What I collect, and why.

Short version: I collect the stuff you explicitly send me (the submission, the attachments, your contact info), plus standard web analytics. I use it to respond to you, run risk work, and improve the product. I don't sell it. I don't share it with carriers unless you've asked me to place coverage. You can tell me to delete it any time.

1. Who's collecting

UpFront Risk Solutions, LLC("UpFront Risk," "RiskWritr," "I," "me"), a Pennsylvania LLC. Contact: scott@upfrontrisk.io.

2. What I collect

What you voluntarily give me

• Identity & contact: your name, email, phone, agency or company name.
• Submission details:the insured's business name and industry, your intent (demo, risk review, quote), notes you type.
• Agency profile (optional): premium volume, commercial experience, lines written, tech stack, coaching networks — so I can actually help you, not pitch-slap you with generic nonsense.
• Uploaded documents: applications, loss runs, policies, schedules, COIs, leases, photos, fact finders, CSVs, whatever. These frequently contain personal information about third parties (insureds, drivers, employees, etc.). Section 7 covers that.

What I collect automatically

• Technical data: IP address, browser, device type, pages viewed, timestamps, referrer. Standard web stuff.
• Cookies: session cookies to keep the site working. No advertising cookies. No cross-site trackers.

3. Why I collect it

• To respond to your submission and actually run the work you asked me to run.
• To place you in the right workflow (demo, risk review, quote) so you're not stuck in a generic sales queue.
• To improve RiskWritr's intake, enrichment, and proposal logic.
• To keep the platform secure and operational.
• To meet legal, tax, and regulatory obligations.

4. Legal basis (for folks who care)

• Consent — you gave it by filling out the form and clicking send.
• Contract performance — I need this data to do what you asked.
• Legitimate interests — operating and improving a platform that agents actually want to use.
• Legal obligation — record-keeping required by insurance regulators, tax authorities, etc.

5. Who sees it

I share data with a small set of vendors, only as needed to run the platform:

I do notsell your data. I do not share it with advertisers. I do not share it with carriers unless you've asked me to place or market coverage on your behalf. If a carrier or wholesaler is ever brought in, I'll tell you first.

6. Your rights

Depending on where you live, you may have the right to:

• Access the data I hold about you
• Correct it if it's wrong
• Delete it
• Port it (get a copy in a portable format)
• Opt out of certain processing
• Complain to a regulator

Email scott@upfrontrisk.iowith "Privacy request" in the subject line and I'll respond within 30 days. Usually same-day, honestly.

7. Third-party data in uploads

When you upload a loss run, COI, schedule, or application, it almost always contains personal data about people who aren't you — insureds, employees, drivers, tenants, named parties. By submitting those documents, you confirm you have the authority to share that data with me for the purpose stated in your submission (demo, risk review, quote). I treat that data with the same care as your own, and I'll purge it per the data retention policy.

8. Children

This site isn't for anyone under 18. I don't knowingly collect data from minors. If you think a minor sent me something, email me and I'll delete it.

9. International

I'm based in the US. Data is stored and processed in the US. If you submit data from outside the US, you're consenting to that transfer.

10. Changes

If I materially change this policy, I'll update the "Last updated" date at the top and post a note on the Legal hub. If the change is material and affects existing users, I'll email you.

11. Contact

UpFront Risk Solutions, LLC
Scott Henman — Founder / DPO (yes, same person)
scott@upfrontrisk.io