Back to Home

Privacy Policy

Last Updated: December 28, 2025

1. Introduction

Mitigation Audit LLC ("we," "us," or "our") respects your privacy and is committed to protecting the confidential business data you entrust to us. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our AI-powered pre-review Service for mitigation invoices (the "Service"). The Service is strictly for business use by insurance carriers, independent adjusters, and third-party administrators (TPAs). It is not intended for individual consumers, policyholders, restoration contractors, or public adjusters.

2. Information We Collect

We collect only the minimum data necessary to provide the Service:

  • Uploaded Content: Mitigation invoices, estimates, drying logs, photos, and related documents you submit for analysis.
  • Account & Contact Information: Name, business email address, company name, and billing/payment details provided during registration or subscription.
  • Usage & Technical Data: IP address, browser/device type, operating system, timestamps, interaction logs, and analytics data (for security, performance monitoring, abuse prevention, and service improvement).

We do not collect sensitive personal information (e.g., Social Security numbers, driver's license numbers) unless you include it in uploaded files (see Section 7).

3. How We Use Your Information

We use collected information solely to:

  • Process uploaded files through our logic engine and third-party AI processors (e.g., Google Gemini API) to generate Red Flag Reports and recommendations.
  • Deliver reports, billing receipts, service notifications, and support responses.
  • Monitor and improve the Service (using only anonymized, aggregated data – e.g., "90% of Category 3 claims show this common error pattern").
  • Prevent fraud, abuse, or unauthorized access.

No Public AI Training

We use enterprise-grade API settings that, to the best of our knowledge and agreements with providers, do not use your specific uploaded content to train or improve public AI models.

4. Data Retention & Deletion

  • Uploaded files (PDFs, photos, etc.) are automatically deleted from our active servers 30 days after report generation to minimize security risk.
  • Generated reports are retained in your account history for your reference unless you request deletion.
  • Upon account closure or deletion request, we will delete all associated data within 30 days, except as required by law (e.g., for billing records).

5. Data Sharing & Disclosure

We do not sell, rent, or trade your information. We share data only in these limited cases:

  • Service Providers: Trusted vendors who assist in operating the Service (e.g., Stripe for payments, Google Cloud for hosting/AI), bound by strict confidentiality and data protection obligations.
  • Legal Requirements: If compelled by law, court order, subpoena, regulatory request, or to protect the rights, property, or safety of Mitigation Audit LLC.

Zero Policyholder or Contractor Contact

We never share data with, nor do we ever communicate with, policyholders, restoration contractors, public adjusters, or any non-carrier/TPA parties.

6. Payment Information

Payments are processed exclusively through Stripe. We do not store your credit card details on our servers. All payment data is encrypted and handled directly by Stripe in compliance with PCI-DSS standards.

7. Your Responsibility for PII

While we secure our systems, you are solely responsible for redacting or anonymizing Sensitive Personally Identifiable Information (PII) (e.g., policyholder Social Security numbers, dates of birth, full home addresses) from documents before uploading, in compliance with your internal policies and applicable law. You agree to indemnify, defend, and hold us harmless from any claims, losses, or damages arising from your failure to redact PII or from uploading non-compliant or unlawful data.

8. Security

We implement industry-standard technical, administrative, and physical safeguards, including encryption in transit (TLS) and at rest, access controls, and monitoring to protect against unauthorized access, loss, or alteration. However, no method of transmission over the Internet or electronic storage is 100% secure. You use the Service at your own risk. In the event of a data breach, we will notify affected users and regulators as required by applicable law.

9. Your Rights

You may request to access, correct, delete, or receive a copy of your account information or uploaded data by emailing info@mitigationaudit.com. We will verify your identity and respond within 30 days (or as required by law). We do not sell personal information, so no opt-out is required.

10. Children's Privacy

The Service is not directed to individuals under the age of 18, and we do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last Updated" date at the top indicates when changes take effect. Continued use of the Service after posting revised terms constitutes acceptance. If changes are material, we will provide notice (e.g., email or prominent site banner) where practicable.

12. Contact Us

For questions, requests, or concerns regarding this Privacy Policy:

Email: reviews@mitigationaudit.com
Mitigation Audit LLC
Glastonbury, CT