InsureRecord

Privacy Notice

Last updated: June 24, 2026

1. Who we are

InsureRecord is operated as a sole proprietorship by InsureRecord (a sole proprietorship), doing business as InsureRecord. We act as the data controller for personal data described in this notice.

2. What we collect

  • Account data: email, name (optional), company (optional), password hash.
  • Call data you create: audio recordings, transcripts, AI summaries, client names you enter, recording metadata (duration, timestamps).
  • Usage data: log data, device identifiers, IP address, browser type — collected for security and service quality.
  • Support data: messages you send us.
  • Billing data: handled by our payment processor (Paddle); we receive only subscription status and a customer ID.

3. How we use your data

  • Provide the Service (account creation, recording, transcription, summarization, history).
  • Customer support.
  • Security, fraud prevention, abuse detection.
  • Product improvement (aggregated, never tied to individual call content).
  • Comply with legal obligations.

We do not use your call audio, transcripts, or summaries to train AI models.

4. Legal basis (for EEA/UK users)

  • Contract performance — to provide the Service you signed up for.
  • Legitimate interests — security, fraud prevention, product improvement.
  • Legal obligation — to comply with applicable law.
  • Consent — where required (e.g. some analytics cookies).

5. Who we share data with

We share personal data only with:

  • Paddle.com — our Merchant of Record, handles payments, billing, tax, invoicing, and subscription management.
  • Hosting and infrastructure providers — Cloudflare (edge/CDN), Supabase (database, auth, file storage).
  • AI providers — for transcription and summary generation. Audio and transcript text are sent securely for processing; providers are contractually prohibited from training on this data.
  • Professional advisers — legal, accounting (rare, only if needed).
  • Authorities — where required by law (lawful requests, court orders).

6. International data transfers

Some of our service providers are located outside your country. Where data leaves the EEA/UK, we rely on appropriate safeguards (such as Standard Contractual Clauses) to protect it.

7. Data retention

We keep your account data and call data for as long as your account is active. When you delete a recording, it is removed from our active systems within 30 days. When you delete your account, we delete or anonymize your data within 60 days, except where we are required to retain it (e.g. for tax or legal compliance — billing records may be kept for up to 7 years by our payment processor).

8. Security

We use appropriate technical and organizational measures to protect your data, including encryption in transit (TLS) and encryption of audio and transcripts at rest. Access to production systems is restricted and logged. No system is perfectly secure — please use a strong, unique password.

9. Your rights

Depending on your location, you may have the right to: access your data, correct it, delete it, restrict or object to processing, request portability, and withdraw consent. EEA/UK users may also lodge a complaint with their data protection authority. To exercise any of these rights, email privacy@insurerecord.com. We aim to respond within one month.

10. Cookies

We use essential cookies and similar technologies needed to keep you signed in and to remember preferences. We don't use third-party tracking or advertising cookies.

11. Contact

For privacy questions, email privacy@insurerecord.com.