Privacy Policy

• Your uploaded insurance documents are not stored by PolicyPal.Dev. They are used only to generate your analysis and are removed from our storage once the analysis is complete.
• The AI-generated report (and the inputs you typed, such as your claim description) is kept in your account so you can re-open it later.
• We collect the minimum personal data needed to run your account and bill you, and we never sell your data.

PolicyPal.Dev (“we”, “us”) operates an AI-assisted tool that helps you understand your insurance policies and claims. The operator of PolicyPal.Dev is the data controller for the personal information processed through the service.

• Account information — your email address, and if you sign in with a social provider, the basic profile information that provider returns (such as your name).
• Uploaded documents — the insurance schedules, statements of fact, policy wordings, invoices and images you upload for an analysis. See section 3 for how these are handled.
• Analysis inputs and outputs — the notes, claim descriptions and AI-generated reports linked to your account.
• Billing information — payments are processed by Stripe. We receive a confirmation of payment and a reference but do not see or store your full card details.
• Technical data — basic logs (IP address, user-agent, timestamps) to operate the service securely and debug errors.

Insurance documents often contain sensitive information. PolicyPal.Dev is built so that the files you upload are used only to generate your analysis and then removed:

1. You upload the file directly to a private storage location that only your account can access.
2. Our server reads the file once to produce your AI report.
3. After the analysis completes, the uploaded file is removed from our storage. We do not keep a long-term copy of the source document, do not use it to train AI models, and do not share it with advertisers or data brokers.

The resulting AI report and the notes or claim description you typed are kept in your account so you can re-open them. You can delete a report — and the inputs attached to it — at any time from your dashboard, or by asking us to delete your account (see section 8).

We use your data to:

• create and authenticate your account;
• generate the analysis you paid for and show it back to you;
• process payments and provide receipts;
• keep the service secure, prevent abuse and debug errors;
• comply with our legal obligations.

We do not use your insurance documents or claim descriptions for advertising and we do not sell them.

To produce your report we send the contents of the documents and inputs you provided to a third-party AI inference provider via the AI gateway used by our hosting platform. The provider processes the content only to return the model output and is contractually prevented from using your content to train their general models. The document content is not retained by us after the analysis is complete (see section 3).

• Hosting, database, auth & file storage — the managed backend powering authentication, our database and the temporary storage used during an analysis.
• AI inference — the model provider that generates the report from your documents and inputs.
• Payments — Stripe, for processing pay-per-use charges.

These providers act on our behalf under appropriate contractual terms and are only given the data they need to perform their function.

• Uploaded files: removed from our storage after your analysis is generated.
• Analysis reports and inputs: kept in your account until you delete them or close your account.
• Account and billing records: kept while your account exists, and for any further period required to meet tax, accounting or other legal obligations.
• Operational logs: kept for a short period for security and debugging, then automatically purged.

Depending on where you live, you may have rights to access, correct, export or delete your personal data, to restrict or object to certain processing, and to lodge a complaint with your local data protection authority. To exercise any of these rights, contact the operator of PolicyPal.Dev via the contact channel listed on the site.

You can delete individual analyses from your dashboard. To delete your entire account and the associated data, contact us and we will action the request within a reasonable time.

We use industry-standard measures to protect your data, including encryption in transit, authentication-scoped storage access, and least-privilege backend access. No system is perfectly secure, so you should also keep your account credentials safe.

PolicyPal.Dev is not directed at children. You must be at least 18 years old to use the service.

Our service providers may process data in countries other than your own. Where required, we rely on appropriate safeguards (such as standard contractual clauses) to protect that data.

We may update this policy from time to time. The “Last updated” date at the top reflects the latest version. Material changes will be highlighted on the site or via email where appropriate.

For privacy questions or requests, contact the operator of PolicyPal.Dev via the contact channel listed on the site.