cafelite.insure Request demo →
Legal

Privacy Policy

Effective date: 9 April 2026

This Privacy Policy explains how cafelite.insure ("we", "us", or "our") collects, uses, stores, and shares information when you use our platform and related services (the "Service"). By using the Service, you consent to the practices described in this policy.

1. Information We Collect

1.1 Account Information

When you register, we collect your name, email address, and organisation details through our authentication provider (Clerk). We do not store passwords directly.

1.2 Client & Policy Data

You upload and create data within the Service including client details, contact information, policy documents (PDFs), claims data, task records, and related notes. This data is provided by you and processed on your behalf.

1.3 Email Data

If you connect a Gmail or Outlook account, we access and store email messages, threads, and attachments for the purpose of classification, linking to policies/claims, and task generation. We use OAuth for authentication and do not store your email password.

1.4 Documents & Files

Files you upload (policy schedules, supporting documents, .msg files) are stored in our cloud infrastructure and tagged for organisation within the Service.

1.5 Usage & Audit Data

We maintain field-level audit logs of all data mutations within the Service, including timestamps, user identity, and change details. This supports compliance and accountability.

2. How We Use Your Information

We use collected information to:

  • Provide, operate, and maintain the Service;
  • Extract and structure data from uploaded policy documents using AI;
  • Classify and analyse synced emails for intent, policy/claim linkage, and task generation;
  • Generate Record of Advice summaries;
  • Manage claims workflows, task boards, and renewals;
  • Maintain audit trails for compliance purposes;
  • Communicate with you about the Service.

3. AI Providers & Third-Party Data Processing

This section is important. Please read it carefully.

The Service uses third-party artificial intelligence providers — including Anthropic (Claude models) — to power features such as PDF extraction, email classification, and Record of Advice generation. When you use these features, relevant data (including document content, email text, and client information) is transmitted to these AI providers for processing.

You acknowledge and agree that:

  • We have disabled all available options for AI providers to use your data for model training. However, we cannot guarantee or verify that third-party AI providers honour these settings in all circumstances;
  • Once data is transmitted to a third-party AI provider, we have no control over how that provider stores, processes, retains, or uses the data, notwithstanding any contractual or technical safeguards we have put in place;
  • AI providers are governed by their own privacy policies and terms of service, which may change without notice to us;
  • We are not liable for any data handling practices of third-party AI providers beyond our reasonable control;
  • You should not upload data to the Service that you are not willing to have processed by third-party AI providers, if you use AI-powered features.

We encourage you to review the privacy policies of our AI providers:

4. Email & Communication Platforms

When you connect an email account or other communication platform to the Service:

  • We process emails and communications solely within the scope of the Service's functionality;
  • We have no control over the delivery, routing, filtering, or storage of emails by your email provider (Google, Microsoft, or any other provider);
  • We are not responsible for any spam, phishing, unsolicited, or unwanted messages that you receive or that are sent from your account, whether or not they were processed, classified, or triggered by the Service;
  • We are not liable for any consequences arising from emails or communications sent or received through third-party platforms connected to the Service;
  • Email provider terms and privacy policies apply to your email data independently of this policy.

5. Data Storage & Security

Your Data is stored using cloud infrastructure providers with industry-standard security measures. We implement reasonable technical and organisational safeguards including:

  • Multi-tenant data isolation (brokerage data is fully segregated);
  • Role-based access control;
  • OAuth-based authentication (no password storage);
  • Field-level audit logging.

Despite these measures, no system is completely secure. We cannot guarantee that Your Data will not be accessed, disclosed, altered, or destroyed as a result of a breach of our safeguards. You use the Service at your own risk.

6. Data Sharing

We do not sell your personal information. We may share Your Data with:

  • AI providers — as described in Section 3, to deliver AI-powered features;
  • Infrastructure providers — for hosting, storage, and service delivery;
  • Authentication providers — for account management and access control;
  • Legal authorities — if required by law, regulation, or legal process.

7. Data Retention

We retain Your Data for as long as your account is active or as needed to provide the Service. Audit logs are retained for compliance purposes. Upon account termination, we will delete or anonymise Your Data within a reasonable period, except where retention is required by law.

8. Your Rights

Subject to applicable South African law, including the Protection of Personal Information Act (POPIA), you may have the right to:

  • Access the personal information we hold about you;
  • Request correction of inaccurate information;
  • Request deletion of your personal information;
  • Object to or restrict certain processing;
  • Withdraw consent (where processing is based on consent).

To exercise any of these rights, contact us at hello@cafelite.insure.

9. Children

The Service is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the effective date at the top of this page. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact

For any questions or concerns about this Privacy Policy or our data practices, contact us at hello@cafelite.insure.