Privacy Policy

Last updated: April 2026

1. Information We Collect

PolicyVera collects the following personal information to facilitate insurance quote requests between clients and licensed agents:

  • Full name
  • Date of birth
  • Last four digits of Social Security Number
  • Driver's license number and state
  • Mailing address
  • Phone number
  • Email address

2. How We Store Your Data

Your personal information is encrypted at rest and in transit. We use industry-standard security measures and host our infrastructure with service providers that maintain SOC 2 compliance, including Supabase, Vercel, and Amazon Web Services (AWS). Access to personally identifiable information (PII) is restricted to authorized personnel and systems.

3. Who Can See Your Data

Your identity information is shared only with insurance agents you explicitly choose to send quote requests to. Platform administrators may access data for support, compliance, and security purposes. We do not sell your personal information to third parties.

4. Data Retention and Deletion

We retain your data for as long as your account is active. You may request deletion of your account and all associated personal data at any time through your account settings. Deletion requests are processed within 30 days. Certain data may be retained as required by law or for legitimate business purposes (e.g., audit logs).

5. Cookies and Sessions

PolicyVera uses session cookies to keep you signed in. We use JSON Web Tokens (JWT) for authentication. Sessions expire after 4 hours of inactivity for security purposes. We do not use third-party tracking cookies.

6. Third-Party Service Providers & AI Data Processing

PolicyVera uses third-party service providers to operate the Platform. Your data may be processed by the following categories of providers in connection with the services we offer:

  • AI Processing (Anthropic): When you upload insurance documents, we use Anthropic's AI models to extract policy details such as coverage limits, deductibles, and premium amounts. Document content is sent to Anthropic's API for processing and is not retained by Anthropic after processing is complete. Extracted data is stored on our Platform.
  • Email (Resend): We use Resend to send transactional emails such as verification codes, notifications, and account alerts. Your email address and message content are processed by Resend to deliver these communications.
  • File Storage (Amazon Web Services): Uploaded documents and files are stored in Amazon S3 with encryption at rest. AWS processes and stores this data on our behalf under strict access controls.
  • Database (Supabase): Your account information and Platform data are stored in a Supabase-hosted PostgreSQL database with encryption at rest and in transit.
  • Hosting (Vercel): The Platform is hosted on Vercel, which processes web requests including IP addresses and session data in the course of serving the application.

We require all service providers to maintain appropriate security measures and to process your data only as necessary to provide their services to us. We do not sell your data to any third party.

7. California Consumer Privacy Act (CCPA)

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, and disclose
  • Request deletion of your personal information
  • Opt out of the sale of your personal information (we do not sell personal data)
  • Not be discriminated against for exercising your privacy rights

To exercise your CCPA rights, use the deletion feature in your account settings or contact us at the address below.

8. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us at: privacy@policyvera.com