Privacy Policy
Last updated: June 9, 2026 · OceanAtlasX, Inc.
Overview
OceanAtlasX(“we”, “us”) provides a customer-relationship platform built for life-insurance brokerages. This policy explains what data we collect, how we use it, and your choices.
Information we collect
- Account data — name, email, brokerage, and billing details you provide.
- Client data — leads, clients, applications, policies, conversations, and call recordings you import or generate while using the platform. You are the controller of this data; we process it on your behalf.
- Usage data — device, log, and analytics data to operate and improve the service.
Sensitive personal information
Insurance applications processed through the platform can include sensitive personal information about applicants and beneficiaries:
- Government identifiers — Social Security Numbers and similar tax/identity numbers.
- Financial information — income, assets, debts, and related figures used for needs analysis and underwriting.
- Identity documents — files an applicant uploads to support an application.
Purpose. This information is collected and processed solely to evaluate and service insurance applications (needs analysis, underwriting, and required identity/eligibility checks) on behalf of the brokerage that you are working with.
How we protect it. Social Security Numbers and other sensitive fields are encrypted at rest at the field level using AES-256-GCM with keys held separately from the database. They are never returned in full through the interface or logged, access is restricted by role and row-level security, and decryption of these fields is recorded in an audit trail.
Legal basis.For applicants, we process this information based on the consent you give when you submit an application form. We also process it as necessary to provide the service to the brokerage and, for fraud prevention and legal compliance, on the basis of legitimate interest and legal obligation. You may withdraw consent or request deletion as described in “Your rights” below; certain records may be retained where required by law or for the periods described in “Retention.”
How we use it
- To provide, secure, and improve the platform and its AI features.
- To process payments and provide support.
- We do not sell your personal data, and we do not use your client data to train shared models without your consent.
SMS messaging consent
By providing your phone number and opting in, you consent to receive SMS regarding application status updates, appointment reminders, document requests, and account-related alerts.
Security
Data is encrypted in transit and at rest. Access is scoped by role and row-level security. Sensitive fields (SSN, beneficiary identifiers) are encrypted at the field level using AES-256-GCM.
Retention
We retain client data for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, and resolve disputes. Customer data is deleted within 30 days of account termination.
Your rights
You may access, export, correct, or delete your data, and exercise GDPR/CCPA rights, by contacting us. Financial records may be retained where required by law.
California rights (CCPA)
California residents have additional rights under the CCPA, including the right to know what personal information we collect, to delete personal information, and to opt out of the sale of personal information. To exercise these rights, contact us using the information below.
Contact
Questions about this policy? Email privacy@oceanatlasx.com or write to OceanAtlasX, Inc., Privacy Team.