Privacy Policy

Version 2026-04-27-v2 · Effective April 27, 2026

This Privacy Policy describes how Probate Helper, LLC ("Company", "we", "us", "our") collects, uses, discloses, retains, and protects information in connection with the Probate Helper, Estate Planning Helper, PreListingPro, and related services (collectively, the "Services"). It also describes the rights of U.S. residents under state privacy laws and how to exercise them. This Policy applies to our public marketing sites, the customer portal, and the data we process on behalf of our subscribers (law firms, attorneys, real estate professionals, and other businesses).

1. Roles: Who Controls the Data

We act as a business / controller with respect to information collected directly from our subscribers and website visitors (account, billing, usage, marketing data). With respect to lead and case data that subscribers upload, generate, or instruct us to compile for them, we act as a service provider / processor on behalf of the subscribing firm, which is the controller. If you are an end consumer (e.g., a surviving family member who received a postcard from a law firm using the Services), privacy requests about that outreach should generally be directed to the firm that contacted you; we will route requests to the appropriate firm and assist as required by law.

2. Information We Collect

2.1 Account, Billing, and Contact Information

• Firm name, contact name, business email, business phone, business mailing address, professional license details, website, and the identity of authorized users on the account.
• Billing identifiers: last four digits of payment card, card brand, expiration date, billing ZIP, and Stripe customer/subscription IDs. Full payment card numbers are collected and stored by our payment processor (Stripe) and are not retained on our systems.
• Authentication artifacts: hashed passwords, one-time codes, session tokens, and login IP/timestamps.

2.2 Usage Data and Device Data

• Pages visited, features used, leads viewed and accepted, postcards generated, mailings sent, search queries, configuration changes, API requests, error logs, browser type, device type, IP address, approximate geolocation derived from IP, and timestamps.
• Cookies and similar technologies: session cookies for authentication, preference cookies, and limited first- and third-party analytics (e.g., to measure traffic and detect abuse). We do not use third-party advertising cookies on the customer portal.

2.3 Lead Data (Public-Records and Licensed Sources)

On behalf of subscribers, we compile information about deceased individuals, their estates, surviving family members, real property, and probate court filings. Sources include:

• Public obituaries published on funeral-home websites, newspaper sites, and obituary aggregators;
• Probate court dockets, case indexes, and Register of Wills filings;
• State and local vital-records / medical-examiner portals;
• County recorder / Register of Deeds indexes (deeds, deeds of trust, releases, estate-related instruments);
• County and state property tax assessor and parcel datasets;
• Voter registration files in states that permit such use;
• Licensed third-party data providers (e.g., search-and-resolve APIs, address-verification, people-search where permitted by the applicable provider terms).

Lead data may include names, dates of birth and death, addresses, relationships among family members, real-property descriptions, assessed values, deed and mortgage history, and similar fields. We do not knowingly collect Social Security numbers, full driver's license numbers, financial-account numbers, biometric data, or precise geolocation as lead data.

2.4 Subscriber Content

Information uploaded or generated by subscribers in the course of using the Services — for example, intake responses from clients, engagement letters, attorney notes, postcard designs, custom templates, and case files. Subscriber Content is processed under the subscriber's instructions and the Terms of Service.

3. How We Use Information

• To provide, maintain, secure, and improve the Services;
• To compile and deliver lead lists, generate postcards and other outreach materials, and route them to print/mail vendors at subscriber direction;
• To process subscription payments, manage account renewals, and enforce usage limits;
• To communicate with subscribers about the Services (transactional emails, security notices, product updates) and, with consent where required, to send marketing communications;
• To provide customer support, troubleshoot incidents, and detect and prevent fraud, abuse, or unauthorized access;
• To produce de-identified or aggregated statistics about platform usage and lead-data quality (we do not re-identify de-identified data and contractually prohibit recipients from doing so);
• To comply with legal obligations and to enforce our agreements;
• To train internal models that improve lead-quality scoring, duplicate detection, address resolution, and similar non-public functions of the Services. We do not sell Subscriber Content or lead data to third parties, and we do not use Subscriber Content to train general-purpose or third-party AI models.

4. Disclosure of Information

We disclose information only as described below:

• To the subscribing firm that compiled or owns the data (in the case of lead data and Subscriber Content);
• To service providers / sub-processors we use to run the Services, under written contracts that limit their use of data to providing services to us. Categories include cloud hosting (Amazon Web Services), payment processing (Stripe), email delivery (Mailgun and similar), error monitoring, analytics, identity verification, address verification, print and mail production, telephony/SMS, and AI inference for extraction and summarization;
• To licensed data providers as required to fulfill a lookup you initiated (e.g., a people-search query for an address) and only with the data needed to perform the lookup;
• For legal and safety reasons, if we believe in good faith that disclosure is required by law, subpoena, court order, or other legal process, or is necessary to protect the rights, safety, or property of Company, our customers, or the public;
• In connection with a corporate transaction (e.g., a merger, acquisition, reorganization, financing, or sale of assets), subject to standard confidentiality protections and subsequent notice;
• With your consent or at your direction.

We do not sell personal information for monetary consideration and we do not engage in cross-context behavioral advertising on the customer portal. To the extent disclosures to analytics or similar service providers may be considered a "sale" or "sharing" under certain state laws (e.g., California), residents of those states may opt out as described in Section 9.

5. Cookies, Analytics, and Tracking Signals

We use strictly necessary cookies (authentication, security, load balancing) and limited functional/analytics cookies. We honor the Global Privacy Control (GPC) browser signal as a valid opt-out of sale/sharing where applicable state law requires. We do not respond to legacy "Do Not Track" headers because there is no finalized industry standard for them.

6. Data Security

We implement administrative, technical, and physical safeguards designed to protect information, including: TLS 1.2+ encryption in transit; AES-256 encryption at rest for sensitive PII fields; principle-of-least-privilege access controls with mandatory MFA for privileged access; tenant isolation at the application layer; regular dependency and configuration scanning; logging and audit trails; and incident-response procedures. Despite these safeguards, no system is impenetrable; we cannot guarantee absolute security and you use the Services at your own risk.

7. Data Breach Notification

We will notify affected subscribers and consumers of a security incident affecting their personal information without undue delay and in accordance with the breach-notification statutes of every U.S. state and territory whose residents are affected (all 50 states, the District of Columbia, Puerto Rico, the U.S. Virgin Islands, and Guam have such laws). Notification will include the categories of information involved, the approximate date and nature of the incident, the remedial steps we have taken, and guidance on protective steps recipients can take, in each case to the extent required by applicable law.

8. Data Retention

• Account information: retained for the life of the subscription plus up to seven (7) years for tax, audit, and legal-defense purposes.
• Billing and tax records: retained as required by applicable tax and accounting law (typically seven years).
• Usage and security logs: retained for up to twenty-four (24) months for fraud prevention and operational monitoring.
• Lead data: retained while it remains relevant to a subscriber's active outreach and for a reasonable period afterwards, then archived or deleted. Subscribers may request earlier deletion of specific records subject to legal-hold obligations.
• Subscriber Content: retained per the subscriber's instructions and the Terms of Service, with export tools available before account closure.

9. Your U.S. State Privacy Rights

Depending on your state of residence and the role we play with respect to your information, you may have the rights below. We provide these rights to all U.S. residents on a uniform basis, regardless of whether your state has a comprehensive privacy law in force.

• Right to know / access the categories and, where required, the specific pieces of personal information we have collected about you, the sources, the purposes of collection, and the categories of recipients;
• Right to correct inaccurate personal information;
• Right to delete personal information, subject to exceptions for completing a transaction, security, legal compliance, internal lawful uses compatible with the context of collection, and similar grounds;
• Right to a portable copy of personal information in a structured, machine-readable format, where applicable;
• Right to opt out of sale and sharing of personal information and of targeted/cross-context behavioral advertising (we do not sell personal information for monetary consideration);
• Right to limit the use of sensitive personal information (California);
• Right to opt out of profiling that produces legal or similarly significant effects (Colorado, Connecticut, Virginia, and similar);
• Right to appeal a denial of a privacy request (Virginia, Colorado, Connecticut, and similar);
• Right to non-discrimination for exercising any of the above rights.

State privacy laws that inform these rights include, but are not limited to: the California Consumer Privacy Act and California Privacy Rights Act (CCPA/CPRA); Virginia Consumer Data Protection Act (VCDPA); Colorado Privacy Act (CPA); Connecticut Data Privacy Act (CTDPA); Utah Consumer Privacy Act (UCPA); Texas Data Privacy and Security Act (TDPSA); Oregon Consumer Privacy Act (OCPA); Montana Consumer Data Privacy Act (MTCDPA); Delaware Personal Data Privacy Act; Iowa Consumer Data Protection Act; New Jersey Data Privacy Act; New Hampshire Data Privacy Act; Kentucky Consumer Data Protection Act; Indiana Consumer Data Protection Act; Tennessee Information Protection Act (TIPA); Minnesota Consumer Data Privacy Act; Maryland Online Data Privacy Act; Rhode Island Data Transparency and Privacy Protection Act; and any successor or analogous statute. Some rights, thresholds, and exemptions differ by state; we apply the most protective standard where practicable.

9.1 California-Specific Disclosures (CCPA/CPRA)

In the prior twelve (12) months, we have collected the categories of personal information described in Section 2 (identifiers, commercial information, internet/network activity, geolocation derived from IP, professional/employment information, and inferences). We use and disclose this information for the purposes described in Sections 3 and 4. We have not sold personal information for monetary consideration and have not knowingly sold or shared the personal information of consumers under 16. We do not offer financial incentives in exchange for personal information. California residents may also designate an authorized agent to make a request on their behalf, subject to verification.

9.2 Nevada

Nevada residents have the right under NRS 603A.340 to opt out of the sale of certain "covered information." We do not sell covered information; nonetheless, you may submit a request using the contact below.

10. How to Exercise Your Rights

Submit a request by emailing privacy@probatehelper.ai or by writing to Probate Helper, LLC, Attn: Privacy, at the mailing address on our website. We will acknowledge your request within ten (10) business days and respond within forty-five (45) days, with one extension where permitted. To protect your information, we will verify your identity before honoring requests — typically by matching information you provide against information in our records, or by confirming through your account login. If we deny a request, we will explain why and how to appeal.

If you received a postcard or other communication from a law firm that uses the Services and you wish to be removed from that firm's outreach list, please contact the firm directly using the address or contact information shown on the postcard. You may also email us and we will route a suppression request to the responsible firm.

11. Children's Information

The Services are intended for business users and are not directed to children under 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us at privacy@probatehelper.ai and we will delete it.

12. International Visitors

The Services are operated from the United States and intended for use by U.S.-based businesses and U.S.-resident consumers. If you access the Services from outside the United States, you consent to the transfer, processing, and storage of your information in the United States, which may have data-protection rules that differ from those of your country.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the new version with an updated version number and effective date. Material changes will be announced by email and via your account portal and will require re-acceptance before continued use of the Services.

14. Contact

Privacy questions or requests: privacy@probatehelper.ai
General support: support@probatehelper.ai
Mailing address: Probate Helper, LLC, Attn: Privacy — at the address listed on our website.

This Privacy Policy is provided for transparency and is not legal advice. Consumers and subscribers should consult their own counsel regarding their rights under the laws of their jurisdiction.