At Plan With Grace Limited (“we”, “us”, or “our”), we are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit funeralwithgrace.co.uk (“Website”), interact with us, or use our services. It also explains your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

When we refer to “we”, “us”, or “our” in this policy, we mean Plan With Grace Limited, acting as the Data Controller.

Our group operates under the following trading names:

• Funeral With Grace – sells and administers prepaid funeral plans

• With Grace – sells and administers prepaid funeral plans

• The Funeral Market – provides at-need cremation and funeral services and fulfils prepaid funeral plans

In all cases, Plan With Grace Limited is responsible for how your personal data is processed.

2. Our Services

We provide both at-need and prepaid funeral services:

At-Need Funeral Services

We assist individuals and families requiring immediate funeral arrangements following a bereavement. This involves managing funeral logistics sensitively and in line with your wishes.

Prepaid Funeral Plans

Our prepaid funeral plans allow individuals to plan and pay for funeral services in advance, offering reassurance and financial certainty while ensuring personal preferences are respected.

Due to the nature of our services, we handle personal and sometimes sensitive information with the highest level of care.

3. Independent Trust and Asset Management

Funds paid into prepaid funeral plans are held in a ring-fenced trust, overseen by independent trustees to ensure funds are used solely for funeral purposes.

The trust is managed by an independent investment management firm regulated by the Financial Conduct Authority (FCA). This structure is designed to protect your money and provide transparency and security.

4. Legal Basis for Processing Personal Data

We process personal data under one or more of the following lawful bases:

• Consent – where you have given clear permission (e.g. marketing, cookies)

• Contractual necessity – where processing is required to provide our services

• Legal obligation – where required by law or regulation

• Legitimate interests – where necessary for business operations, provided your rights are not overridden

5. Legitimate Interests

We may process data based on legitimate interests to:

• Improve our Website and services

• Prevent fraud and enhance security

• Communicate regarding services and enquiries

• Provide customer support

You have the right to object to processing based on legitimate interests.

6. Types of Personal Data We Collect

We may collect the following:

• Contact details: name, address, email, phone number, date of birth, next of kin

• Sensitive data (with consent): religion, ethnicity, medical or mental health details relevant to funeral arrangements

• Account details: usernames and passwords

• Payment details: card information and billing address

• Technical data: IP address, browser type, device information

• Usage data: how you interact with our Website

• Marketing preferences

7. IP Addresses

We collect IP addresses for:

• Website security

• Analytics and trend analysis

• Diagnosing technical issues

Targeted advertising using IP data will only occur where consent is provided.

8. Your Rights Under UK GDPR

You have the right to:

• Access your personal data

• Correct inaccurate data

• Request erasure (subject to legal limits)

• Restrict processing

• Request data portability

• Object to processing, including marketing

• Withdraw consent at any time

We respond to valid requests within one month, extendable by up to two months if complex.

Grounds for Declining Requests

We may refuse requests that are manifestly unfounded, excessive, legally restricted, or overridden by other obligations.

9. Data Security

We use appropriate technical and organisational measures including encryption, access controls, and secure servers. While no system is completely secure, we take all reasonable steps to protect your data.

10. Data Processing Location

Your data is processed within the UK and European Economic Area (EEA). We do not transfer data outside these regions unless legally permitted or with your explicit consent.

11. Data Retention

We retain data only as long as necessary:

• Account data: while services remain active

• Marketing data: until consent is withdrawn

• Financial records: as required by law

12. Data Sharing

We do not sell your data. We may share it with trusted parties including:

• Funeral directors

• IT and cloud service providers

• Payment processors

• Analytics providers (e.g. Google Analytics)

• Legal and regulatory bodies

• Marketing platforms (subject to consent)

All third parties must comply with data protection laws.

13. Direct Marketing

We may send marketing communications where permitted. You can opt out at any time by:

• Clicking the unsubscribe link in emails

• Contacting us directly

14. Identity Verification

To protect your privacy, we may verify your identity before responding to data requests.

15. Business Transfers

If our business is sold or restructured, personal data may be shared with potential purchasers under confidentiality obligations.

16. Complaints to the ICO

If you believe we have mishandled your data, you may complain to the Information Commissioner’s Office (ICO):

Website: https://ico.org.uk
Address: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Telephone: 0303 123 1113

17. Policy Updates

We may update this policy periodically. Any changes will be reflected by the “Last Updated” date.

18. Contact Us

For questions or data requests, contact us:

Plan With Grace Limited
Thomas House
84 Eccleston Square
Pimlico
London
SW1V 1PX

Email: support@funeralwithgrace.co.uk
Telephone: 0203 143 1412
Website: funeralwithgrace.co.uk

19. External Links

Our Website may contain links to third-party websites. We are not responsible for their privacy practices, and you should review their policies separately.