Privacy Policy
Introduction
Restoria AI, Inc. ("Restoria AI," "Company," "we," "us," or "our") respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy describes how we collect, use, disclose, and protect personal information when you use our AI-powered insurance claims management platform and related services (collectively, the "Service").
This Privacy Policy applies to information we collect through:
- Our website at www.getrestoria.com (the "Website")
- Our web application and platform
- Email and other electronic communications
- Customer support interactions
By using the Service, you consent to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Service.
1. Information We Collect
We collect information in several ways: directly from you, automatically when you use the Service, and from third parties.
1.1 Information You Provide Directly
Account Information:
- Name (first and last)
- Email address
- Phone number
- Business name and address
- Professional license information (license number, state, expiration)
- Username and password (passwords are hashed and not stored in plain text)
Payment Information:
- Billing name and address
- Payment card information (processed by our payment processor; we do not store full card numbers)
User Content: You may upload, submit, or create content through the Service, including insurance claim documents, photographs, notes, and reports.
Information About Third Parties: Your User Content may contain personal information about third parties, including insured parties, property addresses, carrier representatives, and contractors. You are responsible for ensuring you have appropriate authorization to submit third-party personal information to the Service.
1.2 Information Collected Automatically
When you access the Service, we automatically collect device and browser information, usage information, log data, and approximate location based on IP address. We do not collect precise GPS location.
1.3 Information from Third Parties
We may receive information from authentication providers (e.g., Google), payment processors (Polar Software Inc.), and AI service providers (Anthropic).
1.4 Categories of Personal Information Collected
| Category | Examples | Collected |
|---|---|---|
| Identifiers | Name, email, IP address, account ID | Yes |
| Customer Records | Name, address, phone, payment info | Yes |
| Commercial Information | Subscription history, usage records | Yes |
| Internet Activity | Browsing history, interactions with Service | Yes |
| Geolocation | Approximate location from IP | Yes |
| Professional Information | License number, business info | Yes |
| Inferences | Preferences, usage patterns | Yes |
| Sensitive Personal Information | Account credentials | Yes |
2. How We Use Your Information
2.1 Providing and Improving the Service
Creating and managing your account, processing subscriptions and payments, providing access to features, processing User Content through AI and document extraction, providing customer support, personalizing your experience, and conducting research and analytics.
2.2 Communications
Sending transactional emails, service-related notifications, product updates, marketing communications (with consent), and responding to your communications.
2.3 Security and Compliance
Protecting the security and integrity of the Service, detecting and preventing fraud, enforcing our Terms, and complying with legal obligations.
3. How We Share Your Information
We do not sell your personal information as defined under the CCPA, Nevada law, or other applicable privacy laws.
3.2 Cross-Context Behavioral Advertising
Important Disclosure Required by California Law: We use third-party analytics services, including Google Analytics, that place cookies on your device. This information may be used to show you targeted advertisements on other websites. You have the right to opt out of this sharing.
3.3 Service Providers
| Service Provider | Purpose | Data Disclosed |
|---|---|---|
| Anthropic, PBC | AI processing (Claude) | Chat prompts, document content |
| Google Cloud Platform | Cloud infrastructure, storage | All Service data |
| Clerk | Authentication | Account credentials, email |
| Polar Software Inc. | Merchant of Record / Payments | Billing information, subscription status |
| DocuSeal | Electronic Signatures | Document contents, signer info |
| MongoDB Atlas | Database hosting | Application data |
4. Artificial Intelligence and Automated Processing
The Service uses AI to provide administrative and drafting support only, including extracting data from documents, providing AI assistant responses, generating draft summaries, and classifying claim information.
We do NOT use your confidential claim data to train AI models without explicit consent, share identifiable data with AI providers for their independent purposes, or allow AI providers to retain your data beyond processing needs.
5. Cookies and Tracking Technologies
We use strictly necessary cookies (session management, authentication, security), functional cookies (display settings, language preference), analytics cookies (Google Analytics), and marketing cookies (Google Ads conversion tracking).
Your Cookie Choices: Accept all, reject non-essential, or customize via cookie banner. You can also opt out via Google Analytics Opt-out, browser settings, or Global Privacy Control (GPC).
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account Information | Account duration + 3 years |
| User Content | Account duration + 30-day export period |
| Chat History | Account duration + 30-day export period |
| Payment Records | 7 years (legal requirement) |
| Usage Logs | 2 years |
| Support Communications | 3 years |
Important for Public Adjusters: Many states require claim record retention for 5-7 years. You may request a Compliance Hold for read-only archive access after termination. Contact: [email protected]
7. Data Security
We implement encryption in transit (TLS 1.3), encryption at rest (AES-256), secure cloud infrastructure (Google Cloud Platform), regular penetration testing, intrusion detection, and multi-factor authentication. We maintain safeguards consistent with 16 CFR Part 314 (FTC Safeguards Rule).
8. Your Privacy Rights
All users may access account information, update information, export User Content, delete their account, and opt out of marketing emails.
How to Exercise Rights: Account settings, email [email protected], or call 646-234-2277.
9. California Privacy Rights (CCPA/CPRA)
California residents have the right to know, delete, correct, opt-out of sharing, limit sensitive PI use, and non-discrimination. We do NOT sell personal information. We DO share for cross-context behavioral advertising via analytics cookies — you can opt out.
10. Nevada Privacy Rights
We do not sell personal information. Submit opt-out requests to [email protected].
11. Other State Privacy Rights
We honor Global Privacy Control (GPC) signals for all states requiring universal opt-out recognition, including Virginia, Colorado, Connecticut, Texas, Oregon, Montana, Delaware, and others.
12. Do Not Track Signals
We do not respond to browser "Do Not Track" signals. We DO honor GPC signals.
13. Children's Privacy
The Service is for business use by licensed professionals and not directed to anyone under 18. We do not knowingly collect information from children.
14. International Users
The Service is intended for United States use only. All data is processed and stored in the United States.
15. Third-Party Links and Services
This Privacy Policy does not apply to third-party websites or services. Review their privacy policies separately.
16. Changes to This Privacy Policy
We may update this Privacy Policy periodically. Material changes will include at least 30 days' notice via email and/or in-Service notification.
17. Contact Us
Restoria AI, Inc.
Privacy Team: [email protected]
Phone: 646-234-2277
1207 Delaware Ave #1021, Wilmington, DE 19806
Support: [email protected]
Security: [email protected]
Summary of Privacy Practices
| Practice | Our Approach |
|---|---|
| Sell Personal Information | NO |
| Share for Cross-Context Advertising | YES (via cookies) — You can opt out |
| Honor GPC Signals | YES |
| Train AI on Confidential Data | NO (without consent) |
| Provide Data Access | YES |
| Encrypt Data | YES (TLS 1.3 + AES-256) |
© 2026 Restoria AI, Inc. All rights reserved. A Delaware Corporation.