Privacy Policy

Last updated: July 2025

1. Introduction

Compens AI ("we," "our," or "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, process, and protect your information when you use our insurance claims analysis platform.

We comply with applicable data protection laws worldwide, including:

  • General Data Protection Regulation (GDPR) - European Union
  • California Consumer Privacy Act (CCPA) - United States
  • Personal Information Protection and Electronic Documents Act (PIPEDA) - Canada
  • Privacy Act 1988 - Australia
  • Data Protection Act 2018 - United Kingdom
  • Federal Data Protection Act (FADP) - Switzerland
  • Protection of Personal Information Act (POPIA) - South Africa

2. Information We Collect

Personal Information:

  • Email address and contact information
  • Insurance claim details you provide
  • Vehicle or property information related to your claim
  • Documents and images you upload
  • Payment information (processed securely by third-party processors)

Technical Information:

  • IP address and location data
  • Browser type and device information
  • Usage patterns and interaction data
  • Cookies and similar tracking technologies

Legal Basis for Processing (GDPR):

  • Contract performance: Processing necessary to provide our services
  • Legitimate interests: Service improvement and fraud prevention
  • Consent: Marketing communications (where required)
  • Legal obligations: Compliance with applicable laws

3. How We Use Your Information

We use your information to:

  • Provide AI-powered insurance claim analysis
  • Generate personalized negotiation documents
  • Process payments and manage your account
  • Improve our services and develop new features
  • Communicate with you about your claims and our services
  • Comply with legal obligations and prevent fraud
  • Provide customer support

Marketing Communications: We will only send marketing emails with your explicit consent, and you can unsubscribe at any time.

4. Data Sharing and Disclosure

We may share your information with:

Service Providers:

  • Cloud hosting providers (data processing agreements in place)
  • Payment processors (PCI DSS compliant)
  • AI and analytics providers
  • Customer support platforms

Legal Requirements:

  • When required by law or legal process
  • To protect our rights or prevent fraud
  • In connection with business transfers (with notice)

No Sale of Personal Data: We do not sell your personal information to third parties.

5. International Data Transfers

Your data may be processed in countries outside your jurisdiction, including Switzerland and the United States. We ensure adequate protection through:

  • EU Standard Contractual Clauses (SCCs)
  • Adequacy decisions where available
  • Appropriate technical and organizational measures
  • Data processing agreements with all processors

6. Your Privacy Rights

GDPR Rights (EU/UK/Switzerland):

  • Access: Request copies of your personal data
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your personal data
  • Portability: Receive your data in a structured format
  • Restriction: Limit processing of your personal data
  • Objection: Object to processing based on legitimate interests
  • Withdraw consent: For processing based on consent

CCPA Rights (California):

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of sale (not applicable - we don't sell data)
  • Right to non-discrimination

PIPEDA Rights (Canada):

  • Right to access personal information
  • Right to correct inaccuracies
  • Right to withdraw consent
  • Right to complain to Privacy Commissioner

Australian Privacy Rights:

  • Right to access personal information
  • Right to correct personal information
  • Right to complain to Office of Australian Information Commissioner

7. Data Security

We implement appropriate technical and organizational measures including:

  • Encryption of data in transit and at rest
  • Regular security assessments and updates
  • Access controls and authentication
  • Employee training on data protection
  • Incident response procedures
  • Regular backups and disaster recovery

8. Data Retention

We retain personal data for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Improve our services (anonymized data)

Generally, we retain account data for 7 years after account closure, and anonymized usage data indefinitely for service improvement.

9. Cookies and Tracking

We use cookies and similar technologies for:

  • Essential site functionality
  • Analytics and performance monitoring
  • User preferences and settings
  • Security and fraud prevention

For detailed information about our cookie practices, please see our Cookie Policy.

10. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete such information.

11. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be communicated via email or prominent notice on our website at least 30 days before taking effect.

12. Contact Information

For privacy-related questions or to exercise your rights, contact us:

Data Protection Officer: privacy@compens.ai

General Support: support@compens.ai

Postal Address: Switzerland

Supervisory Authorities:

  • EU/GDPR: Your local Data Protection Authority
  • UK: Information Commissioner's Office (ICO)
  • Switzerland: Federal Data Protection and Information Commissioner (FDPIC)
  • Canada: Office of the Privacy Commissioner of Canada
  • Australia: Office of the Australian Information Commissioner (OAIC)
  • California: California Attorney General's Office