Wills Inc, Security

Wills Inc. Security Policy

At Wills Inc., we recognize that the security of your data is paramount. We are committed to protecting your personal information, financial details, and the heartfelt messages you entrust to us. This Security Policy outlines the comprehensive measures we take to safeguard your data, and also highlights your responsibilities in maintaining a secure environment within the Wills platform. This policy applies to all aspects of the Wills platform, including the Wills.com website, the Wills App, and any related services.

1. Our Commitment to Security

Wills Inc. is dedicated to maintaining the highest standards of security. We utilize a multi-faceted approach to data security, incorporating the latest technologies, proven processes, and best practices to protect your information from unauthorized access, use, disclosure, alteration, or destruction. Our security protocols are designed to be proactive, adaptable, and continually updated to address the ever-evolving landscape of online security threats.

2. Data Encryption

End-to-End Encryption: All user-generated content, including mementos, messages, documents, and personal information, is protected by end-to-end encryption. This means that your data is encoded and can only be deciphered by the designated recipients. Our team, including technical staff, cannot access or view your encrypted content.

Data in Transit: When data is transmitted between your device and our servers, we use secure protocols (HTTPS/TLS) to ensure that all data is encrypted during transit, protecting it from interception.

Data at Rest: All data stored on our servers is encrypted at rest, using industry-standard encryption algorithms. This protects your information even in the event of unauthorized access to our storage systems.

Key Management: We employ rigorous key management practices to ensure that encryption keys are securely stored, managed, and protected against unauthorized access.

3. Secure Storage

Secure Data Centers: Our servers are located in secure data centers that employ robust physical security measures, including restricted access, surveillance, and environmental controls.

Data Redundancy: We use data redundancy and backups to minimize the risk of data loss and ensure that your information is always available, and that you can access your data quickly in the event of any unforeseen circumstances.

Access Control: Strict access controls are in place to limit access to your data. Only authorized personnel are granted access to necessary system components, and their access is limited by the principle of least privilege.

Vulnerability Management: We regularly assess our systems for potential vulnerabilities, and we implement security patches and updates promptly to address any issues that are identified.

4. User Authentication and Access Control

Strong Passwords: We require users to create strong, unique passwords that are difficult to guess, and we encourage them to use a password management tool to protect their accounts.

Multi-Factor Authentication (MFA): We encourage users to enable multi-factor authentication (MFA) to add an extra layer of security to their accounts. MFA requires users to provide two or more pieces of evidence to verify their identity, making it much more difficult for unauthorized individuals to access your account, even if they have your password.

Account Lockouts: We implement account lockout policies to protect against brute-force attacks, which occur when someone tries to guess your password using repeated attempts.

Session Management: We use secure session management practices to prevent session hijacking and unauthorized access to user accounts.

Regular Account Reviews: We encourage users to regularly review their account activity and report any suspicious behavior to our support team.

5. Payment Security

Third-Party Payment Processors: We use reputable, third-party payment processors to handle all payment transactions. These processors adhere to the Payment Card Industry Data Security Standard (PCI DSS) requirements, which are designed to protect your payment information.

No Storage of Payment Details: We do not store your credit card details or other sensitive payment information on our servers. This greatly minimizes your risk, and ensures that your data cannot be stolen even in the event of a breach.

Secure Transaction Processing: All payment transactions are processed using secure, encrypted connections to protect your financial information during transmission.

6. Network Security

Firewalls and Intrusion Detection: We implement firewalls and intrusion detection systems to protect our network from unauthorized access and malicious attacks. These systems constantly monitor all network traffic, and will alert us of any suspicious activity.

Network Segmentation: We segment our network to isolate sensitive data, and prevent unauthorized access to various parts of our system, even if a breach occurs.

Regular Security Testing: We conduct regular security testing, including penetration testing, to evaluate the effectiveness of our security measures, and to address any potential vulnerabilities that may be identified.

7. Data Privacy and Compliance

Compliance with Applicable Laws: Wills Inc. is committed to complying with all applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant regulations.

Transparency: We are committed to transparency in our data collection, usage, and sharing practices, and will always clearly communicate our policies to all of our users.

Privacy by Design: We have implemented "privacy by design" principles throughout our platform, and ensure that we are always building in security from the outset of any new product or service.

Data Minimization: We only collect the minimum amount of personal information necessary to provide our services, and will never collect any unnecessary data.

Data Retention: We retain your data only for as long as it is necessary to fulfill your wishes and comply with legal requirements, and we will never retain your data for an extended amount of time, once it is no longer needed.

Data Breach Response: We have a detailed data breach response plan in place, which will be activated in the event of a data breach to minimize potential damage, notify affected users, and resolve the situation as quickly and efficiently as possible.

8. User Responsibilities

While Wills Inc. implements robust security measures to protect your data, it is also essential for users to take responsibility for their own account security:

Strong Passwords: Use strong, unique passwords for your Wills.com account, and for any associated email or social media accounts.

Multi-Factor Authentication: Enable multi-factor authentication (MFA) whenever possible to add an extra layer of security to your account.

Device Security: Keep your devices secure by using device lock features, enabling encryption when possible, and keeping your operating systems and applications up to date.

Account Monitoring: Regularly review your account activity for any suspicious or unauthorized access.

Reporting Suspicious Activity: Immediately report any suspicious activity or potential security breaches to our support team.

Phishing Awareness: Be aware of phishing attempts and avoid clicking on suspicious links or sharing your personal information with untrusted sources.

9. Ongoing Improvement and Review

We are committed to continuously improving our security practices and will regularly review and update this policy as necessary to stay ahead of evolving threats and ensure that we are always providing the best possible service to our users. We also engage with third party security professionals to review our policies, and to help us identify any potential gaps or weaknesses.

10. Contact Us

If you have any questions, concerns, or suggestions about our security policy or our security practices, please contact us at: info@wills.com

By using Wills.com, you acknowledge that you have read and understood this Security Policy, and that you agree to its terms. We are always working to improve our security practices, and to ensure that your data is always safe and protected. We appreciate your trust and cooperation in creating a secure environment for everyone who uses our platform.

This detailed security policy is designed to provide you with a comprehensive overview of our approach to data security and compliance. It emphasizes Wills Inc.'s commitment to protecting user data and maintaining a secure environment for all users of our platform. It also highlights the shared responsibility for security and encourages users to take proactive steps to protect their own accounts.

‍

‍