Quotify - Quotes Made Easy
Privacy Policy

Privacy Policy

Last Updated: April 9, 2026

1. Introduction

Quotify (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our insurance quoting platform and services.

2. Information We Collect

2.1 Personal Information

We collect information that you provide directly to us, including:

  • Name, email address, and phone number
  • Insurance license number and state licensing information
  • Business contact information
  • Payment information (processed securely through Stripe)
  • Client information you enter for quote generation, including demographic data such as date of birth, gender, and state of residence
  • Health and medical information entered for insurance underwriting purposes, including but not limited to health conditions, medications, tobacco use, height, weight, and responses to medical questionnaires

2.2 Automatically Collected Information

When you access our services, we automatically collect:

  • Device information (browser type, operating system)
  • Usage data (pages visited, features used, time spent)
  • IP address and location data
  • Session information, including login timestamps and concurrent session activity
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process your subscription payments through Stripe
  • Generate insurance quotes and send them to your clients
  • Communicate with you about your account and services
  • Send you technical notices, updates, and support messages
  • Respond to your comments, questions, and customer service requests
  • Monitor and analyze trends, usage, and activities
  • Detect, prevent, and address technical issues, fraudulent activity, and unauthorized account access

4. Payment Processing

We use Stripe, a third-party payment processor, to handle all payment transactions. We do not store your complete credit card information on our servers. Stripe's use of your personal information is governed by their Privacy Policy. Payment information is encrypted and transmitted securely using industry-standard SSL/TLS protocols.

5. Information Sharing and Disclosure

We may share your information in the following circumstances:

  • With Your Consent: We may share information with your explicit consent
  • Service Providers: We share information with third-party service providers who perform services on our behalf (e.g., Stripe for payments, Postmark for emails, Clerk for authentication, Supabase for data storage). Each service provider is contractually obligated to protect your information
  • Legal Requirements: We may disclose information if required by law or in response to valid legal requests
  • Business Transfers: In connection with any merger, sale of company assets, or acquisition

We do not sell, rent, or trade your personal information or nonpublic personal information (NPI) to non-affiliated third parties for their marketing purposes.

6. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data at rest using AES-256 encryption
  • Encryption of data in transit using TLS 1.2 or higher
  • Role-based access controls limiting data access to authorized personnel
  • Row-level security policies ensuring users can only access their own data
  • Session monitoring with concurrent session limits and suspicious activity detection
  • Audit logging of access to client data, including timestamps, IP addresses, and actions performed
  • Secure authentication via industry-standard JWT-based authentication with support for multi-factor authentication

However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain your personal information for as long as your account is active, plus a minimum of six (6) years following account closure, in accordance with applicable insurance recordkeeping requirements and the Gramm-Leach-Bliley Act (GLBA). Specifically:

  • Account Data: Retained for the duration of your subscription and for six (6) years following account closure
  • Client Records: Client data entered into the platform (including quote parameters and saved client records) is archived upon deletion and retained in accordance with this policy
  • Audit Logs: Access logs and activity records are retained for a minimum of six (6) years for compliance and security purposes
  • Payment Records: Transaction records are retained as required by applicable tax and financial regulations

When you cancel your subscription, we retain certain information as required by law or for legitimate business purposes, including regulatory compliance and audit purposes.

8. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your personal information, subject to our retention obligations under applicable law
  • Opt-Out: Opt-out of marketing communications
  • Data Portability: Request a copy of your data in a portable format

To exercise these rights, please contact us at [email protected]. We will respond to your request within thirty (30) days.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to track activity on our service and hold certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our service.

10. Third-Party Services

Our service integrates with third-party services that have their own privacy policies:

  • Stripe: Payment processing (stripe.com/privacy)
  • Clerk: Authentication services (clerk.com/privacy)
  • Supabase: Database and storage (supabase.com/privacy)
  • Postmark: Email delivery (postmarkapp.com/privacy-policy)

We require all third-party service providers to maintain appropriate security measures and to process personal information only as directed by us and in accordance with applicable law.

11. Gramm-Leach-Bliley Act (GLBA) Compliance

Quotify is designed to assist licensed insurance professionals in compliance with the Gramm-Leach-Bliley Act (GLBA). In accordance with GLBA requirements:

  • We implement administrative, technical, and physical safeguards to protect nonpublic personal information (NPI) as defined under GLBA
  • We do not sell, share, or disclose NPI to non-affiliated third parties except as permitted by law or as necessary to provide our services
  • We restrict access to NPI to authorized personnel and service providers with a legitimate business need
  • We regularly assess and update our security measures to address evolving threats

12. Data Breach Notification

In the event of a data breach affecting your personal information, we will notify affected users and relevant authorities in accordance with applicable state and federal breach notification laws. Notification will be provided without unreasonable delay and within timeframes required by applicable regulations. Notifications will include a description of the incident, the types of information involved, and steps you can take to protect yourself.

13. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us, and we will take steps to delete such information.

14. International Data Transfers

Your information may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ. By using our services, you consent to the transfer of your information to the United States and other countries.

15. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the “Last Updated” date. You are advised to review this Privacy Policy periodically for any changes. Changes are effective when posted on this page.

16. Contact Us

If you have any questions about this Privacy Policy, please contact us: