InsureBuddy

Privacy Policy

Effective Date: August 05, 2025

InsureBuddy ("we," "our," or "us") is developed by WhiteWolf Studios. This Privacy Policy explains how we collect, use, and protect your information when you use our service.

Quick Summary

  • What we collect: Your email, name, and insurance documents you upload
  • Why: To provide our insurance document management and AI analysis service
  • Who we share with: Google (for hosting and AI), and only when legally required
  • Your rights: Access, correct, delete, or download your data
  • Contact: support@whitewolfstudios.co.za for privacy questions

Information We Collect

Information You Provide

  • Account Information: Email address and name when you register
  • Documents: Insurance documents, policies, and related files you upload
  • Communications: Messages you send us and questions you ask our AI assistant

Sensitive Information in Insurance Documents:

Insurance documents may contain highly sensitive personal information including:

  • Financial information (coverage amounts, deductibles, premiums)
  • Health information (medical conditions, treatments)
  • Property details (addresses, valuations)
  • Personal identifiers (policy numbers, SSN, driver's license numbers)
  • Family information (beneficiaries, dependents)

We treat all insurance documents as containing sensitive personal information and apply enhanced security measures accordingly.

Information We Collect Automatically

  • Usage Data: How you use our service, pages visited, features used
  • Device Information: Browser type, operating system, IP address
  • Log Data: Access times, error logs, and technical information

How We Use Your Information

We use your information to:

  • Provide and maintain our service
  • Analyze your insurance documents using AI
  • Respond to your questions and provide support
  • Improve our service and develop new features
  • Comply with legal obligations
  • Protect against fraud and abuse

Legal Basis (for EU users):

  • Contract: To provide our service
  • Consent: When you give us permission
  • Legitimate Interest: To operate and improve our service

Information Sharing

We share your information only in these situations:

Service Providers

  • Google Services: We use Firebase for hosting and Google AI for document analysis
  • Other Providers: We may use other trusted service providers who help us operate our service

Legal Requirements

  • When required by law, court order, or government request
  • To protect our rights, property, or safety, or that of our users

Business Transfers

  • If we sell or transfer our business, your information may be transferred to the new owner

We do not sell your personal information to third parties.

Your Privacy Rights

All Users

  • Access: Request a copy of your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Receive your data in a portable format

EU Users (GDPR)

  • Restrict Processing: Limit how we use your information
  • Object: Object to certain uses of your information
  • Withdraw Consent: Withdraw consent where we rely on it
  • Complain: Lodge a complaint with your data protection authority

Automated Decision-Making:

Our AI document analysis constitutes automated processing. You have the right to:

  • Request human review of AI-generated insights
  • Object to automated processing
  • Receive explanations of automated decisions

California Users (CCPA/CPRA)

  • Know: Know what personal information we collect and how we use it
  • Delete: Request deletion of your personal information
  • Non-Discrimination: We won't discriminate against you for exercising your rights
  • Correct: Request correction of inaccurate personal information
  • Opt-out: Opt out of sale/sharing of personal information (we don't sell your data)
  • Limit Sensitive Data: Limit use of sensitive personal information

Categories of Personal Information We Collect:

  • Identifiers: Email address, name, IP address
  • Internet Activity: Usage data, device information, log data
  • Sensitive Personal Information: Insurance documents may contain health, financial, and other sensitive information

Sources of Information:

  • Directly from you (account registration, document uploads)
  • Automatically from your device (usage analytics, technical data)

Business/Commercial Purposes:

  • Service provision and account management
  • AI document analysis and insights generation
  • Customer support and communications
  • Service improvement and development
  • Legal compliance and security

Third Party Disclosures:

  • Google Services: For hosting, storage, and AI processing
  • Legal Requirements: When required by law or legal process
  • No Sale: We do not sell your personal information to third parties

Shine the Light: California residents may request information about our disclosure of personal information to third parties for direct marketing purposes.

To exercise these rights, contact us at support@whitewolfstudios.co.za

Data Retention

  • Account Data: Until you delete your account, then 30 days
  • Documents: Until you delete them or close your account
  • Usage Data: Up to 2 years for service improvement
  • Legal Requirements: We may keep data longer if required by law

Data Security

We protect your information using:

  • Encryption of data in transit and at rest
  • Secure hosting with Google Cloud Platform
  • Regular security updates and monitoring
  • Limited access to your data on a need-to-know basis

No security is perfect. While we work hard to protect your information, we cannot guarantee absolute security.

Security Disclaimer:

While we implement industry-standard security measures and follow best practices to protect your sensitive information, no system is 100% secure. Users acknowledge that storing sensitive information digitally carries inherent risks, including but not limited to unauthorized access, data breaches, system failures, and cyber attacks. By using our service, you understand and accept these risks. We strongly recommend that you maintain backup copies of important documents and do not rely solely on our service for critical insurance information storage. You use our service at your own risk, and we cannot be held liable for any damages resulting from security incidents beyond our reasonable control.

Data Breach Notification

In the unlikely event of a data breach affecting your personal information:

Our Response

  • Immediate Action: We will take immediate steps to contain and investigate the breach
  • Authority Notification: We will notify relevant authorities within 72 hours (as required by GDPR)
  • User Notification: We will notify affected users without undue delay, typically within 72 hours
  • Remediation: We will take steps to prevent similar breaches and offer assistance to affected users

What We'll Tell You

  • Nature of the breach and data involved
  • Likely consequences and our response
  • Steps you can take to protect yourself
  • Our contact information for questions

Your Rights After a Breach

  • Request detailed information about the breach
  • File complaints with data protection authorities
  • Seek compensation for damages (where applicable under law)

International Data Transfers

Your information may be stored and processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers.

Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect information from children under 13. If you believe a child has provided us with information, please contact us.

Cookies and Tracking

We use:

  • Essential cookies: Required for our service to work (login, security)
  • Analytics: To understand how our service is used (you can opt out)

You can control cookies through your browser settings.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through our service. Continued use after changes means you accept the updated policy.

Governing Law and Jurisdiction

This Privacy Policy is governed by the laws of South Africa. Any disputes arising from this policy or our data processing practices will be subject to the jurisdiction of South African courts, except where you have mandatory consumer protection rights in your jurisdiction that cannot be waived.

For users in the European Union, this does not affect your rights under GDPR or your ability to file complaints with your local data protection authority.

Contact Us

For privacy questions or to exercise your rights:

Email: support@whitewolfstudios.co.za

Company: WhiteWolf Studios

Last updated: 05 August 2025