Plain-English explanation of what Claimory collects, how it is protected, who can see it, and what happens when you cancel. Last updated May 18, 2026. The full legal privacy policy is on this page below.
Claimory collects what is needed to run a collision claim: shop profile (business name, address, phone), team member accounts (name, email, role), claim records (customer, vehicle, VIN, carrier, claim number, repair milestones, supplements, photos, notes), customer contact information (name, phone, email), and payment information processed by Stripe. Claimory does not store raw card numbers. Stripe handles PCI-DSS compliance. Usage data (which features are used, session length, error events) is collected to improve the product. No claim content is sold to third parties, ever.
Every Claimory workspace is isolated at the database level using Postgres row-level security. A user on one workspace cannot query, read, or access any data from another workspace. This applies even if two shops share a user email. Claimory support staff can access workspace data only when explicitly requested by the workspace owner for troubleshooting purposes, and this access is logged.
Claimory is CCPA-aligned for California residents. You can request a copy of all personal data, request deletion, and opt out of any sale of personal information (Claimory does not sell personal data). For GDPR purposes, Claimory acts as a data processor for your shop's customer data. You control it. Claimory provides the tools. A data processing agreement is available on request for Enterprise customers.
When you cancel, your data does not disappear immediately. You have 30 days to request a copy of your data, including claims, supplements, photos, customer records, and financial summaries. Email privacy@claimory.io and Claimory will provide it within the timeframe required by applicable law. After 30 days, data is queued for deletion and cannot be recovered.
Yes, to generate drafts and audits. The AI reads the claim file you are actively working on. AI prompts use claim context only and are never used to train provider models.
Support staff can access your workspace only when you explicitly request help and provide consent for that session. This access is logged. No Claimory staff can access your workspace silently.
You have 30 days to request a copy of your data, including claims, supplements, customer records, photos, and financials. Email privacy@claimory.io and Claimory will provide it within the timeframe required by applicable law. After 30 days, the data is queued for deletion.
Claimory is not a healthcare platform and does not handle protected health information (PHI) as defined by HIPAA. Collision repair claim data is not medical data. If your shop has specific compliance questions, email support@claimory.io.