InforceDesk is a customer relationship platform built for independent insurance agents. This policy explains what we collect when you visit our website or use the product, how we use it, who we share it with, and the rights you have over your information.
1. Our two roles
InforceDesk acts in two different capacities depending on whose data is in question:
- As a controller, we decide how and why we process the personal information of our account holders (the agents and agencies who sign up for InforceDesk) and visitors to our website. That includes account credentials, billing details, and usage telemetry.
- As a processor, we handle the personal information that account holders upload or generate inside their workspace. This typically means details about leads, clients, appointments, notes, and documents. The account holder is the controller of that data; we store and process it on their behalf under the terms of our customer agreement.
If you are a lead or client of an InforceDesk account holder and you want to know what information they hold about you, please contact that account holder directly. We can help facilitate the request, but the account holder makes the final decision about access, correction, and deletion of records they entered.
2. Information we collect
2.1 Information you give us
- Account information: name, email address, password (stored as a salted scrypt hash), and the workspace name and slug you choose.
- Billing information: company name, billing address, the last four digits of the payment card, the card brand, and expiration. Full card numbers go to Stripe and never touch our servers. Stripe returns a customer ID and subscription status that we do store.
- Workspace settings and branding: logo URL, accent color, brand name, business hours, timezone, public domain, sender identity for outbound email, and integration credentials (encrypted at rest with AES-256-GCM).
- Customer-uploaded content: leads, clients, notes, documents, tasks, follow-ups, appointments, email templates, workflows, and any custom field values you create. You decide what to put here; we hold it for you.
- Support correspondence: messages you send us, including any attachments.
2.2 Information we collect automatically
- Session and device data: IP address, user agent, session token (HTTP-only cookie), and a CSRF token (HMAC-derived from the session). Sessions slide on activity and expire after 30 minutes of inactivity.
- Usage telemetry: pages visited, features used, counts of emails and SMS messages sent through the platform, document storage in bytes, and quota consumption per billing period. We use this to enforce plan limits and to debug.
- Audit log: workspace and member events such as invitations issued, role changes, integration credential updates, ownership transfers, and exports. The log records the actor, the event type, the IP, and the user agent.
- Tracking parameters when present: if a marketing URL includes
gclidorutm_*parameters and the lead form forwards them, we store them on the lead record so the account holder can attribute the source. We do not place any client-side tracking pixels of our own on the lead-capture forms.
2.3 Information from third parties
- Stripe reports invoice events, payment status, and subscription changes back to us via webhooks so the workspace status stays in sync.
- Twilio Lookup returns line-type and carrier information for phone numbers when an account holder asks us to validate one. Cached results are shared across workspaces because the answer is a property of the number, not the account.
- Google Calendar, when an account holder connects it, returns availability and event data for the calendars they grant access to.
3. How we use information
We use the information described above to:
- Create and operate your account, authenticate you, and keep your session secure.
- Provide the CRM features you signed up for, including sending email and SMS on your behalf, booking appointments, running automated workflows, and storing the records you upload.
- Bill your subscription, retry failed payments, send dunning notices, and remind you when a trial is ending.
- Enforce plan quotas (monthly email, SMS, lead, and storage caps) and per-tenant rate limits so one busy workspace cannot starve another.
- Detect and prevent fraud, abuse, spam, and security incidents.
- Respond to support requests and notify you about service changes, outages, security advisories, and material updates to our terms or this policy.
- Improve the product. We look at aggregate usage to decide what to build next; we do not read the contents of your workspace for product analytics.
- Comply with legal obligations and respond to lawful requests from authorities.
4. Legal bases (GDPR)
If you are in the European Economic Area, the United Kingdom, or Switzerland, we rely on the following legal bases under the GDPR and UK GDPR:
- Contract: to provide the service you signed up for, including billing.
- Legitimate interests: to secure the platform, to enforce our terms, to detect fraud, and to send service-related communications.
- Consent: for optional marketing emails from us. You can withdraw consent at any time by clicking the unsubscribe link in any marketing message.
- Legal obligation: to retain certain records (for example, billing records) for the period required by tax and accounting law.
5. Sharing and subprocessors
We do not sell personal information, and we do not share it for cross-context behavioral advertising. We do share data with the following service providers (subprocessors) who help us run the platform. Each one is bound by a written contract that limits how they may use the data.
| Subprocessor | Purpose | Data category | Region |
|---|---|---|---|
| Stripe, Inc. | Payment processing, billing portal, invoicing | Account holder name, email, billing address, last 4 of card, transaction history | United States |
| Resend | Outbound transactional and marketing email delivery | Sender and recipient email addresses, subject, body, and delivery status | United States |
| Twilio Inc. | Outbound SMS delivery, inbound SMS routing, phone number lookup | Sender and recipient phone numbers, message body, delivery status, line-type metadata | United States |
| Google LLC | Optional integrations: Google Calendar, Google Ads conversion reporting, Google Analytics 4 | Calendar event data, hashed email addresses for Customer Match, conversion event metadata | United States |
| Cloudflare, Inc. | Bot protection (Turnstile) on public forms; DNS and edge caching where deployed | Visitor IP and user-agent at the moment a form is submitted | United States and global edge |
| Hosting provider | Application hosting and managed PostgreSQL | All data described in section 2, encrypted at rest by the provider | Region selected by the deployment operator |
We may also disclose information when we believe in good faith that disclosure is required by law, by a court order, or by a government request; when needed to enforce our terms; when needed to protect the rights, property, or safety of InforceDesk, our customers, or the public; or in connection with a merger, acquisition, financing, or sale of all or part of our business. In a corporate transaction, we will require the recipient to honor the commitments in this policy or notify affected individuals of any material change.
6. Cookies and similar technologies
We use a small number of strictly necessary cookies. We do not use advertising cookies on our marketing site or inside the app.
crm_token— HTTP-only session cookie. Identifies your authenticated session. Required for the app to work.crm_csrf— readable CSRF token, derived by HMAC from your session token. Required to submit forms in the app.
Account holders who connect Google Analytics 4 or Google Ads to their own workspace are responsible for disclosing those cookies on their own marketing site and for obtaining any consent that local law requires. We do not place those tags on our own site.
7. Data retention
- Account and workspace data: kept for as long as your account is active. After you delete a workspace, we hold a recoverable copy for 30 days. After that window, the workspace and every record under it are removed by an automated sweep, including leads, clients, notes, documents, workflows, audit log entries, and integration credentials.
- Billing records: retained for the period required by tax and accounting law in our jurisdiction (typically seven years), even after account closure.
- Backups: deleted records may persist in encrypted backups for up to 35 days before they age out of the backup window.
- Email and SMS opt-outs: retained indefinitely so we can honor unsubscribe requests and TCPA opt-outs across the platform, even after the original account holder is gone.
- Audit log: retained for the life of the workspace; cascaded with the workspace when it is permanently deleted.
8. Security
We take reasonable and appropriate technical and organizational measures to protect personal information. These include:
- TLS 1.2+ for data in transit between your browser and our servers.
- Passwords stored as salted scrypt hashes; never in cleartext.
- Integration credentials (Resend API keys, Twilio auth tokens, Google service-account keys, Stripe keys) encrypted at rest with AES-256-GCM, with the encryption key bound to the workspace and integration type as additional authenticated data.
- API keys stored only as SHA-256 hashes; the raw value is shown to the operator exactly once at creation.
- HMAC-signed CSRF tokens, content security policy headers, parameterized SQL throughout, server-side input validation, SSRF blocklists for outbound webhooks, and per-IP and per-tenant rate limiting.
- Per-row workspace scoping enforced at the database layer with NOT NULL workspace foreign keys, plus a build-time audit script that flags any SQL touching a tenant table without a workspace filter.
- Soft-delete with a 30-day grace window before destructive cascade.
No system is perfectly secure. If we discover a breach that affects your personal information, we will notify you and the appropriate regulators within the timeframe required by applicable law.
9. International data transfers
Our primary infrastructure is located in the United States, and several of our subprocessors are based in the United States. If you access the service from outside the United States, your information will be transferred to, stored in, and processed in the United States and other countries where we or our subprocessors operate. Where required, we rely on the European Commission's Standard Contractual Clauses or the UK International Data Transfer Addendum to authorize cross-border transfers.
10. Your privacy rights
Depending on where you live, you may have some or all of the following rights regarding your personal information:
- Access: ask for a copy of the personal information we hold about you.
- Correction: ask us to correct information that is wrong or incomplete.
- Deletion: ask us to delete personal information we hold about you, subject to legal retention obligations.
- Portability: ask for a copy of your data in a structured, commonly used,
machine-readable format. Account holders can use the built-in workspace export at
/crm/settings/exportto download a zip of every workspace-scoped table plus original document files. - Restriction or objection: ask us to limit or stop certain processing.
- Withdraw consent: where we rely on consent, you can withdraw it without affecting processing that already happened.
- Lodge a complaint: with your local data protection authority.
To exercise any of these rights, email [email protected]. We will respond within 30 days, or sooner if local law requires it. We may need to verify your identity before acting on a request. If you are a lead or client whose record was uploaded by an InforceDesk account holder, please contact that account holder directly. We will assist them in fulfilling your request, but we cannot make decisions about records they control.
11. California residents (CCPA / CPRA)
If you live in California, the California Consumer Privacy Act, as amended by the CPRA, gives you additional rights:
- The right to know the categories and specific pieces of personal information we have collected about you, the sources, the business purposes, and the categories of recipients we shared it with.
- The right to delete personal information we collected from you, subject to legal exceptions.
- The right to correct inaccurate personal information.
- The right to limit the use and disclosure of sensitive personal information.
- The right not to be discriminated against for exercising any of these rights.
We do not sell personal information, and we do not share it for cross-context behavioral advertising as those terms are defined under California law. We have not done so in the past twelve months.
To exercise these rights, email [email protected] with the words "California Privacy Request" in the subject line. You may also designate an authorized agent to make a request on your behalf; we will need written proof of the agent's authority and may still need to verify your identity directly.
12. Marketing communications
Messages that account holders send to their leads and clients through InforceDesk go out under the account holder's sender identity, on behalf of the account holder, and at the account holder's direction. The account holder is responsible for compliance with the CAN-SPAM Act, the Telephone Consumer Protection Act (TCPA), and any other law that governs marketing email or SMS in the recipient's jurisdiction.
Our platform helps account holders meet those obligations by appending unsubscribe footers to marketing email, by separating SMS consent from email consent, by honoring STOP keywords on inbound SMS, and by enforcing TCPA quiet hours on outbound SMS. The legal duty still sits with the account holder.
Messages that InforceDesk sends to you directly (account confirmations, billing notices, security alerts, password resets) are transactional and necessary to operate your account. You cannot opt out of these while you have an active account. Optional marketing email from InforceDesk includes an unsubscribe link that you can use at any time.
13. Children's privacy
InforceDesk is not directed to children under 16 and we do not knowingly collect personal information from anyone under 16. If you believe a child has provided us with personal information, contact us at [email protected] and we will delete the record.
14. Changes to this policy
We may update this policy from time to time. When we make a material change, we will revise the "Last updated" date at the top of the page and, depending on the nature of the change, notify you by email or through an in-app notice before the change takes effect. Continued use of the service after the effective date constitutes acceptance of the updated policy.
15. Contact us
Questions about this policy or about how we handle your personal information:
InforceDesk
Email: [email protected]
If you live in the European Economic Area or the United Kingdom and you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority.