1. Who we are
The data controller for the Service is Project Freelance Limited (trading as Kinvoy), a company registered in England and Wales with company number 8845897, incorporated in 2014. Our registered office is at 48 Meadow Road, Barlaston, Stoke on Trent, Staffordshire, ST12 9EJ. All data protection enquiries should be directed to [email protected].
As data controller, we determine the purposes and means of processing your personal data. Where we engage third-party service providers to process data on our behalf, they act as data processors under written data processing agreements.
We are registered with the Information Commissioner's Office (ICO). Our ICO registration number is CSN1020962. You can verify our registration at ico.org.uk.
2. Data we collect
We collect personal data in two broad categories: data about you (the account holder and executor/next of kin) and data about the deceased person whose estate you are administering.
2.1 Account and identity data
When you create an account via Manus OAuth, we receive your name, email address, and a unique account identifier. We store your name and email to personalise the Service and send transactional emails. We also record your last sign-in timestamp and your account role (user or administrator).
2.2 Estate and deceased person data
To administer an estate, you provide information about the deceased person, which may include their full name, date of birth, date of death, National Insurance number, last known address, and any other details you choose to enter. You may also provide your own correspondence address as the executor or next of kin.
National Insurance numbers and dates of birth are classified as sensitive personal data. We store these in our database to enable pre-filling of official notification letters and to assist with estate administration tasks.
2.3 Documents and files
You may upload documents to the Kinvoy document vault, including death certificates, wills, grant of probate, financial statements, identity documents, and correspondence. These files are stored in encrypted cloud storage (Amazon S3, operated by Amazon Web Services). We store the file name, category, upload date, and a reference to the stored file. We do not read or analyse the contents of your documents except where you explicitly use the AI bill-scanning feature, which sends the document to our AI processing service for data extraction.
2.4 Usage and activity data
We log activity within the portal (such as task completions, document uploads, and collaborator invites) to provide you with an audit trail and activity feed. We also collect standard server logs including IP addresses, browser type, and pages visited for security and diagnostic purposes. These logs are retained for 30 days.
2.5 Billing data
Payments are processed by Stripe, Inc. We do not store your card number, CVV, or full card details. We store a Stripe customer identifier and subscription identifier to manage your billing relationship. Stripe's privacy policy is available at stripe.com/gb/privacy.
2.6 Collaborator data
If you invite a co-executor, solicitor, or family member to collaborate on an estate, we collect their email address and name (if provided) to send them an invitation. Their data is held only for the purpose of facilitating that invitation and, if accepted, managing their access to the estate workspace.
3. How we use your data
| Category | Examples | Lawful basis | Retention |
|---|---|---|---|
| Account management | Name, email, account ID | Contract performance | Duration of account + 30 days after deletion request |
| Estate administration | Deceased details, NI number, addresses | Contract performance | Duration of subscription + 30 days after cancellation |
| Document storage | Uploaded files, file metadata | Contract performance | Duration of subscription + 30 days after cancellation |
| Transactional emails | Welcome, trial reminders, billing confirmations | Contract performance | Email logs retained 90 days by Resend |
| AI assistance | Task context, uploaded bills (if using bill scan) | Consent (explicit use of feature) | Not stored; processed in real time only |
| Billing | Stripe customer ID, subscription ID | Contract performance / legal obligation | 7 years (financial records requirement) |
| Security & fraud prevention | IP address, server logs | Legitimate interests | 30 days |
| Collaborator invites | Invitee email, name | Legitimate interests of the inviting user | 30 days after invite expiry or acceptance |
4. Lawful basis for processing
Under the UK GDPR, we must have a lawful basis for each processing activity. Our primary bases are:
Contract performance (Article 6(1)(b))
The majority of our processing is necessary to provide the Service you have contracted with us for. This includes storing your estate data, sending transactional emails, and managing your subscription.
Legal obligation (Article 6(1)(c))
We retain billing records for seven years to comply with HMRC financial record-keeping requirements under the Companies Act 2006.
Legitimate interests (Article 6(1)(f))
We process server logs and security data to protect the integrity of our Service and our users' data. We have assessed that our legitimate interest in maintaining security is not overridden by your privacy rights, given the minimal intrusiveness of this processing and the significant security benefit.
Consent (Article 6(1)(a))
Where you explicitly use optional features such as AI bill scanning, which sends document content to our AI processing service, we rely on your consent given by actively using that feature. You may choose not to use this feature without affecting your access to the rest of the Service.
Special category data
National Insurance numbers may constitute special category data under Article 9 UK GDPR where they relate to a deceased person's health or social security information. Where this applies, our additional lawful basis is Article 9(2)(f) — processing necessary for the establishment, exercise, or defence of legal claims — as estate administration frequently involves legal proceedings and statutory obligations.
5. Third-party processors
We share your data with the following third-party processors, each of whom processes data only on our instructions and under a written data processing agreement:
| Category | Examples | Lawful basis | Retention |
|---|---|---|---|
| Manus AI (Manus Technology Ltd) | Authentication (OAuth), AI processing, file storage infrastructure | Data processing agreement | Per Manus privacy policy |
| Amazon Web Services (AWS) | Encrypted document and file storage (Amazon S3) | Data processing agreement | Duration of subscription + 30 days |
| Stripe, Inc. | Payment processing, subscription management | Data processing agreement | Per Stripe privacy policy (stripe.com/gb/privacy) |
| Resend, Inc. | Transactional email delivery | Data processing agreement | Email logs 90 days |
| TiDB Cloud (PingCAP) | Relational database hosting | Data processing agreement | Duration of subscription + 30 days |
We do not sell your personal data to third parties. We do not share your data with advertisers, marketing platforms, or data brokers.
6. International transfers
Some of our third-party processors operate outside the UK. Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place:
Amazon Web Services — we configure our S3 storage to use the EU (London) region (eu-west-2) by default, keeping document data within the UK. AWS is certified under the UK-US Data Bridge and the EU-US Data Privacy Framework.
Stripe — Stripe processes payment data in the United States and the EU. Stripe is certified under the UK-US Data Bridge. Their UK GDPR compliance documentation is available at stripe.com/gb/privacy.
Resend — Resend is a US-based company. Email delivery data is transferred under Standard Contractual Clauses (SCCs) approved by the ICO as an appropriate transfer mechanism.
7. How long we keep your data
We retain your personal data only for as long as necessary to provide the Service and meet our legal obligations. Our retention periods are as follows:
Active accounts
We retain all account data, estate data, and uploaded documents for the duration of your active subscription.
After cancellation or trial expiry
When your subscription ends, we retain your data for 30 days to allow you to export or download your documents before they are permanently deleted. We will send you an email reminder before deletion occurs. After 30 days, all estate data, documents, and personal information (other than billing records) are permanently deleted from our systems and from Amazon S3.
Billing records
We retain billing records (Stripe customer ID, subscription history, and invoice references) for seven years from the date of the transaction to comply with HMRC financial record-keeping requirements.
Server and security logs
Server access logs and security event logs are retained for 30 days.
Right to erasure
You may request deletion of your account and all associated personal data at any time by contacting [email protected]. We will action your request within 30 days. Note that we may retain certain data where we have a legal obligation to do so (e.g., billing records).
8. Security and data breach notification
Security measures
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or disclosure. These measures include TLS encryption in transit, JWT-signed session cookies with httpOnly and Secure flags, role-based access controls, rate limiting on all API endpoints, and regular internal security reviews.
Data breach notification (GDPR Article 33 & 34)
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office (ICO) without undue delay and, where feasible, within 72 hours of becoming aware of the breach, in accordance with Article 33 of the UK GDPR.
Where a breach is likely to result in a high risk to your rights and freedoms (for example, exposure of sensitive estate or identity data), we will also notify you directly without undue delay, in accordance with Article 34 of the UK GDPR. Our notification to you will describe the nature of the breach, the likely consequences, and the measures we have taken or propose to take to address it, including steps you can take to protect yourself.
We maintain an internal register of all personal data breaches, regardless of whether notification to the ICO or affected individuals is required. If you believe your data has been compromised, please contact us immediately at [email protected].
9. Your rights
Under the UK GDPR, you have the following rights in relation to your personal data. To exercise any of these rights, please contact us at [email protected]. We will respond within one calendar month.
Right of access
You may request a copy of all personal data we hold about you (a Subject Access Request).
Right to rectification
You may ask us to correct inaccurate or incomplete personal data.
Right to erasure
You may ask us to delete your personal data ("right to be forgotten"), subject to legal retention obligations.
Right to restriction
You may ask us to restrict processing of your data in certain circumstances.
Right to portability
You may request your data in a structured, machine-readable format where processing is based on consent or contract.
Right to object
You may object to processing based on legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds.
Rights re: automated decisions
We do not make automated decisions that produce legal or similarly significant effects about you.
Right to withdraw consent
Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
11. Children's data
The Kinvoy Service is intended for adults aged 18 and over. We do not knowingly collect personal data from children under the age of 13. If you believe a child has provided us with personal data, please contact us at [email protected] and we will delete it promptly.
Note that estate data may reference minor beneficiaries. Where you enter information about a minor beneficiary as part of estate administration, you are responsible for ensuring you have the appropriate authority to do so.
12. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will notify you by email (to the address associated with your account) and update the "Last updated" date at the top of this page. We will provide at least 14 days' notice before material changes take effect.
Your continued use of the Service after the effective date of any changes constitutes your acceptance of the updated policy. If you do not agree with the changes, you may close your account by contacting us at [email protected].
13. Contact us & complaints
If you have any questions about this Privacy Policy, wish to exercise your rights, or have a concern about how we handle your data, please contact our data protection lead:
Data Protection Contact
Email: [email protected]
Post: Project Freelance Limited (t/a Kinvoy), 48 Meadow Road, Barlaston, Stoke on Trent, Staffordshire, ST12 9EJ
Response time: We aim to respond to all data protection enquiries within 5 working days and to all formal rights requests within one calendar month.
Right to complain to the ICO
If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection:
Website: ico.org.uk/make-a-complaint
Telephone: 0303 123 1113
Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
© 2026 Project Freelance Limited (trading as Kinvoy). This Privacy Policy was last reviewed on 25 March 2026. Project Freelance Limited is registered in England and Wales, company number 8845897. Registered office: 48 Meadow Road, Barlaston, Stoke on Trent, Staffordshire, ST12 9EJ.