Privacy Policy

Last updated: November 5, 2025

1. Introduction

Umbra360 ("we," "our," or "us") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our insurance management platform and services.

2. Information We Collect

2.1 Information You Provide

  • Account registration information (name, email, phone number)
  • Professional information (agency name, license numbers, business address)
  • Insurance policy and certificate data
  • Payment and billing information
  • Communication preferences and support inquiries

2.2 Information Automatically Collected

  • Device information (IP address, browser type, operating system)
  • Usage data (pages visited, features used, time spent)
  • Cookies and similar tracking technologies
  • Log files and system activity

3. How We Use Your Information

We use your information for the following purposes:

  • Provide and maintain our insurance management services
  • Process transactions and manage your account
  • Communicate with you about your account and our services
  • Improve our platform and develop new features
  • Ensure platform security and prevent fraud
  • Comply with legal obligations and regulatory requirements
  • Send marketing communications (with your consent)

4. Information Sharing and Disclosure

We may share your information in the following circumstances:

  • With Insurance Carriers: To facilitate policy management and claims processing
  • With Service Providers: Third-party vendors who help us operate our platform
  • For Legal Compliance: When required by law or to protect our rights
  • Business Transfers: In connection with mergers, acquisitions, or asset sales
  • With Your Consent: When you explicitly agree to share information

We do not sell your personal information to third parties for marketing purposes.

5. Data Security

We implement industry-standard security measures to protect your information, including:

  • End-to-end encryption for data transmission
  • Secure data storage with access controls
  • Regular security audits and vulnerability assessments
  • Employee training on data protection best practices
  • SOC 2 Type II compliance

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements. Insurance-related data may be retained for extended periods as required by industry regulations.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request a copy of your personal information
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal information
  • Portability: Receive your data in a portable format
  • Opt-out: Decline marketing communications
  • Restriction: Limit how we process your information

8. Cookies and Tracking

We use cookies and similar technologies to enhance your experience on our platform. You can control cookie preferences through your browser settings, though some features may not function properly if cookies are disabled.

9. Third-Party Links

Our platform may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies before providing any information.

10. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately.

11. International Data Transfers

Your information may be processed and stored in countries other than your own. We ensure appropriate safeguards are in place to protect your information during international transfers.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date.

13. Contact Information

If you have questions about this Privacy Policy or our data practices, please contact us

14. State-Specific Privacy Rights

California Residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to delete personal information, and the right to opt-out of the sale of personal information.

European Residents (GDPR)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR), including the right to lodge a complaint with a supervisory authority.