Privacy Policy — Digital Memorial Services
Legal

Privacy Policy

Last updated: 1 January 2025  ·  Digital Memorial Services (AI Digi Hubs)

This Privacy Policy explains how Digital Memorial Services, operated by AI Digi Hubs ("we", "us", "our"), collects, uses, stores and protects your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR). We take your privacy seriously and are committed to handling your data with care, transparency and respect.

1. Who We Are

Digital Memorial Services is operated by AI Digi Hubs, a UK-based digital services business. We provide bespoke digital memorial websites and printed Legacy Books to families and funeral industry partners.

Data Controller: AI Digi Hubs — Digital Memorial Services

Website: digitalmemorialservices.co.uk

Contact: [email protected]

Country: United Kingdom

2. What Personal Data We Collect

2.1 When You Purchase a Service

  • Full name and email address
  • Billing address
  • Payment information (processed by Stripe or PayPal — we never store card details)
  • Phone number (if provided)
  • Package selected and order reference

2.2 When You Submit Memorial Information

  • Name, dates of birth and passing of the deceased
  • Photographs and images you upload
  • Written tribute, life story, and personal notes
  • Your relationship to the deceased

2.3 When Visitors Leave Messages on a Memorial Wall

  • Full name
  • Email address (optional — used only for anniversary remembrance emails)
  • Relationship to the deceased
  • Written message and any uploaded photograph
  • Consent confirmation

2.4 Technical and Usage Data

  • IP address and browser type
  • Pages visited and time on site
  • Device type and operating system
  • Referring URL

3. How We Use Your Data

3.1 Service Delivery — Contractual Necessity (Article 6(1)(b) UK GDPR)

  • To build, publish and maintain your memorial website
  • To produce and deliver your Legacy Book
  • To process payments and send order confirmations
  • To communicate with you about your order

3.2 Legitimate Interests (Article 6(1)(f) UK GDPR)

  • To send service-related emails about memorial or book status
  • To send the anniversary remembrance email sequence to message contributors who provided an email address
  • To moderate messages before they appear on the memorial wall
  • To prevent fraud and protect the security of our services

3.3 Consent (Article 6(1)(a) UK GDPR)

  • To publish visitor messages and photos on the memorial wall (explicit consent collected at point of submission)
  • To send marketing communications (only where you have opted in)

3.4 Legal Compliance (Article 6(1)(c) UK GDPR)

  • To comply with financial, tax and legal obligations
  • To respond to lawful requests from regulatory authorities

4. Special Category Data

Memorial content may incidentally contain special category data as defined under Article 9 UK GDPR — including health information or religious beliefs shared in tributes and messages. We process this data solely to create and display the memorial, on the basis of explicit consent given by the person submitting the content. We do not use this data for any other purpose.

5. Data About Deceased Persons

UK GDPR does not apply to data relating to deceased individuals. However, we treat all information about the deceased with the highest level of care and discretion. We do not share, sell or use this information for any purpose other than the memorial service you purchased.

6. How We Share Your Data

We do not sell, rent or trade your personal data. We share it only with trusted third parties who process it on our behalf under contractual agreements:

  • GoHighLevel (GHL) — CRM, hosting, automation and email delivery
  • Stripe — Payment processing (PCI DSS Level 1 certified)
  • PayPal — Payment processing
  • Google Workspace / Google Sheets — Data storage and administration
  • Print partners (Mixam, IngramSpark or similar) — Legacy Book production only. Only the print-ready PDF and delivery address are shared.

We may disclose data where required by law, court order, or to protect the rights and safety of our business or users.

7. International Data Transfers

Some service providers may process data outside the UK or EEA. Where this occurs, we ensure appropriate safeguards are in place — including Standard Contractual Clauses (SCCs) or adequacy decisions — in accordance with UK GDPR Chapter V.

8. Data Retention

  • Memorial website data — Retained for the duration of your hosting package. You will be contacted before expiry.
  • Order and payment records — Retained for 7 years (HMRC requirement)
  • Memorial wall messages — Retained for the duration of the hosting period
  • Marketing consent records — Retained until consent is withdrawn
  • Technical/log data — Retained for up to 12 months

9. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right of Access — Request a copy of data we hold about you
  • Right to Rectification — Ask us to correct inaccurate or incomplete data
  • Right to Erasure — Ask us to delete your data where there is no lawful basis for continued processing
  • Right to Restrict Processing — Ask us to pause processing in certain circumstances
  • Right to Data Portability — Request your data in a structured, machine-readable format
  • Right to Object — Object to processing based on legitimate interests, including direct marketing
  • Right to Withdraw Consent — Where processing is based on consent, withdraw it at any time

To exercise any right, contact us at [email protected]. We will respond within one calendar month. We may verify your identity before processing your request.

10. Cookies

Our website uses strictly necessary cookies (required for function), analytics cookies (used with consent to understand site usage), and marketing cookies (used with consent to track advertising conversions). You can manage cookie preferences via our cookie settings or your browser settings at any time.

11. Memorial Wall Content

When visitors submit messages, they confirm they have the right to share any personal information contained in their message. All messages are moderated before publication. Visitors may request removal of their message or personal data by contacting us in writing.

12. Children's Privacy

Our services are not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe a child has submitted data to us, please contact us immediately and we will delete it.

13. Data Security

We implement appropriate technical and organisational measures to protect your data, including SSL/TLS encryption, access controls, and secure third-party infrastructure. In the event of a personal data breach posing risk to your rights and freedoms, we will notify the ICO within 72 hours and inform affected individuals without undue delay, per UK GDPR Articles 33–34.

14. Right to Complain

If you are unhappy with how we have handled your data, you may lodge a complaint with:

Information Commissioner's Office (ICO)

Website: ico.org.uk  ·  Helpline: 0303 123 1113

Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

We would welcome the opportunity to address your concerns directly first. Please contact us at [email protected].

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page. Continued use of our services after changes are posted constitutes acceptance of the updated policy.

16. Contact

Data Controller: AI Digi Hubs — Digital Memorial Services

Privacy: [email protected]

General: