Privacy Policy

Last updated on: December 2, 2025

Privacy Policy

1. Introduction

Welcome to the Privacy Policy of ClaimsFlow ("Our Company," "we," "us"). This document outlines how we collect, use, and protect the Personal Information of our customers, contacts, and website visitors. At ClaimsFlow, we take your privacy seriously and we are committed to safeguarding your data. We provide this notice to clearly explain our data processing practices. We encourage you to contact us at zach@claimsflow.io with any questions or concerns regarding this Policy.

2. Scope

This Policy governs all interactions with our company website, subdomains, and any services we provide (“The Services”). It applies to Personal Information (PI), defined as any data relating to an identified or identifiable individual, in accordance with applicable privacy laws. This includes data from Prospective Customers, Current Customers, Partners, and Website Visitors who engage with us for business purposes. By using The Services, you acknowledge the terms of this Policy and agree to our associated Terms of Service.

3. What Information We Collect

We collect information you provide directly to us through account registration, sales inquiries, event attendance, and professional communications. This typically includes business contact details (name, title, company, email, and corporate phone number) and necessary corporate payment information. We also automatically collect Usage Information (IP addresses, browser details, activity logs) via cookies and may obtain professional data from third-party sources or business partners for sales and marketing purposes.

4. Why We Collect Information

We primarily use collected data to Deliver The Services, including managing your account, providing customer support, and fulfilling contractual obligations. Information is used to Communicate with You about orders, product updates, and personalized content relevant to your professional role. Furthermore, we process data for the Improvement of Our Services (e.g., product analysis and testing) and to ensure Compliance with Legal Obligations and to enforce our company’s terms and agreements.

5. When We Disclose Information

We share Personal Information with trusted third-party Service Providers who perform functions on our behalf, such as cloud hosting, payment processing, and customer relationship management. Data may also be disclosed to our Business Partners, such as advertising and analytics partners. We may share data with our current and future Corporate Affiliates for purposes consistent with this Privacy Policy. Finally, we may disclose data in response to Legal Process, such as a valid subpoena, or in connection with a prospective business transaction like a merger or acquisition.

6. Retention of Personal Information

Our Company retains your Personal Information only for as long as is necessary to achieve the purposes outlined in this Policy, fulfill contractual obligations, and comply with legal or accounting requirements. When establishing a retention period for specific categories of data, we consider who we collected the data from, the volume of the data, the nature of the data, the sensitivity of the data, and the purpose for which it was collected. We securely store data on internal or trusted third-party servers and will delete or anonymize it when it is no longer required.

7. Your Choices About the Information We Collect

You have control over how your Personal Information is used, including the ability to opt-out of receiving marketing and promotional communications from us at any time. You can manage your subscription preferences by following the unsubscribe instructions included in every email or by contacting us directly. Furthermore, you may adjust your browser settings to reject or limit the use of non-essential cookies and tracking technologies deployed on our website.

8. Visitors to the Site Outside of the United States

If you are accessing The Services from outside the United States, please be aware that your information will be transferred to and processed in the U.S. where our primary data processing facilities are located. Data protection laws in the U.S. may not be as comprehensive as those in your home jurisdiction. By using The Services, you consent to the transfer, storage, and processing of your Personal Information in the United States.

9. Links

Our website and Services may contain links to external third-party sites, applications, or services that are not operated by Our Company. This Policy does not apply to the data practices of any third party. We encourage you to review the privacy policies of any third-party site you visit, as we are not responsible for their content or data collection methods.

10. Security

We implement commercially reasonable technical and organizational security measures designed to protect your Personal Information from accidental loss, unauthorized access, or misuse. These measures include data encryption, access controls, and secure server hosting environments. While we strive to protect your data, no method of transmission over the internet or method of electronic storage is 100% secure, and you are responsible for maintaining the confidentiality of your own account credentials.

11. Your California Privacy Rights

If you are a California resident, you have the right under the CCPA/CPRA to know what data we collect, to request the deletion or correction of your Personal Information, and to opt-out of the "sale" or "sharing" of your data. Our Company does not sell customer data for monetary value, but we provide mechanisms to exercise all applicable rights, including the right not to be discriminated against for exercising your privacy rights.

12. Your Privacy Rights under Other US State Laws

Residents of other US states with comprehensive privacy laws (e.g., Virginia, Colorado, Connecticut) are also granted certain statutory rights over their Personal Information. These rights typically include the ability to access, correct, and delete data, and to opt-out of the processing of data for targeted advertising. We are committed to honoring these additional state-specific rights in accordance with the requirements of the applicable state law.

13. Your Rights Under the General Data Protection Regulation

If you are located in the European Economic Area (EEA), you benefit from specific rights under the GDPR, including the right of access, rectification, erasure ("right to be forgotten"), and restriction of processing. You also have the right to object to processing and the right to data portability. We process your data based on legal grounds such as the necessity to perform a contract with you or our legitimate business interests.

14. Changes to This Privacy Notice

We reserve the right to update this Privacy Policy from time to time to reflect changes to our business operations, data practices, or evolving legal requirements. We will notify you of any material changes by revising the "Last Updated" date at the top of the policy or by providing more direct notice, as required by law. We encourage you to review this Policy periodically to stay informed about how we are protecting your information.

15. Contact Us

If you have any questions or comments about this Privacy Policy or wish to exercise any of your data protection rights, please contact us. You can reach our Data Privacy Team via email at zach@claimsflow.io or by writing to us at our corporate headquarters: ClaimsFlow, 58 W 40th St, New York, NY 10018. We will promptly respond to your request in accordance with applicable data protection laws.