Privacy Policy

AXIUMS is a commission tracking platform for licensed life insurance agents, operated by Axium LLC. This Privacy Policy describes what information we collect, how we use it, who we share it with, and the choices you have. By using AXIUMS, you agree to the practices described here.

• Account information — your name and email address, captured through our authentication provider (Clerk).
• Carrier portal credentials — the username and password you provide so we can sync your book of business. Credentials are encrypted with AES-256 before they touch our database and are never stored in plain text.
• Policy and commission data — policies, premiums, statuses, commission amounts, chargebacks, and override records pulled from carrier portals on your behalf.
• Payment information — subscription payments are processed by Stripe. We never see or store your card number.
• Gmail read-only access (optional) — used solely to read Mutual of Omaha MFA verification codes during automated syncs. You may decline or revoke this at any time.
• Usage data — sync logs, login timestamps, and similar operational telemetry needed to keep the service running and to support you.

• To provide commission tracking and carrier sync services.
• To calculate and display commission breakdowns, overrides, and chargebacks.
• To send account and billing notifications you’d expect to receive.
• To improve and secure the platform.

We do not sell your data, and we do not use your policy data to train machine-learning models.

• AES-256 encryption for all carrier credentials at rest. Decryption only occurs at the moment of an authorized sync and is never logged.
• Application data is stored in Supabase (PostgreSQL) with encryption at rest.
• HTTPS/TLS is enforced for all data in transit.
• Carrier credentials are never exposed to the frontend.
• Session recordings captured during automated syncs are automatically deleted after 60 days.

We rely on a small number of vetted vendors to operate AXIUMS:

• Clerk — authentication (clerk.com/privacy)
• Stripe — billing (stripe.com/privacy)
• Anchor Browser — carrier portal automation (anchorbrowser.io)
• Supabase — database hosting (supabase.com/privacy)
• Vercel — application hosting (vercel.com/legal/privacy-policy)
• Google — optional Gmail OAuth (policies.google.com/privacy)

Each vendor has its own privacy policy and processes only the data required for the function above.

• Account data is retained while your subscription is active.
• Account data is deleted within 30 days of subscription cancellation on your request.
• Sync recordings are auto-deleted after 60 days.
• Carrier credentials are deleted immediately when you disconnect the carrier from your account.

• Access your data at any time from inside the app.
• Delete your account and all associated data.
• Disconnect any carrier or your Gmail integration at any time.
• Request an export of your data by contacting us at the address below.

• We request read-only Gmail access solely to read Mutual of Omaha MFA verification codes.
• We never read, store, or process any other email content.
• Gmail access can be revoked at any time from Settings.
• We do not share Gmail data with any third party.

Questions about this policy or a data request? Email kylelaktasic.pinnacle@gmail.com.

We may update this Privacy Policy from time to time. We will notify users of material changes via email to the address on file before they take effect.