Privacy Policy
Last updated: April 3, 2026
PolicyProof ("we," "us," or "our") operates the policyproof.io website and the PolicyProof platform. This Privacy Policy explains how we collect, use, disclose, and protect your information when you visit our website or use our services.
The short version: We collect only what we need to provide our service. We don't sell your data. We use privacy-friendly analytics that don't track you across the web. Your data stays yours.
1. Information we collect
Information you provide
When you sign up for our waitlist, create an account, or use PolicyProof, we may collect:
- Contact information: name, email address, phone number
- Professional information: agency or company name, job title/role (e.g., agency owner, realtor, loan officer, mortgage broker, loan processor), state of operation
- Account information: profile photo, calendar link, digital business card link, notification preferences, time zone
- Referral data: client names, property addresses, closing dates, loan details, and other information entered into PolicyProof in the course of processing insurance referrals
- Documents: inspection reports, binder PDFs, declaration pages, and other files uploaded to the platform
- Communications: messages, notes, and feedback you send through the platform or to our support team
Information collected automatically
When you visit policyproof.io, we collect basic usage data through Plausible Analytics, a privacy-friendly analytics service. Plausible does not use cookies, does not track you across websites, and does not collect personal information. The data collected includes:
- Page views and referral sources
- Country of origin (derived from IP address, which is not stored)
- Browser and device type (generalized, not fingerprinted)
- Session duration
Plausible Analytics is compliant with GDPR, CCPA, and PECR. No personal data is collected or stored by our analytics. For more information, visit Plausible's data policy.
SMS consent data
If you opt in to receive SMS notifications, we record your consent including the timestamp, the method of opt-in (e.g., during account setup or via dashboard settings), and your phone number. This data is retained for compliance purposes and to honor your communication preferences.
2. How we use your information
We use the information we collect to:
- Provide, operate, and maintain the PolicyProof platform
- Process and manage insurance referrals between agencies and their referral partners
- Send transactional notifications (email and SMS) related to referral status, binder delivery, and account activity
- Send marketing communications related to the waitlist, product updates, and early access invitations (you can unsubscribe at any time)
- Deliver automated emails such as daily status digests and re-engagement messages
- Improve the platform based on aggregate usage patterns
- Respond to support requests and communications
- Comply with legal obligations
3. How we share your information
We do not sell, rent, or trade your personal information to third parties. We share information only in the following circumstances:
- Within the platform: Referral data is shared between the insurance agency and their referral partners as part of the core service. Partners see only the referrals they submitted. Agencies see all referrals within their account.
- Binder delivery: When an agency delivers a binder through PolicyProof, the loan officer's email address is used to send the binder PDF. This email is sent on behalf of the agency.
- Service providers: We use third-party services to operate PolicyProof, including hosting (Vercel), database (Supabase), email delivery (Resend), SMS delivery, payment processing (Stripe), analytics (Plausible), and form collection (OpnForm). These providers process data only as necessary to provide their services to us.
- Legal requirements: We may disclose information if required by law, subpoena, court order, or other legal process.
4. Data retention
We retain your account data for as long as your account is active or as needed to provide services. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law or for legitimate business purposes (such as maintaining records of completed insurance transactions).
Waitlist data (email address and survey responses) is retained until you unsubscribe or request deletion.
SMS consent records are retained for the duration of your account plus 5 years, as required for TCPA compliance.
5. Data security
We implement industry-standard security measures to protect your information, including:
- Encryption in transit (TLS/SSL) and at rest
- Row-level security policies ensuring tenant isolation (agencies cannot access each other's data)
- Authentication via secure magic links and session tokens
- Regular security reviews of our infrastructure and code
No system is 100% secure. If you become aware of a security vulnerability, please contact us immediately at [email protected].
6. Your rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you
- Correction: Request that we correct inaccurate or incomplete data
- Deletion: Request that we delete your personal data
- Portability: Request a copy of your data in a machine-readable format
- Opt-out: Unsubscribe from marketing emails at any time, or disable SMS notifications in your dashboard settings
To exercise any of these rights, contact us at [email protected].
7. SMS communications
PolicyProof sends SMS notifications for critical insurance milestones (referral submission, policy binding, binder delivery, and closing day check-ins). SMS is opt-in only — you will never receive text messages unless you explicitly enable SMS notifications in your account settings.
You can disable SMS notifications at any time from your dashboard. Standard message and data rates may apply. Message frequency varies based on your referral activity.
8. Cookies
PolicyProof does not use tracking cookies. Our analytics provider (Plausible) is cookie-free. Session authentication uses secure, HTTP-only tokens that are not used for tracking purposes.
9. Third-party links
Our platform may contain links to third-party websites (such as MortgageeClauses.com, InspectAmerica, or external inspection scheduling services). We are not responsible for the privacy practices of these third-party sites. We encourage you to review their privacy policies.
10. Children's privacy
PolicyProof is a business-to-business service and is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.
11. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Material changes will be communicated via email to active account holders.
12. Contact us
If you have questions about this Privacy Policy or how we handle your data, please contact us:
PolicyProof
Email: [email protected]
Website: policyproof.io