Policy
Privacy policy
- Effective
- February 1, 2026
- Last reviewed
- February 2026
- Version
- v2.1
- Operator
- ClaimCircuit Technologies LLC
ClaimCircuit is an evidence-first claims operating layer used by insurers, TPAs, and in-house claims teams to capture FNOL, organize evidence, route work, prepare adjuster-ready briefs, and coordinate customer updates. This policy explains what ClaimCircuit Technologies LLC collects across https://claimcircuit.com and the ClaimCircuit workspace at https://app.claimcircuit.com, how that information is used, and the controls available to authorized users and customer organizations.
Privacy at a glance
- Claim records, evidence, and AI drafts belong to the customer workspace, not to ClaimCircuit Technologies LLC.
- AI features assist review. Outputs are drafts that an authorized user must approve.
- Marketing consent is always separate from product, contact, and security email.
- Unsubscribe and email preference links work without logging in.
- Suspected security issues should be reported to security@claimcircuit.com.
01Introduction
ClaimCircuit helps claims teams handle the full operational arc of a claim: first notice of loss, evidence intake, document and media review, policy reference, claim notes and timelines, internal routing, customer updates, and settlement-prep briefs. ClaimCircuit Technologies LLC operates the platform.
This policy covers two audiences: visitors to the ClaimCircuit marketing site at https://claimcircuit.com, and authorized users of a ClaimCircuit workspace at https://app.claimcircuit.com. For workspace use, the master subscription agreement signed with the customer organization governs first; this policy supplements it.
ClaimCircuit Technologies LLC acts as a controller for marketing site activity and corporate operations, and as a processor on behalf of customer organizations for the claim records they configure ClaimCircuit to handle.
02Information we collect
Account and profile
- Account information: name, work email, password credentials managed by our authentication provider, and authentication metadata (sign-in timestamps, IP, device fingerprint used for session security).
- Organization and workspace information: workspace name, plan tier, billing contact (when billing is enabled), and configuration set by the workspace administrator.
- Profile and team role information: display name, photo if uploaded, time zone, language, and role assigned within the workspace (for example adjuster, examiner, supervisor, admin).
Claim and evidence content
- Claim and customer data entered by users: claimant identifiers, contact details, loss descriptions, dates, locations, line of business, and any structured fields the workspace defines.
- Uploaded documents: FNOL forms, declarations pages, repair estimates, invoices, third-party reports, statements, and correspondence attached to a claim.
- Uploaded photos, videos, and other media: damage photography, inspection video, scene imagery, audio recordings, and supporting media attached to a claim.
- Policy details uploaded or connected by users: policy numbers, coverage and endorsement summaries, deductibles, and effective dates referenced during evaluation.
- Claim notes, timelines, and internal messages produced by users while working a claim.
- AI prompts, inputs, outputs, and review actions: the text or files submitted to an AI feature, the draft the model returned, and the user's accept, edit, or reject decision.
Marketing site, support, and email
- Contact form information: anything you submit through forms on https://claimcircuit.com (name, work email, company, role, message, routing reason).
- Newsletter and email preference data: opt-in status, preference selections, and the timestamp of changes.
- Support correspondence you send to support@claimcircuit.com, privacy@claimcircuit.com, or security@claimcircuit.com.
Technical and usage
- Usage data: pages and features used, navigation paths, feature interactions, and aggregated performance metrics used to operate and improve the product.
- Device and log data: IP address, user agent, operating system, browser type, referrer, and request timestamps captured by application and security logs.
- Cookie and analytics data: described in the cookies policy; we do not run third-party advertising or behavioral retargeting cookies.
- Billing and payment data: if a paid plan is enabled later, billing contact details and limited payment metadata returned by the payment processor. Full card numbers are handled by the processor and are not stored by ClaimCircuit Technologies LLC.
03How we use information
- Provide and operate the ClaimCircuit platform and the marketing site.
- Authenticate users and protect sessions, accounts, and workspaces.
- Process claim workflows configured by the customer organization, including intake, triage, and assignment.
- Organize evidence: classify, link, and surface the documents and media attached to a claim.
- Generate AI-assisted summaries, extractions, and recommended next steps for human review.
- Route claims based on rules and capacity defined by the workspace.
- Prepare settlement-ready briefs and exhibit packs for authorized users to review.
- Support customer communication produced by users (drafted updates, requests for information, status notifications).
- Detect, investigate, and prevent abuse, fraud, and security incidents.
- Provide support, troubleshoot reported issues, and respond to inquiries.
- Improve the product through aggregated, de-identified usage analysis.
- Meet legal, regulatory, and safety obligations applicable to ClaimCircuit Technologies LLC.
04AI feature usage
AI prepares the claim. Humans make the decision. Customer claim data is not used to train foundation models. AI outputs are drafts that an authorized adjuster must review, edit, and sign off before any external action is taken.
- AI features may process claim text, documents, photos, videos, policy information, customer messages, and user prompts when an authorized user chooses to invoke those features.
- AI outputs are drafts intended for review by authorized users.
- ClaimCircuit does not position AI outputs as final claim decisions and does not approve, deny, settle, or pay claims on its own.
- Users are responsible for reviewing AI outputs before relying on them or sending derived communications to claimants or third parties.
- Sensitive claim data should be handled according to the customer organization's internal policies and applicable laws.
05Uploaded content and claim evidence
Documents, repair estimates, third-party reports, invoices, photos, videos, and policy files uploaded into a workspace are processed on behalf of the customer organization that owns the workspace. Customer-owned content is stored within the workspace, scoped to the claim it is attached to, and visible only to users the workspace authorizes.
Workspace administrators control roles, permissions, and which users can view, edit, export, or delete evidence. Audit metadata records who accessed or changed a record and when, supporting the workspace's internal audit trail.
ClaimCircuit Technologies LLC does not use uploaded claim content to train foundation models and does not share uploaded content with third parties except as described in 'Third-party services' or as required by law.
06Third-party services
ClaimCircuit Technologies LLC relies on a limited set of subprocessor categories to operate ClaimCircuit. Each subprocessor is bound by contract to protect the data they process. We list categories rather than implying integrations or certifications we do not have:
- Hosting and infrastructure providers that run the application, store data, and serve traffic.
- Authentication and database providers that manage identity, sessions, and primary application data.
- AI service providers that process prompts and content submitted to AI features.
- Email service providers that deliver transactional and (where consented) marketing email.
- Analytics tooling, when enabled, used in aggregate to understand product usage and reliability.
- Payment processors, when billing is enabled, used to handle subscription billing.
08Email communications
Transactional email
Account, security, billing, workspace event, and other service messages are sent from notifications@claimcircuit.com. These messages are required for the service to function and cannot be turned off without disabling the related feature.
Product and service updates
Material product or policy changes affecting workspace use may be sent to workspace administrators as part of the service relationship.
Marketing and newsletter
Marketing email, including the newsletter, is sent from updates@claimcircuit.com only with separate consent or another lawful basis. Marketing consent is never bundled with a contact form, signup, or transactional message.
Every marketing message includes an unsubscribe link, and an email preferences link to manage which categories you receive. Both links work without logging in. Unsubscribing from marketing does not stop transactional email needed to operate the service.
09Data retention
Claim records, evidence, and AI-generated drafts are retained for the duration of the active claim and any regulatory or contractual retention window agreed with the customer. Customers control export and deletion of their data.
Actual retention may vary by workspace settings, the customer organization's configuration, account status (active, suspended, terminated), and legal, regulatory, or contractual obligations that apply to the underlying claim record.
Marketing contact records are kept only as long as needed to respond to your request and, if you opt in, until you unsubscribe from updates@claimcircuit.com or ask us to delete them by writing to {{PRIVACY_CONTACT_EMAIL}}.
10Security
ClaimCircuit Technologies LLC applies administrative, technical, and organizational safeguards appropriate to the sensitivity of claims data. ClaimCircuit holds a SOC 2 Type II attestation issued January 2026; ISO 27001 certification is in progress. HIPAA compliance is not claimed. Current safeguards include:
- Hosting on AWS us-east-1 (Northern Virginia).
- Encryption at rest using AES-256 via AWS KMS, and encryption in transit using TLS 1.3.
- Logical tenant isolation via PostgreSQL Row Level Security, with a unique tenant_id on all tables.
- Access controls that limit production data access to a small number of authorized personnel.
- Role-based access control (RBAC) inside the workspace, with MFA required for all users and SSO mandatory for Enterprise.
- Append-only, immutable audit logs for all claim brief modifications, retained for 7 years.
- Administrative controls for customer admins to manage members, sessions, and exports.
- 24/7 NOC monitoring with a P1 response target under 2 hours, and a dedicated security contact for vulnerability reports and incident inquiries.
No system is perfectly secure. To report a suspected vulnerability or incident affecting ClaimCircuit, write to security@claimcircuit.com.
11User rights and requests
Depending on where you live, you may have the right to access, correct, export, or delete personal information ClaimCircuit Technologies LLC controls, to object to or restrict certain processing, and to opt out of marketing communications.
To exercise these rights, write to {{PRIVACY_CONTACT_EMAIL}}. We may need to verify your identity before acting on a request.
If your request concerns claim data inside a workspace, the customer organization that owns the workspace is the controller for that data. Workspace users should also raise these requests with their internal administrator, and ClaimCircuit Technologies LLC will assist the customer organization as a processor.
12International use
ClaimCircuit Technologies LLC is established in Delaware, United States. ClaimCircuit may be accessed from many regions, and information may be processed in any region where ClaimCircuit Technologies LLC or its subprocessors operate. Where applicable law requires safeguards for international transfers, we rely on the safeguards that law recognizes.
13Children
ClaimCircuit is a workplace product for claims professionals. It is not intended for, and is not directed to, children. We do not knowingly collect personal information from children. If you believe a child has provided personal information to ClaimCircuit Technologies LLC, write to {{PRIVACY_CONTACT_EMAIL}} and we will take appropriate action.
14Changes to this policy
We may update this policy as the platform evolves. The effective date and last updated date above always reflect the version currently in force. Material changes affecting workspace processing are communicated to the workspace administrator before they take effect, where practical.
15Contact
Privacy questions and rights requests: {{PRIVACY_CONTACT_EMAIL}}. Suspected security issues or vulnerabilities: security@claimcircuit.com. General legal questions: legal@claimcircuit.com. ClaimCircuit Technologies LLC is governed by the laws of Delaware, United States.
Operator and contact
ClaimCircuit Technologies LLC
Governed by the laws of Delaware, United States.
- Legallegal@claimcircuit.com
- Privacyprivacy@claimcircuit.com
- Cookiesprivacy@claimcircuit.com
- Securitysecurity@claimcircuit.com
These pages are product terms and policies for ClaimCircuit and are not legal advice.