Insurly

Privacy Policy

Insurly, LLC values your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your information when you visit insurly.io or use any Insurly mobile or web application.

Last updated: June 23, 2026

Table of Contents

Contact Information

233 S Wacker Dr, Chicago, IL 60606
privacy@insurly.io

Information We Collect

CategoryExamplesSource
Account InfoName, username, email, password hash, Google OAuth IDYou
Profile DetailsAge, sex, locationYou
Insurance DocsUploaded EOBs, policies, claimsYou
Payment InfoHandled by StripeYou / Stripe
AnalyticsIP address, location, session dataGoogle Analytics
Device DataBrowser, OS, screen resolution, errorsAutomatic
AI InteractionsInputs and feedback provided to AIYou / AI Providers

How We Use Your Information

We use your data to:

  • Provide and maintain the Service
  • Analyze insurance documents with AI
  • Authenticate users (email or Google)
  • Process payments via Stripe
  • Communicate with you
  • Meet legal and regulatory obligations (HIPAA, GDPR, CCPA, etc.)

We do not sell your data.

Sensitive Information & HIPAA

If you upload Explanation of Benefits (EOBs), claims, or other medical data, we may process Protected Health Information (PHI). We comply with HIPAA and implement safeguards including:

  • Role-based access
  • AES-256 encryption
  • Limited PHI access
  • Business Associate Agreements (BAAs) with vendors when needed

Social Logins

You may sign in using Google OAuth. If you do, we receive:

  • Your name and email
  • Profile picture (if available)

We only use this data for authentication and user management.

AI Use Disclosure

Insurly offers AI-powered tools, including:

  • Claim estimators
  • Appeal generators
  • Policy analyzers

These are powered by trusted AI providers (e.g., OpenAI) under data protection agreements. By using these features, you consent to your inputs being processed accordingly.

Note: AI outputs are informational only and do not constitute legal, medical, or financial advice.

User Rights (GDPR, CCPA, etc.)

Depending on your location, you may have the right to:

Access your data
Correct inaccuracies
Request deletion
Withdraw consent
Object to processing
Export your data (portability)

To exercise your rights, visit https://www.insurly.io/data-request or email us.

Data Retention & Deletion

  • Your data is retained only while your account is active
  • We delete all personal data 90 days after account deactivation
  • Encrypted backups are purged within an additional 30 days
  • You may request earlier deletion at any time

Cookies & Analytics

We use cookies to:

  • Keep you signed in
  • Measure performance with Google Analytics
  • Track usage trends and user behavior

You can disable cookies in your browser. For more info: Google Privacy & Terms

Do Not Track & GPC

We do not currently respond to "Do Not Track" (DNT) browser signals.

We do honor Global Privacy Control (GPC) signals where required by law.

Security

We protect your data with:

  • TLS 1.2+ encryption in transit
  • AES-256 encryption at rest
  • Role-based access controls
  • Regular security reviews and threat modeling
  • Mandatory 2FA for staff access

Still, no method is 100% secure. Use the Service at your own risk.

International Transfers

If you use the Service outside the U.S., your data may be transferred to our U.S. servers. We use safeguards such as Standard Contractual Clauses (SCCs) to protect international data flows.

Children's Privacy

We do not knowingly collect personal information from anyone under 18 years old. If you believe we've done so, contact us and we will delete the data.

Third-Party Services

We rely on:

We do not sell or share your data with advertisers.

Changes to This Policy

We may update this Privacy Policy from time to time. We'll notify users of significant changes via email or an in-app alert.

Contact Us

Insurly, LLC

233 S Wacker Dr.
Chicago, IL 60606
privacy@insurly.io

Need help with your data? Visit https://www.insurly.io/data-request