Privacy Policy


Effective Date: 07/24/2023

This Privacy Policy governs the data management practices of XILO, and applies to three main entities (users) within our platform:

  1. Customers: These are companies that have signed up and utilize our platform, primarily companies who sell insurance.
  2. Admins and Agents (also known as “Users”): People associated with our Customers, who operate on our platform to manage and facilitate their insurance-related activities. Admins and Agents, broadly referred to as “Users” are an essential part of the platform's functionality and handle data on behalf of our Customers.
  3. Clients: The individuals whom our Users interact with on behalf of our Customers. These Clients may seek insurance services, and their data is processed by our platform to enable efficient and tailored service delivery.

At XILO, we are dedicated to safeguarding the privacy and security of all entities involved in our platform's operations and committed to protecting the privacy and confidentiality of personal information that we collect, process, and store. This Privacy Policy outlines how we handle personal information, Customer and Client rights regarding their personal information, and our commitment to compliance with applicable privacy laws, including the General Data Protection Regulation (GDPR) and SOC II.

Personal Information We Collect

We collect the following categories of personal information:

  • Identifiers and Contact Information: When a Customer registers to utilize XILO's services, or when a Client's data is submitted to XILO (either by a User or through a personally filled-out form), we may collect their name, email address, company name, job title, and address(es).
  • For the Clients of our Customers: When Clients sign up for and/or use our services and platform, we collect information such as their name, email address, mailing address, phone number, job title, payment and billing information, and any other information provided by the user.
  • Information Used by the Customer on the Client: This includes information required to process an insurance quote, such as the Personally Identifiable Information (PII) mentioned above, drivers' license numbers, uploaded documents, prior insurance declaration pages, vehicle details including identification numbers, property addresses and information, policy identification numbers, and information on business employees. We handle this information with the utmost care and in compliance with applicable data protection regulations.

Additionally, when our customers or their clients visit our website or use our platform, we automatically collect the following information:

  • Internet Protocol Address (IP address): We receive Customers’ and Clients’ IP addresses from their Internet browser each time they request a file or web page from our website.
  • User-Agent: We receive information automatically sent by their web browser, including the type of device used and the date/time of visit.
  • Information collected by cookies and similar technologies: We may use cookies and similar technologies to collect information that helps us understand and improve the performance of our website and platform. Please refer to our Cookie Policy for more information

How We Use Personal Information

We use personal information for the following purposes:

  • Providing and operating our services and platform.
  • XILO enables its Customers to gather necessary information from their Clients to facilitate insurance quoting, policy renewal, or other relevant interactions. The information collected is seamlessly integrated into various third-party systems, known to the Users, to facilitate insurance-related processes and ensure smooth communication between the Users and their Clients.
  • XILO gathers contact information from Clients to enable Users to communicate with them efficiently through text and, or email while utilizing the XILO platform. We prioritize seamless and secure communication to enhance the overall service experience.
  • Communicating with Customers and Clients regarding our services, including support and inquiries. 
  • Personalizing and improving Customer and Client experience with our services.
  • Conducting marketing and promotional activities, subject to Customer and Client  preferences and choices.
  • Analyzing website usage and trends to enhance our services.
  • Complying with legal obligations and resolving disputes.
  • Protecting our rights, property, and safety, and that of our users.
  • Legal Bases for Processing Personal Information

We rely on the following legal bases for processing personal information:

  • Contractual Necessity: Processing personal information is necessary to fulfill our contractual obligations to our Customers and Clients.
  • Legitimate Interests: Processing personal information is based on our legitimate interests, such as improving our services and conducting marketing activities.
  • Consent: We may seek Customer or Client consent for specific processing activities, and they have the right to withdraw their consent at any time.
  • Legal Obligations: Processing personal information is necessary to comply with applicable laws and regulations.

Sharing Personal Information

We may share personal information with the following parties:

  • Customer Software Systems: Systems that we integrate into in order to provide service to our Customers based on their need to integrate the information 
  • Trusted Service Providers: We engage trusted third-party service providers who assist us in operating our business and providing our services.
  • Compliance with Legal Obligations: We may disclose personal information to comply with legal obligations, enforce our policies, protect our rights, or respond to legal requests.
  • Affiliated Companies: Personal information may be shared with our subsidiaries, affiliates, or strategic partners for the purposes of providing our products and services and managing our global organization.
  • Corporate Activity: In the event of a merger, acquisition, or corporate reorganization, personal information may be transferred to the acquiring company.

We do not sell or rent personal information to third parties.

Security Measures

We implement appropriate technical and organizational security measures to protect personal information from unauthorized access, disclosure, alteration, or destruction. These measures include encryption technologies, access controls, password management, vulnerability management, and secure software development protocols.

Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Generally, we retain personal information for the duration of Customer and Client use of our services and platform and for a reasonable period afterward. Additionally, we have implemented the following data retention policies:

  1. Termination of Customer Contract: In the event of non-renewal or cancellation of a Customer contract, XILO retains agency PII and PII of their customers for a period of 120 days. After the 120 day retention period, all personally identifiable information (PII) is irreversibly anonymized.
  2. Client Data Removal Request: If a Client of a Customer requests the removal of their data from our system, XILO retains the data for a period of 60 days. After the 60 day retention period, all personally identifiable information (PII) is irreversibly anonymized.

Please note that these retention periods are subject to change based on any applicable legal or regulatory requirements.

Customer and Client Rights

Customers and Clients have the following rights regarding their personal information:

  • Right to Access: Customers and Clients can request access to their personal information held by us.
  • Right to Rectification: Customers and Clients may request to correct or update their personal information if it is inaccurate or incomplete.
  • Right to Erasure: Customers and Clients can request the anonymization of their personal information under certain circumstances.
  • Right to Restrict Processing: Customers and Clients can request to restrict the processing of their personal information in certain situations.
  • Right to Data Portability: Customers and Clients have the right to receive a copy of their personal information in a structured, commonly used, and machine-readable format.
  • Right to Object: Customers and Clients can object to the processing of their personal information based on legitimate interests.
  • Right to Withdraw Consent: If we rely on Customers and Clients consent for processing personal information, Customers and Clients have the right to withdraw consent at any time.

To exercise Customers and Clients rights or if Customers and Clients have any questions or concerns regarding their personal information, please contact us at

Customer Privacy Policies

At XILO, we understand that our Customers may have their own privacy policies that they adhere to. We acknowledge and respect the privacy practices they have in place. However, when our Customers use our platform and services, they also agree to abide by XILO's Privacy Policy. This means that while our Customers may have their own policies for their business operations, any personal information processed through our platform is subject to XILO's privacy practices. Rest assured that we are committed to protecting the privacy and security of all personal information collected, processed, and stored within our platform. Our dedication to safeguarding your data aligns with the principles outlined in our comprehensive Privacy Policy, which is designed to be in compliance with SOC II and GDPR standards.

Changes to the Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We encourage you to review the Privacy Policy periodically for any updates.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices.
Corza Technologies Inc.
San Diego, California 92130
Email Address
Phone Number
You successfully subscribed!
Oops! Something went wrong while submitting the form.