulated healthcare professional.

Patient Data

Loved Ones Data. Subscribers use our legacy management platform to collect personal information from their loved ones and create loved one records. These records may include a loved ones' contact information, and other loved one data (“Loved One Data”). This information is sometimes referred to as “personal contact and relationship information” or “sensitive data” depending on the location of the Subscribers and the privacy laws applicable to them. If you are a Loved One, Loved One Data is collected from you by your connected Subscriber(s).
Subscriber’s Role. Subscribers retain sole control over Loved One Data and may be referred to as a “health information custodian”, a “covered entity” or a “controller” depending on their location and the privacy laws applicable to them.
Subscribers determine:
  • What Loved One Data to collect;
  • How the Subscriber will use the Loved One Data;
  • Who has access to Loved One Data;
  • How long the Subscriber will store Loved One Data; and
  • On what basis the Subscriber may delete Loved One Data.
Subscribers are responsible for complying with laws and regulations governing the use of Loved One Data, and for determining the legal basis for such use.
Grateful Estate’s Role. Grateful Estate is a service provider to Subscribers and may be referred to as an “agent”, “business associate” or “processor” of the Subscriber. Grateful Estate stores Loved One Data in its secure data centers and makes it available to Subscribers and their loved ones through our legacy management platform. Grateful estate otherwise has no control over Loved One Data. Grateful Estate will only access Loved One Data on the instructions of the Subscriber or its loved ones that are noted as administrators or, in rare cases, where needed in order to prevent or address technical problems or if required by law or court order.
Storage Location. Loved One Data is stored in the regional data centre for the location chosen by the database solution provider. The database solution provider currently has regional data centres in Canada, the United States, UK, and Australia, though this may change from time to time. Please note that we use US-based service providers for appointment reminders sent by email or SMS and, therefore, Loved One Data contained in appointment reminders will go through and may be stored temporarily in the United States. All our data centres and service providers maintain a high level of security and are compliant with applicable privacy laws.
Loved One Rights. Loved Ones have certain rights with respect to their Loved One Data, which may include knowing what information your Subscriber has about you, correcting any inaccurate Loved One Data, obtaining a record of your Loved One Data and, in certain circumstances, deleting or removing your Loved One Data.
Questions about Loved One Data. If you have any questions about your Loved One Data or wish to exercise any or your loved one rights, please contact your Subscriber. If your Subscriber has any questions about the management of Loved One Data in the Services, they may contact us and we will support them as needed to respond to your request. Please note that, in order to maintain strict security of your Loved One Data, we can only access Loved One Data upon instruction from the Subscriber.

Sharing Your Information

We do not sell or distribute personal information to third parties for their own commercial or marketing purposes. We will only share personal information we collect in the following circumstances:
Suppliers and Service Providers. In order to operate our business and provide the Services to our Subscribers and their users, we may need to share a limited amount of personal information, including Loved One Data, with our third-party suppliers and service providers. Before sharing personal information, we ensure that the third parties receiving the personal information have provided appropriate safeguards, and that privacy rights are protected and preserved. Some of the areas where we use third-party suppliers and service providers include:
  • Our data centers where all platform data is stored
  • Customer support services to help us collect feedback and manage our support services
  • Communication services to send out email and SMS notices or reminders
  • Payment processors
Corporate Transactions. We may share personal information in connection with negotiating or carrying out a financing or acquisition of our business, a merger or amalgamation with another business, or a sale of all or part of our company assets. Before sharing personal information, we will ensure that appropriate confidentiality and non-disclosure undertakings are in place. We will not share Loved One Data in these circumstances.
Compliance with Laws. We may disclose personal information to a third party if we are required to do so by applicable law, government request, court order or regulatory body. We may also be required to disclose personal information to enforce our legal rights, to enforce security requirements, or to respond to an emergency which we believe, in good faith, requires us to disclose personal information. In such instances, if permissible, we will make every reasonable effort to give you as much notice as possible regarding the disclosure of your personal information, what information was disclosed and why. We will not disclose Loved One Data unless legally required to do so.
Anonymized/Aggregated Data. Grateful Estate may use computer-generated algorithms to gather anonymous and aggregated information from our Subscribers and their Loved One Data in order to assist in our continued development and improvement of the Services, and for research, data analysis, benchmarking, statistics or trend analysis. We will ensure that none of the information we gather identifies, or could be used to identify, any user or loved one. Grateful Estate may share such anonymized information with Subscribers and others, for example, by providing insights into the most common legacy messages, most popular themes or benchmarking connection or relationship statistics against industry or regional norms.


We protect your personal information, including Loved One Data stored in our platform, by:
  • Using industry-standard security controls such as encryption and an SSL (Secured Sockets Layers) certificate to ensure information is transmitted over a secured connection between your browser and our web server.
  • Using state-of-the-art data centres with appropriate security and compliance certifications, such SOC 2 and EU-US Privacy Shield that are HIPAA compliant.
  • Having our personnel sign strict confidentiality agreements to ensure they understand the confidential nature of the data we process, and only accessing your account when you request assistance from us.
While we employ industry standard measures to protect your information, no electronic communication can ever be completely secure. You share responsibility for protection of your personal information by setting a strong password and by keeping your username and password confidential.

Storage Period

We retain personal information only for as long as necessary to achieve our stated purposes, or as required by applicable law. For example, Contact and Billing information is kept for as long as a Subscriber account is active and for a reasonable period after it has been deactivated in the event you or your Subscriber wish to re-activate the account. User account information may also be retained as necessary to comply with our legal obligations, resolve disputes or maintain our relationship with your Subscriber organization. Credit card information is never kept or stored by us.
If you are a loved one of one of our Subscribers, please contact your Subscriber(s) for information regarding the storage period for your Loved One Data.

International Transfers

Personal information may be transferred to and processed in Canada and the United States. Before transferring your personal information, we ensure that appropriate safeguards are in place and that your privacy rights are protected and preserved. Such safeguards may include the existence of an EU adequacy decision, certification and adherence to EU-US Privacy Shield and Swiss-US Privacy Shield Frameworks, the Standard Contractual Clauses approved by the European Commission, binding corporate rules, or other legal mechanisms to safeguard the personal information being transferred.
Information about the Privacy Shield Frameworks can be found at

Your Rights

Individuals have certain rights with respect to their personal information. These rights are set out below. If you are a loved one of one of our Subscribers, please contact your Subscriber(s) to exercise any of these rights with respect to your Loved One Data.
Correction and Deletion. We will make reasonable efforts to ensure that the personal information we collect from you is accurate and complete. You may update, correct or delete your account information at any time by logging into your user account and modifying your personal information, including your preferences to receive messages from us. You may also update, correct or delete your personal information by contacting us as noted below.
Withdrawing Consent. Where we have relied on your consent to use your personal information, you have the right to withdraw that consent at any time by contacting us as noted below. In addition, all our marketing email messages contain the ability to automatically “opt-out” or unsubscribe from our mailing lists and marketing messages.
Access and Portability. You have the right to request a record of the personal information that we have collected about you and to ask that the information be provided in a structured, used electronic format (where applicable and technically feasible). There may be some cases where we cannot provide you with certain information about you if it would mean disclosure of personal information of another person or other confidential information, or if it would compromise our security systems. If you require access to your personal information, please Contact Us. We will respond to you within thirty (30) days of receiving your request. We may charge a fee where permitted by applicable law.
Restriction and Objection. In certain limited circumstances, individuals in the EU may request that we restrict our use of their personal information and, where we rely on legitimate interests as the legal basis for using your personal information, you have the right to object to such use. In these cases, we can be required to no longer use your personal information; however, this may mean that certain components of our Services cannot be made available to you. If you wish to exercise your right to restrict or object, please Contact Us.
Complaints. You have the right to lodge a complaint with a supervisory authority (i.e., the independent public authority responsible for monitoring data protection laws in your country). You may also contact the Information and Privacy Commissioner of British Columbia (for British Columbia matters) ( ) or the Privacy Commissioner of Canada (for international matters and inter-provincial matters) ( ).

Contact Us

If you have any questions or concerns about our Privacy Policy and our privacy practices, please contact us at:
Grateful Estate Inc. 210 - 128 West Hastings Street
Vancouver, British Columbia, Canada
V6B 1G8
Attention: Privacy Officer
Tel: +1 (604) 338-8543
Updated: January 24, 2021

Details Matter

  • Terms of Service
  • Privacy Policy
  • Report Abuse
  • Service Level Agreement
  • Lifetime Commitment
Copyright © 2024 Grateful Estate Inc. ®
Where legacies live on.