Privacy Policy
Last updated: 6/1/2026
This Privacy Policy explains how Polis Software, Inc. ("Polis," "we," "us," or "our") collects, uses, discloses, and protects information in connection with our software platform and related services (the "Services"), available at getpolis.co.
Polis provides AI-assisted tools that help independent insurance agencies review policies, identify coverage gaps, and generate client-facing deliverables. Our direct customers are businesses (insurance agencies and brokerages). This Policy describes practices for both the individuals who use our Services on behalf of a customer ("Users") and the personal information contained in documents and records that customers submit to the Services.
1. Two Roles: Controller and Processor
Depending on the data, Polis acts in one of two roles:
- As a controller (or "business"), for account, contact, billing, and usage data we collect directly from Users to operate and improve our business relationship with our customers.
- As a processor (or "service provider"), for the insurance documents, client records, and other content that a customer uploads or connects to the Services ("Customer Data"). We process Customer Data only on the customer's instructions and to provide the Services. The customer — the insurance agency — is the controller of that data and is responsible for having a lawful basis to collect it and to engage us to process it.
Where we act as a processor, the customer's own privacy notice and our written agreement with the customer govern how that data may be used. If you are a client of an agency that uses Polis and have questions about your personal information, please contact that agency directly.
2. Information We Collect
Information you provide directly:
- Account and profile information (name, business email, job title, agency name, phone number).
- Billing and transaction information (processed by our payment processor; see Section 6).
- Communications with us (support requests, survey responses, feedback).
Customer Data you submit to the Services:
- Insurance policy documents, declarations pages, applications, endorsements, and quotes.
- Client and prospect records, which may include names, addresses, contact details, and nonpublic personal financial information such as coverage amounts, premiums, loss history, and other underwriting-related details.
- Any deliverables, notes, or outputs generated within the Services.
Information collected automatically:
- Usage and device data (log data, IP address, browser type, pages viewed, features used, timestamps).
- Cookies and similar technologies (see Section 8).
We do not intentionally collect Social Security numbers, government ID numbers, or full financial account numbers, and we ask that customers avoid submitting such data unless necessary for a supported use case.
3. How We Use Information
We use information to:
- Provide, maintain, secure, and support the Services.
- Process insurance documents and generate the analyses and deliverables customers request.
- Authenticate Users, manage accounts, and process billing.
- Communicate about the Services, including service updates and, where permitted, marketing (you can opt out of marketing at any time).
- Monitor and improve performance, reliability, and security, and to develop new features.
- Comply with legal obligations and enforce our agreements.
We do not sell personal information, and we do not share it for cross-context behavioral advertising.
4. Artificial Intelligence and Third-Party Model Providers
The Services use AI models to analyze documents and generate outputs. Some processing is performed by third-party AI providers acting as our sub-processors.
We do not use Customer Data to train, fine-tune, or improve our own AI models, and our AI sub-processors are contractually prohibited from using Customer Data to train or improve their models. AI providers process Customer Data solely to return outputs to us, under zero-retention / no-training terms.
Outputs generated by AI are probabilistic and may contain errors or omissions. Customers are responsible for reviewing all outputs before relying on them. See our Terms of Use for the full disclaimer.
5. How We Disclose Information
We disclose information only as follows:
- Service providers / sub-processors who help us operate the Services (cloud hosting, AI model providers, analytics, customer support, email, and payment processing), under contracts that limit their use of the information. A current list is available on request.
- At the customer's direction, including integrations the customer chooses to enable.
- Legal and safety reasons, to comply with law, respond to lawful requests, or protect the rights, property, or safety of Polis, our customers, or others.
- Business transfers, in connection with a merger, acquisition, financing, or sale of assets, subject to this Policy.
6. Payments
Payments are processed by Stripe (our payment processor), check or wire / ach. We do not store full payment card numbers; that information is handled by our payment processor under its own privacy terms and applicable card-industry standards.
7. Data Retention
We retain account and business records for as long as a customer maintains an account and as needed for legitimate business and legal purposes. We retain Customer Data in accordance with our agreement with the customer; upon termination, we will delete or return Customer Data on request.
8. Cookies and Analytics
We use cookies and similar technologies to keep you signed in, remember preferences, and understand how the Services are used. You can control cookies through your browser settings; disabling some cookies may affect functionality.
9. Security
We maintain administrative, technical, and physical safeguards designed to protect information, including encryption in transit and at rest, access controls, and authentication measures. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
10. Your Privacy Rights
Depending on your state of residence (for example, the California Consumer Privacy Act, and similar state laws), you may have rights to access, correct, delete, or obtain a copy of your personal information, and to opt out of certain processing. Because much of the data we handle is Customer Data for which an insurance agency is the controller, we will route many such requests to the relevant customer.
To exercise rights regarding information for which Polis is the controller, contact us at help@getpolis.co. We will verify your request as required by law and respond within the timeframes the applicable law requires. You may also have the right to appeal a decision and to lodge a complaint with your state attorney general.
11. Financial Data (GLBA)
Some information processed through the Services constitutes nonpublic personal information under the Gramm-Leach-Bliley Act (GLBA). Where Polis handles such information on behalf of a customer that is a financial institution, we do so as a service provider and will use and disclose it only as permitted by our agreement with that customer and applicable law.
12. International Users
The Services are operated in the United States and intended for U.S.-based businesses. If you access the Services from outside the United States, you consent to processing in the United States.
13. Children's Privacy
The Services are intended for business use by adults and are not directed to children under 16. We do not knowingly collect personal information from children.
14. Changes to This Policy
We may update this Policy from time to time. We will post the updated version with a new "Last updated" date and, for material changes, provide additional notice as required.
15. Contact Us
Polis Software, Inc. Email: help@getpolis.co