Legal
Privacy Policy
Last updated:
Bindlab is an AI-Native Wholesale & MGA Operating System operated by Seven16 Group. This policy explains what information we collect, how we use it, who we share it with, how long we keep it, and the rights you have over it. Bindlab serves commercial insurance wholesale brokers, MGAs, retail producers, and the businesses they insure — categories of data subject to insurance regulatory regimes (E&O, NAIC, NIPR, Surplus Lines, Bordereaux, State Privacy + Cyber). Those regimes shape how we retain and delete data, so this policy is more specific than a generic SaaS privacy notice.
1. Who we are
Bindlab is operated by Seven16 Group. References to “Bindlab”, “we”, “us”, or “our” throughout this policy mean Seven16 Group as the controller of the Bindlab platform.
For privacy questions, data requests, or rights exercises, contact privacy@bindlab.io.
2. Scope of this policy
This policy applies to information collected through:
- The Bindlab website at bindlab.io;
- The Bindlab authenticated application (tenant-scoped workspaces at bindlab.io/<tenant-slug>);
- Email, support tickets, and forms submitted to or through Bindlab, including the Seven16 Group Support widget served from seven16groupsupport.com;
- APIs and integrations operated by Bindlab on behalf of tenants (carrier submission APIs, producer licensing sync, transportation data enrichment).
It does not apply to third-party websites or services linked from Bindlab that operate under their own privacy policies.
3. What information we collect
We collect seven categories of data. Every field is catalogued in our internal data inventory with its purpose, legal basis, retention, and deletion rule. The summary below describes each category at the policy level.
3.1 User and producer identity data
Email, full name, optional phone, role within your agency, and — for licensed producers — National Producer Number (NPN), license details, and state appointments. We collect this to authenticate you, enforce role-based access, route notifications, audit actions, and sync licensing status with the National Insurance Producer Registry (NIPR) when integrated.
3.2 Agency and tenant data
Agency name, federal Employer Identification Number (EIN), contact information, W-9, Errors and Omissions (E&O) policy and license documents, banking and commission setup (when activated), and executed agency contracts. We collect this to operate your tenant workspace, satisfy producer-licensing and carrier-appointment obligations, route broker fees, and maintain a defensible compliance record.
3.3 Insurance submission data
Information about the businesses our tenants' clients insure, including insured business name, FEIN (or Social Security Number where the insured is a sole proprietor), address, payroll, revenue, vehicle schedules, driver records, class codes (NCCI / ISO), prior carrier history, loss runs, and uploaded ACORD forms and supplements. We collect this so brokers can clear, market, and quote risks with carrier markets. Sensitive fields (FEIN, SSN where applicable, banking) are encrypted at rest at the application layer in addition to platform-level encryption.
3.4 Policy data
Policy numbers, effective and expiration dates, premium, named and additional insureds, forms, endorsements, schedules, policy PDFs, and AI extractions performed on those documents (with model identity and confidence captured for reproducibility). We collect this to maintain the policy of record, generate certificates of insurance, surface renewal pipelines, and meet bordereaux and audit obligations.
3.5 Financial data
Broker fee amounts, broker fee payment receipts, and pass-through check chain-of-custody records. We do notcollect or hold premium money — premium flows between insureds and carriers, never through Bindlab. Broker fees recorded here are the wholesaler/MGA's fee for services, subject to fiduciary handling under state insurance law.
3.6 System and observability data
Login timestamps, device and browser fingerprints (used for suspicious-login detection), IP addresses, workflow state transitions, AI operation telemetry (which model, which prompt version, latency, token usage, confidence), crash reports, and analytics events. We collect this to operate the platform securely, detect abuse, satisfy audit requirements, and reconstruct any regulated action from data stored at the time of the action (regulatory traceability).
3.7 AI interaction data
When you use AI-assisted features (submission extraction, appetite scoring, narrative explanations, future help assistant), we capture the conversation context, the AI's response, and the model identity. Every AI output carries an in-product disclosure (“AI indication · Not a quote · Subject to underwriting”) and is logged for Errors and Omissions reproducibility. AI prompts and responses are processed by our AI subprocessor (Anthropic, Claude) under contracted data-protection terms.
4. How we use information
We use the information we collect to:
- Operate the platform — authenticate you, render your tenant workspace, route submissions to carriers, generate quotes and policies, deliver notifications, and provide support.
- Provide AI assistance — extract structured data from uploaded documents, score appetite matches against carrier programs, draft narrative explanations, and (in future functionality) assist with help and onboarding. AI outputs are indications, not bound coverage; every output carries a disclosure.
- Satisfy regulatory obligations — produce bordereaux for carriers, file surplus-lines documentation where required, sync producer licensing with NIPR, retain Errors and Omissions audit trails, and support state insurance department inquiries.
- Secure the platform — detect and respond to unauthorized access attempts, fraud, and abuse; protect confidentiality and integrity of your data.
- Improve the platform — analyze aggregated, de-identified usage patterns to prioritize features and address defects. Individual tenant data is never used to train AI models for the benefit of other tenants.
- Communicate with you — about service updates, security notices, compliance deadlines, and (with separate consent) product news.
5. Legal basis for processing
For users in jurisdictions where a lawful basis is required, we process information under one or more of the following bases:
- Contract performance — most operational processing is necessary to perform the Bindlab service we have agreed to provide.
- Legal obligation— producer-licensing, surplus-lines, E&O recordkeeping, IRS records (broker fees), and other insurance regulatory recordkeeping are processed to comply with applicable law.
- Legitimate interest — security monitoring, fraud detection, aggregated analytics, and platform improvement are processed under our legitimate interest, balanced against your privacy rights.
- Consent — marketing communications, optional integrations, and any processing that requires affirmative consent (e.g., sharing data with a specific carrier on your behalf).
6. Who we share information with
We share information with the following categories of recipients, each under contracted data-protection terms:
6.1 Subprocessors
The following subprocessors help us operate the platform. The current list is maintained in our internal vendor registry and updated as it changes:
| Subprocessor | Purpose | Data accessed |
|---|---|---|
| Supabase | Authentication, database, file storage | All data at rest |
| Vercel | Application hosting, web analytics, speed insights | Routing, page metrics, user agent |
| Cloudflare | DNS and edge routing | DNS resolution only |
| Anthropic (Claude) | AI extraction, scoring, narrative generation | Submission documents and AI prompts/responses |
| Sentry | Error monitoring | Stack traces and breadcrumbs |
| Transactional email provider | Email delivery (notifications, password resets) | Recipient address and email content |
| NIPR (when integrated) | Producer license verification | Producer license records only |
| DOT Intel (when integrated) | Transportation underwriting enrichment | DOT number and queries |
| Stripe (when billing activates) | Tenant subscription billing | Tenant billing metadata |
| Seven16 Group Support | Customer support widget and ticket routing | Support conversation content and signed tenant context token |
6.2 Carriers and counterparties
When you market a submission to a carrier through Bindlab, the submission data is shared with the receiving carrier so they can quote. When you bind, policy data is exchanged with the binding carrier. Certificate holders receive only the policy data necessary for the certificate (named insureds, policy numbers, coverage limits, effective dates).
6.3 Legal and safety disclosures
We may disclose information if required by law, subpoena, court order, regulatory request from a state insurance department, or to protect the rights, property, or safety of Bindlab, our users, or others. We do not sell personal information.
7. How long we retain data
Retention periods differ by data category because insurance is a regulated industry with statutory recordkeeping requirements. The governing rules:
- Errors & Omissions records — workflow state transitions, AI operation telemetry, evidence documents, and audit trails are retained for at least 7 years after the associated tenant or policy becomes inactive.
- Tax records (broker fees, payment receipts) — retained for 7 years (IRS requirement).
- Agency contracts — retained for 10 years after termination (statute of limitations).
- Producer licensing records — retained while the producer is appointed plus 7 years (NAIC and state requirements).
- Login, device, and IP logs — retained on a rolling 2-year basis, then auto-purged.
- Crash reports — retained 90 days at our error monitoring subprocessor.
- Marketing contact data — retained until you unsubscribe, then promptly suppressed.
When a tenant offboards, data is retained per the regulatory schedules above. Identifying fields not subject to retention by law are deleted; fields subject to retention are anonymized where anonymization preserves the regulatory record, and otherwise are held in their original form with restricted access.
8. Your rights
Depending on your jurisdiction, you have rights regarding your personal information. We honor the following requests for all users, regardless of jurisdiction:
- Right to access — request a copy of the personal information we hold about you.
- Right to delete — request deletion of personal information we are not required by law to retain. See our Data Deletion page for what we can and cannot delete.
- Right to correct — request correction of inaccurate personal information.
- Right to export — request your personal information in a portable, machine-readable format.
- Right to opt out of sale or sharing — Bindlab does not sell personal information. You may opt out of any future sharing for cross-context behavioral advertising; we currently do not engage in this practice.
- Right to limit sensitive data use — restrict our use of sensitive personal information to what is necessary to provide the service.
- Right to unsubscribe — opt out of marketing communications at any time.
California residents have specific rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), including the rights above and the right to non-discrimination for exercising any of them. Residents of other states with comprehensive privacy laws have parallel rights under their respective statutes.
9. How to exercise your rights
Email privacy@bindlab.io with your request. We will verify your identity using information we already hold (typically: confirming control of your account email plus a separate confirmation step), then respond within 30 days. If we need more time, we will tell you why and when to expect a response.
We will not discriminate against you for exercising any privacy right. You may also designate an authorized agent to make a request on your behalf, subject to verification of the agent's authority.
10. Security
We protect information using a defense-in-depth approach:
- Row-level security (RLS) on every database table — every query is scoped to the requesting tenant by default.
- Encryption in transit (TLS) and at rest (platform-level).
- Application-layer encryption for sensitive fields (FEIN, SSN where applicable, banking).
- Role-based access control with least-privilege defaults; admin actions are append-only audited.
- Append-only audit trails on workflow state changes, compliance events, and AI operations.
- Authentication via Supabase Auth, with multi-factor authentication available and required for staff.
- Error monitoring and security event review.
No system is perfectly secure. If you believe an account or data has been compromised, contact security@bindlab.io immediately.
11. Cookies and analytics
We use cookies and similar technologies to:
- Authenticate sessions (required for the application to work).
- Remember preferences (required for the application to work).
- Measure aggregated site traffic via Vercel Analytics and Speed Insights (legitimate-interest basis; no cross-site tracking).
We do not use cookies for advertising, retargeting, or cross-context behavioral profiling. You can disable non-essential cookies through your browser; essential cookies are required for the platform to function.
12. International data transfers
Bindlab and its subprocessors operate in the United States. If you access the platform from outside the United States, your information will be transferred to, stored in, and processed in the United States. By using the platform you consent to this transfer. We use commercially reasonable safeguards consistent with US law to protect transferred information.
13. Children
Bindlab is a commercial platform intended for licensed insurance professionals. It is not directed to children under 18, and we do not knowingly collect personal information from children. If we learn we have collected information from a child, we will delete it promptly.
14. Changes to this policy
We may update this policy from time to time. The “Last updated” date at the top reflects when the policy was last revised. For material changes, we will notify you in-app, by email, or both. Continued use of the platform after the effective date of a change constitutes acceptance of the updated policy.
15. Contact
For privacy questions, requests, or to exercise your rights: privacy@bindlab.io.
For security concerns: security@bindlab.io.
For all other inquiries: legal@bindlab.io.