GDPR Policy

Last Updated: 26th June 2026

Introduction

Tracing Direct Limited is committed to protecting the privacy, confidentiality and security of personal information.

We recognise the importance of safeguarding personal data and are committed to processing personal information lawfully, fairly and transparently in accordance with:

  • The UK General Data Protection Regulation (UK GDPR)

  • The Data Protection Act 2018

  • Other applicable data protection legislation

This policy explains our approach to data protection and the measures we take to ensure personal information is handled responsibly.

About Us

Tracing Direct Limited
Cardiff, Wales, United Kingdom

Telephone: +44 (0)800 0431 793
Email: info@tracingdirect.co.uk
Website: www.tracingdirect.co.uk

For the purposes of UK data protection legislation, Tracing Direct Limited is the Data Controller in relation to the personal information processed through our website and services.

Our Commitment To Data Protection

Tracing Direct is committed to ensuring that personal information is:

  • Processed lawfully, fairly and transparently

  • Collected for specified and legitimate purposes

  • Limited to information that is necessary and relevant

  • Accurate and kept up to date where appropriate

  • Retained only for as long as necessary

  • Protected against unauthorised access, loss or misuse

  • Processed securely and confidentially

Information We May Process

Depending upon the nature of our services, we may process:

Identity Information

  • Full name

  • Date of birth

  • Previous names

  • Family relationship information

  • Identity verification information

Contact Information

  • Postal address

  • Email address

  • Telephone number

Probate & Beneficiary Information

  • Estate-related information

  • Beneficiary information

  • Family tree information

  • Inheritance entitlement information

  • Information provided by executors, solicitors or estate administrators

Website Information

  • IP address

  • Browser information

  • Device information

  • Website usage data

  • Cookie information

Why We Process Personal Information

We may process personal information for the following purposes:

  • Beneficiary tracing

  • Probate research

  • Family tree verification

  • International heir tracing

  • Missing beneficiary searches

  • Estate administration support

  • Responding to enquiries

  • Verifying correspondence

  • Identity verification

  • Fraud prevention

  • Compliance with legal obligations

  • Improving our website and services

Lawful Basis For Processing

Under UK GDPR, we process personal information where we have a lawful basis to do so.

Legitimate Interests

We process information where it is necessary to provide probate research, beneficiary tracing and related professional services.

Contractual Necessity

Where processing is required to provide services requested by you or fulfil our contractual obligations.

Legal Obligation

Where processing is necessary to comply with legal, regulatory or professional obligations.

Consent

Where consent is required, we will request it clearly and provide the ability to withdraw consent where appropriate.

Sources Of Information

As part of providing probate research and beneficiary tracing services, information may be obtained from:

  • Information provided directly by individuals

  • Executors and estate administrators

  • Solicitors and professional advisers

  • Public records

  • Government publications

  • Publicly accessible information sources

  • Historical records and archives

  • Lawfully obtained third-party information sources

Information will only be collected and processed where there is a lawful basis for doing so.

Sharing Information

We do not sell personal information.

Information may be shared where appropriate with:

  • Solicitors

  • Executors

  • Estate administrators

  • Local authorities

  • Professional advisers

  • Technology providers assisting us in delivering services

  • Regulatory authorities where legally required

Any sharing of information will be limited to what is reasonably necessary and lawful.

International Transfers

Certain technology providers or probate matters may involve the transfer of information outside the United Kingdom.

Where international transfers occur, Tracing Direct will take reasonable steps to ensure that appropriate safeguards are implemented in accordance with UK GDPR requirements.

Retention Of Information

We retain personal information only for as long as reasonably necessary to:

  • Provide our services

  • Meet legal obligations

  • Maintain business records

  • Resolve disputes

  • Protect legal rights and interests

Retention periods may vary depending on the nature of the matter and applicable legal requirements.

Information Security

Tracing Direct implements appropriate technical and organisational measures designed to protect personal information against:

  • Unauthorised access

  • Accidental loss

  • Destruction

  • Alteration

  • Disclosure

  • Misuse

Measures may include:

  • Secure systems and passwords

  • Access controls

  • Data encryption where appropriate

  • Secure document handling procedures

  • Staff confidentiality obligations

Whilst we take reasonable precautions, no method of electronic transmission or storage can be guaranteed to be completely secure.

Individual Rights Under UK GDPR

Under data protection legislation, individuals may have the right to:

Right To Be Informed

To understand how personal information is collected and used.

Right Of Access

To request access to personal information held about you.

Right To Rectification

To request correction of inaccurate information.

Right To Erasure

To request deletion of information in certain circumstances.

Right To Restrict Processing

To request limits on how information is processed.

Right To Object

To object to processing where applicable.

Right To Data Portability

To request transfer of personal information where applicable.

Rights Relating To Automated Decision-Making

To request human intervention where automated processing applies.

Requests relating to these rights should be submitted using the contact details below.

Data Breaches

Tracing Direct takes data security seriously.

In the unlikely event of a personal data breach, we will investigate promptly and, where required by law, notify the Information Commissioner's Office (ICO) and affected individuals.

Contacting Us

If you have any questions regarding this GDPR Policy or wish to exercise any of your data protection rights, please contact:

Tracing Direct Limited
Cardiff, Wales, United Kingdom

Telephone: +44 (0)800 0431 793
Email: info@tracingdirect.co.uk
Website: www.tracingdirect.co.uk

Complaints

If you are dissatisfied with how your personal information has been handled, please contact us first so that we can attempt to resolve your concerns.

You also have the right to complain to:

Information Commissioner's Office (ICO)
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Website: www.ico.org.uk
Telephone: 0303 123 1113

Changes To This Policy

Tracing Direct may amend this GDPR Policy from time to time to reflect changes in legislation, regulation or business practices.

Any updates will be published on this page and become effective immediately upon publication.