Privacy Policy
This Privacy Policy explains how QuoteVolution Inc. ("QuoteVolution," "we") collects, uses, and protects information in connection with the QuoteVolution platform (the "Service"). For business customers, our processing of Customer Data is also governed by our Data Processing Addendum ("DPA"); in case of conflict regarding Customer Data, the DPA controls.
1. Information We Collect
Information you provide:
- account information (name, email, job title, organization, password);
- billing information (processed by our payment processor; we do not store full card numbers);
- Customer Data (insurance quotes, carrier/broker information, client records, and documents you input); and
- communications you send us.
Information collected automatically:
- log data (IP address, browser, operating system, pages viewed, timestamps);
- device identifiers (including for trusted-device MFA); and
- usage data (feature usage, session duration).
2. How We Use Information
We use information to:
- provide, operate, secure, and improve the Service;
- authenticate users and manage session security;
- process transactions and billing;
- respond to support requests;
- send administrative, product, and security communications; and
- comply with legal obligations.
Artificial intelligence: We do not use Customer Data or nonpublic personal information ("NPI") to train or fine-tune AI foundation models. AI features are powered by models hosted within our Microsoft Azure environment (Azure AI Foundry / Azure OpenAI Service) for security and privacy; data Processed for AI features is not shared with model providers for their own purposes. We may use only aggregated, de-identified data that cannot reasonably be re-associated with any individual to operate and improve the Service.
3. Regulatory Framework (GLBA and State Law)
Because the Service handles insurance and financial information, we treat applicable U.S. laws as our governing framework, including the Gramm-Leach-Bliley Act (GLBA), state insurance data security laws based on the NAIC model, and applicable state privacy laws such as the California Consumer Privacy Act as amended (CCPA). Insurance NPI handled under GLBA is generally exempt from the CCPA and is handled under the GLBA framework. We act as a service provider to your agency and use NPI only to deliver the Service.
4. No Sale of Personal Data; Sharing
We do not sell or share your personal data. We may share information with:
- service providers and Sub-processors under data-protection contracts (Section 5);
- regulators or law enforcement when required by law; and
- a successor in a merger or asset sale, with notice to affected users.
5. Sub-processors
We engage the following Sub-processors, each bound by a data-protection contract:
| Category | Sub-processor / Purpose |
|---|---|
| Cloud infrastructure & AI | Microsoft Azure (Azure AI Foundry / Azure OpenAI Service / Azure Application Insights) — hosting, storage, compute, AI processing, and application performance monitoring within our environment. The specific model may change, including at a tenant's request, among models offered through Azure. |
| Payment processing | Stripe, Inc. (PCI-DSS Level 1 Service Provider) — billing and payment processing. Card data is tokenized and never stored on our systems. |
| Transactional email | Microsoft Azure Communication Services — invitations, MFA codes, notifications. |
A current Sub-processor list is available at legal@quotevolution.com.
6. Customer-Controlled Data
For Customer Data your organization submits, your agency determines how that data is used and we act as a service provider Processing it on your behalf and under your instructions, as described in the DPA. We do not use, retain, or disclose Customer Data for any purpose other than providing the Service.
7. Data Retention
We retain account and operational data while your subscription is active and for a reasonable period thereafter for legal, audit, and dispute-resolution purposes. Customer Data is retained for thirty (30) days following termination, after which it may be permanently deleted. Aggregated or de-identified data may be retained.
8. Security and Incident Notification
We maintain a Written Information Security Program with administrative, technical, and physical safeguards, including encryption in transit (TLS 1.2+) and at rest, role-based access controls, multi-factor authentication, vulnerability management, and audit logging. No safeguard is perfect. For business customers, we will notify the customer without undue delay and no later than seventy-two (72) hours after confirming any unauthorized acquisition of NPI from the Service, and will make any other notifications required by applicable law.
9. Data Location
We operate from the United States, and information is stored and Processed on U.S.-based infrastructure. The Service is intended for U.S.-based insurance agencies and is not directed to individuals or organizations outside the United States.
10. Your Rights
Depending on your state, you may have rights to access, correct, delete, or port your personal information, to opt out of any sale or sharing (we do not sell or share), and to non-discrimination for exercising these rights. Much of the data in the Service is Customer Data controlled by your agency; for such data we may direct you to the agency or act on its instructions. To exercise rights, contact legal@quotevolution.com. We respond within the timeframe required by law (generally 45 days) and may verify your identity first.
11. Marketing; Cookies; Children
You can opt out of marketing emails via the unsubscribe link; you cannot opt out of transactional and service communications. We use only strictly necessary, preference, and analytics cookies, and no third-party advertising or cross-site tracking cookies (see our Cookie Notice). The Service is for business professionals and is not directed to individuals under 18.
12. Changes; Contact
We may update this Policy and will revise the "Last Updated" date and provide notice of material changes. Contact: QuoteVolution Inc., 390 Northeast 191st St, STE 54976, Miami, FL 33179; legal@quotevolution.com.