Estate Kit

Privacy Policy

Last Updated: May 29, 2026

Estate Kit Inc. ("Estate Kit," "we," "us," or "our") values your privacy. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you visit our website, estatekit.com ("Site"), or use our services ("Services"). We are committed to handling your personal information responsibly and transparently, in accordance with Canadian privacy laws including the Personal Information Protection and Electronic Documents Act (“PIPEDA”) and substantially similar provincial legislation in Alberta and British Columbia.

Estate Kit's Services are not currently available to residents of Quebec. We will update this Privacy Policy when the Services become available in Quebec.

This Privacy Policy applies to the information we collect:

  • When you visit our Site at https://estatekit.com/;
  • When you subscribe to our waitlist, newsletter or other communications;
  • When you create an Estate Kit account, use and pay for Estate Kit Services; and
  • Through any interactions (e.g., email, telephone, text or other electronic messages) between you and our Site or with our employees.

Estate Kit has a designated Privacy Officer, who is accountable for privacy compliance across Canada (excluding Quebec). The Privacy Officer's contact information is provided in Section 10 of this Policy. You may contact the Privacy Officer at any time with questions about this Policy or to exercise your privacy rights.

1. Collection and Use of Personal Information

The personal information we collect depends on how you interact with us and how you use the Services. In all cases, we limit collection to what is reasonably necessary for the purposes identified below, consistent with PIPEDA's principle of limiting collection.

When you visit our Site

You can visit our Site without indicating who you are. However, we automatically collect technical information about your visit, including your IP address, device and browser information, pages visited, and referring URLs.

Why we collect this information and how we use it:

  • This information is collected on the basis of Estate Kit's legitimate interest in maintaining and improving the technical operation and security of the Site. We do not use this information to identify you as an individual except where required for security purposes.

When you subscribe to our communications

If you sign up for our waitlist, newsletter, or other communications, we collect your email address, first name, and country. You may also choose to provide your last name.

Why we collect this information and how we use it:

  • To send you the communications you've requested.
  • To tailor the content we send you based on your location and preferences.

You can unsubscribe from communications you have requested at any time. Withdrawing consent to marketing communications will not affect your ability to receive transactional or account-related communications.

When you create an account

To create an Estate Kit account, we collect the following information from you: your first name, last name, email address, and the information required to set up multi-factor authentication. You may choose to provide additional information as part of setup.

Why we collect this information and how we use it:

  • To create and secure your account.
  • To provide the Services and personalize your experience.
  • To communicate with you about your account and the Services.

When you use the Services

Estate Kit is designed to help you organize personal and estate planning information across many areas of your life. The information you enter may include personal identifiers, financial and account information, property and asset details, legal documents, health and medical information, family and relationship information, passwords, sensitive communications, and files you upload.

Some of the information you may choose to enter is personal information, and the sensitivity of that information may vary, including identification numbers, financial account details, passwords, and health information.

By entering this information, you expressly consent to Estate Kit's collection, use, storage, and sharing of this information in accordance with this Privacy Policy and the configurations you establish in the Services.

Why we collect this information and how we use it:

  • To provide you with comprehensive estate organization and planning tools.
  • To enable you to share specific information with the Proxy Users you designate, in accordance with your instructions.
  • To support Proxy Users and Status Verifiers in fulfilling the roles you have assigned to them.

When an Account Holder invites an individual to act as a Proxy User or Status Verifier on the Account Holder’s account, the invited individual has an opportunity to review the Terms of Use and Privacy Policy before accepting the invitation and creating an account.

Providing the information described in this Privacy Policy is optional. Not providing certain information may limit the usefulness of the Services. You may withdraw your consent to the collection or use of specific types of information at any time, subject to the limitations described in Section 4 of this Policy.

When you provide information about other people

The Services are designed to help you organize information about the people in your life, including family members, dependants, beneficiaries, Proxy Users, Status Verifiers, professional advisors, and others. You may choose to enter or upload personal information about these individuals as part of using the Services.

By providing us with personal information about another individual, you confirm that you are entitled to do so for the purposes described in this Privacy Policy and that, where required by law, you have obtained any necessary consent from that individual. We rely on this confirmation and will handle the information you provide in accordance with this Privacy Policy and your instructions.

When you designate Proxy Users or Status Verifiers

If you designate a Proxy User or a Status Verifier within the Services, we collect their name, email address, and phone number from you and confirm their information with them when they set up an account.

Why we collect this information and how we use it:

  • To administer the access and verification roles you have assigned.
  • To contact Proxy Users and Status Verifiers to notify them of their designation and the actions they can take within the Services.

When you pay us

When you pay for the Services or for any other product or offer made available through the Site, we use a third-party payment processor to handle the transaction. The payment processor collects your payment information directly to process the payment. Estate Kit does not store the full details of the payment method you use to pay us. Our payment processor is contractually required to protect your payment information and to use it only for the purpose of processing your transaction.

When you contact us

When you contact us by email, through the Site, or by other means, we collect the information you provide so we can respond to your request and any related follow-up.

2. How We Share Your Information

Sharing is a core function of Estate Kit

Estate Kit exists to help you organize your personal and estate planning information and to make that information available to the people you choose, at the times you choose. Putting the right information in front of the right people at the right time, scoped and controlled by you, is the job the Services are built for.

Estate Kit facilitates information sharing by enabling you to provide others with access to the information in your account in accordance with the configuration you establish through the Proxy User and Status Verifier designations you make in the Services. You control what personal information is shared, with whom, under what conditions, and for how long. Following a status change, certain Proxy User roles (such as the Executor role) may receive expanded access to account information, including billing, payment, and account management information, as described in our Terms of Use.

Service providers

We engage third-party service providers to support a wide range of functions, including hosting, data storage, authentication, payment processing, analytics, customer support, communications, compliance and risk management, security operations, fraud prevention, artificial intelligence, business operations, and other functions necessary to operate and improve the Services.

Our service providers are contractually required to: (a) maintain appropriate physical, organizational, and technical safeguards for personal information that are comparable to those we maintain; (b) use personal information only for the purposes for which we have engaged them; and (c) notify us promptly in the event of a privacy breach or security incident involving personal information in their custody or control.

Some of our service providers are located outside Canada, accordingly your personal information may be transferred to, and processed in countries other than the country in which it was collected, including the United States. When personal information is transferred outside Canada, it may become subject to the laws of those jurisdictions, including access by courts, law enforcement authorities, and regulators in those jurisdictions. We take steps to ensure that personal information transferred outside Canada receives a comparable level of protection, including through contractual safeguards with our service providers. By using our Services, you acknowledge and consent to the transfer of your personal information outside Canada for processing by our service providers.

Business transactions

Personal information may be used and disclosed in connection with a proposed or actual amalgamation, acquisition, financing, sale, assignment, or other transaction involving all or part of our business or assets, provided that the recipient agrees to handle such information in a manner consistent with this Privacy Policy. If such a transaction is completed and results in a change in the manner in which your personal information is used or disclosed, we will provide you with reasonable notice of the change.

Legal requirements and fraud prevention

We may disclose personal information in response to a warrant, court order or other valid legal request to comply with applicable law; to enforce our agreements; or to protect the rights, property, or safety of Estate Kit, our employees, our contractors, our users, or others, including sharing information with organizations for fraud prevention and credit risk reduction. Where permitted by law, we will take reasonable steps to notify you before disclosing your personal information in response to legal process.

3. Protection of Personal Information

Safeguarding your personal information

We maintain reasonable physical, organizational, and technical safeguards to secure personal information in a manner appropriate to its sensitivity. Our safeguards are designed to protect personal information in our custody or control from unauthorized access, use, disclosure, destruction, and disposal. It’s important to understand that no safeguard can offer absolute security.

Estate Kit safeguards include:

Physical safeguards

All endpoints monitored for policy compliance, with remote lock or wipe capability on all endpoints. We have clean-desk, screen-locking, and confidential conversation requirements for all remote working environments.

Organizational safeguards

All Estate Kit employees receive training to help them understand how to keep clients’ personal information private, confidential, and secure. We also require staff to sign confidentiality agreements confirming their responsibility to protect that information. When employees leave the organization, we remind them that these confidentiality obligations continue even after their employment ends.

In limited circumstances, Estate Kit personnel may require elevated access to systems or data (for example, to diagnose and resolve a technical issue affecting your account, respond to a security incident, investigate fraud, or comply with a valid legal request). Any such access is restricted to authorized personnel, is time-limited, requires documented justification, and is logged in access-controlled, tamper-evident audit records retained according to our security and compliance policies.

We ensure that Estate Kit employee access to personal information is limited to those who need it for a specific purpose, and employee access to the content you store through the Services is subject to additional controls.

Technical safeguards

Estate Kit implements technical safeguards designed to protect information throughout its lifecycle. Data is encrypted at rest using AES-256 encryption, with encryption keys managed through a Cloud Key Management Service. Sensitive personal information fields receive an additional layer of field-level encryption. Data in transit is protected using TLS 1.2 or higher, and TLS versions below 1.2 are prohibited across all services and integrations. We also apply a zero-trust architecture, under which access is not assumed based on network location and must be verified before being granted. Access to systems and information is managed through role-based access controls and is strictly limited in accordance with the principle of least privilege, so Estate Kit employees are only granted the access necessary to perform their authorized functions.

Retaining personal information

We retain personal information only for as long as reasonably necessary to provide the Services, to meet contractual, legal, tax, accounting, and regulatory obligations, or to otherwise meet legal requirements, to establish, exercise, or defend legal claims, and for the other purposes described in this Privacy Policy. Retention periods may vary by the category of personal information and the purposes for which it was collected.

When the purpose for the collection of personal information is fulfilled and the applicable retention period has expired, your personal information will be securely destroyed or de-identified in accordance with our information retention and disposal procedures. Where personal information cannot be immediately removed from backups or other retained records, it remains protected and is deleted or overwritten when the applicable retention period ends.

Your responsibilities

You play an important role in protecting your account:

  • Create a strong and unique password. Avoid reusing passwords that you use for other websites or services;
  • Keep your password private and do not share it with anyone;
  • Enable and maintain multi-factor authentication for your Estate Kit account and for any other accounts that support it. This is additional protection to prevent unauthorized access to your account;
  • Limit access to your devices and log out on shared devices;
  • Notify us promptly if you suspect unauthorized access to your account; and
  • Sign out of Estate Kit when you are finished using our services.

Breach notification

If a security incident affects your personal information and notification is required, we will notify you and the applicable regulator as required by law.

4. Your Choices and Rights

You have direct control over most of the personal information Estate Kit holds about you:

  • Manage your information in the Services. You can view, update, and delete most of your personal information and Content directly through your account.
  • Unsubscribe from marketing. You can unsubscribe from marketing communications at any time using the unsubscribe mechanism in any such communication. You will continue to receive transactional and account-related communications.
  • Close your account. You can close your account at any time. We will delete or de-identify your personal information in accordance with our retention practices and applicable law.
  • Deletion: Request deletion of your personal information, subject to any retention requirements that Estate Kit may have under applicable legislation.

You also have the following rights:

  • Access and review: Request access to the personal information we hold about you.
  • Correction: Request that we correct any inaccurate or incomplete information that you cannot update directly through the Services.
  • Withdraw consent: Withdraw your consent to specific uses of your personal information. Withdrawing consent for the uses necessary to provide the Services may require closing your account.

Many of these choices and rights can be exercised directly through your account settings on the Site. For additional information, or to exercise a choice or right that is not available through your account options on the Site, please contact our Privacy Officer at privacy@estatekit.com or via the Contact Us page on the Site. We may need to verify your identity before responding, and we will respond within 30 days of receiving your request. If your request is unusually complex, Estate Kit may extend the response period by a further 30 days, provided you are informed of the extension and the reasons for it within the initial 30-day period.

If you are not satisfied with our response, you have the right to complain to the applicable privacy regulator for your jurisdiction. For federal and most provincial matters (excluding Alberta and British Columbia), this is the Office of the Privacy Commissioner of Canada (www.priv.gc.ca). For Alberta, this is the Office of the Information and Privacy Commissioner of Alberta (www.oipc.ab.ca). For British Columbia, this is the Office of the Information and Privacy Commissioner for British Columbia (www.oipc.bc.ca).

5. Communications

We may use your information to send you:

  • Transactional communications: Related to your account, the Services, or your transactions with us.
  • Marketing communications: Tailored updates, tips, content, and offers, where you have consented to receive them.

Your choices

  • You can unsubscribe from marketing communications at any time using the unsubscribe mechanism in the communication.
  • You will continue to receive transactional and account-related communications even if you unsubscribe from marketing communications.

Our marketing communications comply with Canada's Anti-Spam Legislation (CASL). We will not send you commercial electronic messages without your express or implied consent under CASL.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to operate and secure the Site, to remember your preferences, and, where you have consented, for analytics and advertising. You can manage your cookie preferences using the cookie consent tool on the Site or through your browser settings. Disabling certain cookies may affect the functionality of the Site.

7. Artificial Intelligence

We are committed to the responsible use of artificial intelligence (AI) across our operations, including internal processes, customer experiences, and research. Any introduction of AI into the Site, Services or into the direct processing of personal information would be subject to an internal review before implementation. Where AI tools process personal information, we apply security and privacy controls consistent with this Privacy Policy.

8. Children and Other Individuals

Estate Kit is not intended for use by individuals under the age of majority in their province or territory of residence, whether as Account Holders, Proxy Users, or Status Verifiers. We do not knowingly allow individuals under the age of majority in their province or territory of residence to create an account or access the Services in any role.

Estate Kit's Services are designed to help Account Holders document information about their family and dependants, which may include information about individuals under the age of majority (for example, children as dependants or beneficiaries, or minors for whom the Account Holder is responsible). Where the Account Holder provides us with personal information about a minor, the Account Holder confirms that they have the legal authority to do so (for example, as a parent, guardian, or person with legal responsibility for the minor). We rely on this confirmation and will handle the information you provide in accordance with this Privacy Policy, your instructions, and in a manner consistent with the heightened sensitivity of such information.

9. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons. If we make material changes to this Privacy Policy, we will notify you by email, by in-app notification, or through a notice on the Site. The "Last Updated" date indicates when this Privacy Policy was last revised. We encourage you to review this Privacy Policy periodically.

10. Contact Us

For questions about this Privacy Policy or our privacy practices, or to exercise your rights, please contact our Privacy Officer at privacy@estatekit.com.