Privacy Policy

Last Updated: June 2026

1. Our Core Privacy Philosophy

At OpsFly, we build software for insurance professionals. We fundamentally believe that your clients' data belongs exclusively to you. Our architecture is designed with a "Zero-Knowledge" approach for Client Personally Identifiable Information (PII). We do not sell, rent, or analyze your CRM portfolio for any external commercial purposes.

2. Data We Collect & How We Encrypt It

  • Account Data: We collect your email address for login and communication purposes. Passwords are irreversibly hashed using standard bcrypt algorithms.
  • Client PII (Zero-Knowledge Area): The names, phone numbers, policy numbers, and dates of birth of your clients are encrypted at rest using bank-grade AES-256-GCM encryption before being saved to our database. Our engineering team cannot read these specific fields.

3. Third-Party Integrations

To provide our services, we utilize a minimal set of trusted third-party providers:

  • Authentication: Google and Facebook (OAuth) strictly for validating your login identity.
  • Analytics: Plausible Analytics. A privacy-friendly, cookie-less tracking tool. We only track aggregated page views and clicks to improve our software. No personal data is sent to Plausible.
  • Billing: Stripe handles all payment processing. We do not store your credit card information on OpsFly servers.

4. Cookies and Sessions

OpsFly does not use tracking cookies for advertising. We only use essential, HttpOnly, and Secure cookies strictly to maintain your active login session and protect against Cross-Site Request Forgery (CSRF) attacks.

5. Data Retention and Deletion

If you choose to delete your account via the OpsFly platform or by contacting our support team, all data—including your encrypted CRM entries and active policies—will be permanently erased from our primary databases within 30 days. This action is irreversible.

6. Contact Us

If you have any questions regarding this privacy policy or wish to exercise your data rights, please contact our Data Protection Officer at: [email protected]