PRIVACY POLICY

Your data, handled with care.

This Privacy Policy explains what information COI DASH collects, how we use it, the choices you have, and the safeguards we apply when operating our website and vendor COI compliance platform. The page follows a standard public-facing SaaS privacy notice structure tailored to the COI DASH product.

Effective April 16, 2026 Applies to website and platform use Questions: privacy@coidash.com

What we collect

Contact details, business information, account data, vendor compliance records, device information, and limited analytics data used to operate and improve the service.

Why we collect it

To provide the platform, respond to inquiries, maintain security, deliver product updates, and support legitimate business operations.

Your control

Depending on your location, you may request access, correction, deletion, restriction, portability, or objection to certain processing activities.

Our commitment to privacy

Privacy matters to us because COI DASH is designed to centralize sensitive insurance and compliance workflows. We aim to collect only the information reasonably necessary to run the website, deliver the platform, support customers, and protect the integrity of our systems. When we ask for personal information, we do so in context and explain why it is needed.

This notice applies to information collected on our public-facing website, through product demos and waitlist forms, and inside the COI DASH application when customers, employees, contractors, vendors, and other authorized users interact with the platform.

The information we collect

Depending on how you interact with COI DASH, we may collect the following categories of information:

  • Contact information: name, work email address, company name, job title, company phone number, and mailing address.
  • Account and operational data: login details, role-based permissions, activity logs, review history, and support communications.
  • Vendor compliance information: vendor names, business contacts, insurance requirements, COI-related documents, expiration dates, review outcomes, and audit notes entered into the platform.
  • Technical and usage data: IP address, browser type, device details, approximate location derived from IP, referring pages, and interactions with our website or application.
  • Marketing and preference data: form submissions, campaign engagement, email opt-in status, and cookie-based analytics preferences.

How we collect data

We collect information directly from you when you fill out forms, request a demo, subscribe to updates, correspond with us, create an account, upload documents, or manage vendor records through the platform.

We also collect some information automatically through cookies, server logs, and similar technologies that help us understand traffic, protect the site, troubleshoot issues, and improve product experience. Like many modern SaaS websites, we may use analytics, performance, and marketing technologies to understand what content is useful, how visitors move through the site, and how campaigns perform.

We may receive information from customers, implementation partners, service providers, or publicly available business sources when they provide vendor or user records to support onboarding, compliance review, or account management.

How we use information

We use personal information to operate COI DASH, provide requested services, and maintain a secure and reliable experience. These uses may include:

  • Providing the website, application features, account access, and customer support.
  • Managing vendor insurance workflows, document review processes, reminders, and compliance status reporting.
  • Communicating with you about your account, support requests, billing matters, product changes, and security notices.
  • Sending marketing communications when you have opted in or where otherwise permitted by applicable law.
  • Analyzing performance, improving usability, training internal teams, and developing new features.
  • Preventing fraud, misuse, unauthorized access, and other activity that could harm customers or the platform.
  • Complying with legal obligations and enforcing contractual rights.

How we share information

We do not sell personal information in the ordinary course of business. We may share information in limited circumstances such as:

  • With service providers and subprocessors that help us host the platform, analyze usage, process communications, or provide customer support.
  • With customers and authorized users who use COI DASH to manage vendor compliance records and need access to the information entered into their workspace.
  • When required to comply with law, legal process, lawful requests, or to protect rights, safety, and security.
  • As part of a merger, financing, acquisition, restructuring, or other corporate transaction, subject to appropriate confidentiality protections.

Where required, we put contractual safeguards in place with vendors and service providers that process information on our behalf.

Your privacy rights and choices

Depending on your location and applicable law, you may have the right to request access to your personal information, correct inaccurate information, delete certain information, restrict or object to processing, and obtain a portable copy of the information you provided to us.

California residents may also have rights relating to notice, deletion, correction, and opting out of certain sharing or sale-related activities. If you are an authorized user of a customer account, we may direct your request to the relevant customer because that organization controls much of the data processed in the platform.

You may unsubscribe from promotional emails at any time by following the instructions in the message or by contacting us directly.

Data retention and security

We retain information for as long as reasonably necessary to provide the service, fulfill the purposes described in this notice, resolve disputes, enforce agreements, and comply with legal obligations. Retention periods vary depending on the type of data, the sensitivity of the information, the customer relationship, and whether the information is needed for audit, security, or compliance reasons.

We use administrative, technical, and organizational safeguards designed to protect information against unauthorized access, disclosure, alteration, and destruction. These measures may include encryption, access controls, logging, environment segregation, least-privilege access, vendor reviews, and monitoring for unusual activity. No method of transmission or storage is perfectly secure, so we cannot guarantee absolute security.

Updates and contact information

We may update this Privacy Policy from time to time to reflect changes in our practices, product features, service providers, or legal obligations. When we make material changes, we will update the effective date above and, where appropriate, provide additional notice.

If you have questions about this Privacy Policy or want to exercise a privacy right, contact us at privacy@coidash.com.