Privacy Policy

Name: White Deer Legal
Address: 33A High Street, Heathfield, East Sussex, TN21 8HU
Telephone: 01435 692043

Personal Data

Your personal information is protected under law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This privacy policy explains how we protect and use personal information when delivering our services to you.

If you have any questions about how we use and protect your personal data, please contact us at info@whitedeerlegal.co.uk.

‍

How We Use Your Information

Scope of Our Services

We provide services to private individuals in connection with will writing, estate planning, and related matters. We do not typically collect or use personal data for business-to-business or corporate services. We collect personal information by phone, email, and in writing. We use your information:

To draft wills and related documents that reflect your instructions.
To retain electronic copies of data for legal records and internal use.
To store your will (where agreed) under the terms of our service.
To provide relevant information or updates, where consent is given.

Use of Artificial Intelligence (AI) Tools

We may use AI-assisted tools to support administrative and drafting tasks, such as proofreading, formatting, summarising notes, and generating first-draft wording for documents. We currently use tools such as Microsoft Copilot (within Microsoft 365) and OpenAI ChatGPT (business subscription).

How we protect your data when using AI tools:

We use business configurations intended for organisational use. Our providers state that, by default for business services, prompts and outputs are not used to train their general AI models.

For Microsoft 365 Copilot, prompts and responses are processed within the Microsoft365 service boundary and are handled in line with Microsoft 365 security, privacy, and compliance controls.

We apply data minimisation. Where feasible we redact or limit identifiers before using AI tools.

AI output is used only as a support tool and is reviewed and verified by a trained member of our team before anything is finalised or sent.

We do not use AI tools as the sole basis for legal or professional decision-making.

Where an AI tool involves processing or storage of data, this is managed under our supplier arrangements and technical settings, and we apply appropriate safeguards for any international transfers where relevant.

‍

Why We Collect and Store Personal Data

We collect and store your personal data:

To provide legal and will-writing services.
To manage correspondence and service delivery.
To meet legal and regulatory obligations.
To provide relevant information or updates, where consent is given.

We do not use your data for any other purpose without your explicit permission.

‍

Lawful Basis for Processing

Data Relating to Children

Where personal data about children is included (for example, as named beneficiaries or in guardianship clauses), we process that information solely based on the instructions of the adult client. It is treated with the same level of protection and confidentiality as all other personal data.

‍Clients: Data is processed on the basis of contractual necessity. ‍
Special category data (e.g., health or religious beliefs): Processed only with explicit consent.
‍Beneficiaries and relatives: Data is used under our legitimate interest to complete a client’s instructions. ‍
Marketing communications: Based solely on consent, which you can withdraw at any time.

Sharing Your Personal Data

Referral Partners and Probate Services

Where we refer clients to a trusted partner for specialist services such as probate, physical will storage, or document archiving, we may share limited personal information with that partner to initiate the service or ensure continuity of care.

These partners include, for example, Kings Court Trust, Zedra, and Auderli. All such partners are bound by contractual confidentiality obligations and process your data in accordance with UK GDPR. We may share data:

With third-party service providers acting on our behalf (e.g. digital tools, storage platforms).
Within the White Deer Legal Solutions Ltd group (trading as White Deer Legal).

All third parties:

Are bound by confidentiality and data protection agreements.
Only process your data on our instructions.
Must dispose of data responsibly once no longer required.

If data is transferred outside the UK (e.g., by secure backup providers or AI services), we use Standard Contractual Clauses (SCCs) or equivalent safeguards to ensure GDPR compliance.

No data is shared with external parties for marketing or commercial purposes.

‍

Data Retention

We retain personal data:

For as long as required to deliver services.
In accordance with legal and regulatory requirements.
As needed for legitimate business needs.

You may request data updates or deletion, subject to legal exceptions.

‍

Your Rights

You have the right to:

Request access to your personal data (Data Subject Access Request).
Request corrections, updates, or deletions.
Withdraw consent for communications.
Object to or restrict processing.
Request data portability to another service provider.

Requests must be submitted in writing with identification.

Acceptable ID includes: Passport, photo driving licence, or a utility bill dated within the last 3 months.

‍

Contact Details

Data Protection Owner

White Deer Legal Solutions Ltd (trading as White Deer Legal)

33A High Street, Heathfield, East Sussex, TN21 8HU

Email: info@whitedeerlegal.co.uk

‍

Complaints

If you are dissatisfied with our data handling, you may contact the UK’s Information Commissioner’s Office (ICO):

Website: https://ico.org.uk/concerns‍
Telephone: 0303 123 1113

Cookies

Our website uses cookies to:

Store preferences.
Support navigation and usage analytics.

Cookies do not identify you personally and can be managed through your browser. Visit AboutCookies.org for details.

‍

External Links

Our website may include links to other websites. We are not responsible for the privacy policies of external sites and encourage you to read their notices separately.

‍

Policy Updates

This privacy policy may be updated periodically. All updates will be posted on our website. Continued use of our services indicates your acceptance of the updated terms.

We conduct Data Protection Impact Assessments (DPIAs) when introducing new technology or processing activities, including the use of AI tools, to ensure your rights and freedoms are not adversely affected.

Last updated: 25 January 2026