This Privacy Policy explains how Remedy Marketing LLC ("Company," "we," "us," or "our") collects, uses, stores, and shares information in connection with the Prospect platform ("Platform") available at useprospect.io. Please read this Policy carefully before using Prospect.
This Policy applies to two distinct categories of individuals: Agency Users — insurance agencies, brokers, and other businesses that create accounts on Prospect to build funnels and run advertising campaigns; and End Users — insurance consumers who interact with quiz funnels built and published by Agency Users. These two categories are treated differently throughout this Policy because Prospect plays a different role with respect to each. For Agency Users, we are the data controller. For End Users whose data is collected through Agency User funnels, we act as a data processor on behalf of the Agency User, who is the data controller.
1. Information We Collect
1.1 From Agency Users (Platform Accounts)
When you register for and use Prospect, we collect the following categories of information:
- Identity and contact information: your name, email address, and business name
- Billing and payment information: payment method details submitted at checkout. All payment processing is handled by Stripe, Inc. We do not store your full card number, CVV, or other raw payment credentials on our servers. Stripe's privacy policy governs how your payment data is handled and is available at stripe.com/privacy
- Meta integration data: Meta ad account IDs, Business Manager IDs, OAuth access tokens (stored encrypted), and related advertising account metadata you authorize us to access
- Platform usage data: pages visited within the platform, features used, funnel configurations created, campaign settings, session timestamps, and error logs
- Device and technical data: IP address, browser type and version, operating system, referring URLs, and session identifiers
- Communications: emails, support tickets, chat messages, feedback, and other communications you send to us
- Feedback and suggestions: ideas, feature requests, or other input you provide (see Terms of Service Section 27 regarding IP assignment)
1.2 From End Users (Funnel Respondents)
When an insurance consumer completes a funnel built on Prospect, we collect and store that data on behalf of the Agency User. The specific data collected depends on how the Agency User has configured their funnel. It may include:
- Contact information: name, email address, phone number
- Insurance-related responses: type of coverage sought, current coverage status, preferences
- Demographic information: age, date of birth, household size, ZIP code
- Financial information: income range, homeownership status
- Health-related information: general health status, Medicare eligibility, prescription drug use, or other health-related questions (for health, Medicare, or ACA-related funnels)
- Quiz answers and tags: all responses submitted during the funnel flow, along with system-generated intent tags derived from those answers
- Attribution data: UTM source, UTM medium, UTM campaign, UTM content, UTM term, Facebook click ID (fbclid), referring URL, and landing page URL
- Technical data: IP address, browser type, device type, session ID, funnel ID, and timestamp of submission
Important: Prospect does not determine what questions Agency Users ask in their funnels. The scope of data collected from End Users is entirely within the control of the Agency User. Agency Users are solely responsible for obtaining appropriate consent from End Users and for their own compliance with applicable privacy laws including HIPAA (if applicable), CCPA, TCPA, and state insurance regulations.
2. How We Collect Information
2.1 Information You Provide Directly
We collect information you provide when you create an account, connect your Meta account, build funnels, configure campaigns, contact support, or otherwise interact with the platform.
2.2 Information Collected Automatically
When you use the Prospect platform (app.useprospect.io), we automatically collect certain technical and usage data through the following tools:
- Google Analytics 4 (GA4): We use GA4 to understand how Agency Users navigate and use the platform. GA4 collects usage patterns, page views, session duration, and device information. Google's privacy policy applies to data collected by GA4 and is available at policies.google.com/privacy
- Meta Pixel: We have deployed the Meta Pixel on our platform to measure the effectiveness of our own marketing campaigns and to understand how users who clicked on our ads interact with the platform. The Meta Pixel may collect browsing behavior and device information. Meta's data policy applies and is available at facebook.com/policy
- Microsoft Clarity or PostHog: We use a session analytics tool (currently being evaluated between Microsoft Clarity and PostHog) to record anonymized session replays, heatmaps, and user interaction patterns. This helps us identify usability issues and improve the platform. These tools may capture mouse movements, clicks, and page interactions but are configured to mask sensitive form fields. We will update this Policy when a final selection is made.
2.3 Information from Third Parties
We may receive information about you from third-party sources including Meta (when you connect your ad account), Stripe (payment confirmation and billing status), and referral sources that directed you to Prospect.
3. How We Use Information
3.1 Agency User Data
We use information collected from Agency Users to:
- Create and manage your account and workspace
- Process payments through Stripe and send billing receipts
- Connect to and interact with your Meta ad accounts on your behalf
- Provide, operate, maintain, and improve the Prospect platform
- Send transactional communications including account confirmations, security alerts, and billing notices
- Send product updates, feature announcements, and marketing communications (you may opt out of marketing emails at any time)
- Provide customer support and respond to your inquiries
- Monitor platform security, detect fraud, and prevent abuse
- Analyze aggregate usage patterns to improve the platform and develop new features
- Comply with legal obligations
3.2 End User Data
We process End User data solely on behalf of Agency Users for the following purposes:
- Storing lead records and making them available in the Agency User's Prospect dashboard
- Delivering lead data to third-party CRM or lead management tools connected by the Agency User
- Sending server-side conversion events to Meta via the Conversions API (CAPI) on behalf of Agency Users for advertising attribution and optimization purposes
- Generating performance reports and attribution analytics for Agency Users
We do not sell End User data. We do not use End User data to build advertising audiences or profiles for our own marketing purposes.
3.3 Aggregated and Anonymized Data
In the future, we may use aggregated, anonymized, and de-identified data derived from across the Prospect platform (including Agency User campaign data and funnel performance data) to generate industry benchmarks, performance insights, and anonymized trend reports. For example, we may share or publish insights such as "the average cost per lead for auto insurance funnels on Prospect is $X." This aggregated data will not identify any individual Agency User, End User, or specific campaign. We will update this Policy before implementing any such use of aggregated data.
4. Sensitive Information
Some funnels built on Prospect may collect categories of information that are considered sensitive under applicable law, including general health information, income and financial data, and Medicare or ACA eligibility information. With respect to such sensitive data:
- We collect and store it only as a data processor acting on behalf of the Agency User
- We do not use sensitive End User data for any purpose other than operating the platform as instructed by the Agency User
- We do not sell, share, or otherwise process sensitive data for our own commercial purposes
- We apply the same or greater security standards to sensitive data as to other personal information
If you are an insurance consumer who submitted health or financial information through a funnel, the insurance agency operating that funnel is the data controller for your information. Please refer to that agency's own privacy policy for details on how your data is handled, stored, and shared.
5. Meta Conversions API (CAPI)
Prospect automatically sends server-side conversion events to Meta's Conversions API on behalf of Agency Users when a lead is captured through a funnel. This is a standard advertising attribution mechanism that helps Agency Users understand which of their Meta ads are generating leads.
When a lead is submitted, we transmit the following data to Meta in hashed form using SHA-256 encryption: Email address (hashed); Phone number (hashed, if collected); IP address and user agent string.
This transmission occurs server-side (not from the browser) and is done on behalf of and at the direction of the Agency User. The event name sent is "Lead" along with the funnel ID and relevant campaign metadata. Meta's use of this data is governed by Meta's own Data Policy and Terms of Service. Agency Users are responsible for ensuring their use of CAPI complies with Meta's requirements, including having a lawful basis for sharing user data with Meta.
6. Cookies and Tracking Technologies
6.1 On the Prospect Platform (app.useprospect.io)
We use the following types of cookies and tracking technologies on the Prospect platform:
- Strictly necessary cookies: Required for the platform to function, including authentication session cookies and security tokens. These cannot be disabled.
- Analytics cookies: Set by Google Analytics 4 and our session analytics tool to help us understand how the platform is used. These are persistent cookies that track usage across sessions.
- Advertising cookies: Set by the Meta Pixel to measure the effectiveness of our own marketing campaigns. These cookies may track your activity across other websites that use Meta's tools.
6.2 On Funnels (funnels.useprospect.io)
On funnels hosted by Prospect on behalf of Agency Users:
- Session storage: We use browser session storage (not cookies) to temporarily maintain funnel state, including your answers, attribution parameters, and session ID. This data is cleared when your browser session ends.
- Attribution tracking: UTM parameters and fbclid are captured from the URL on funnel load and stored with your lead record when you submit the form.
- Agency User pixels: Agency Users may configure their own Meta Pixel, Google Analytics, or other tracking pixels to fire on their funnels. Prospect facilitates this pixel injection but does not control or have access to the data these third-party tools collect. The Agency User is responsible for their pixel configuration and compliance.
6.3 Cookie Choices
Most browsers allow you to control cookies through browser settings. Disabling certain cookies may affect the functionality of the Prospect platform. For analytics and advertising cookies, you may also opt out through Google's opt-out tools (tools.google.com/dlpage/gaoptout) or Meta's ad preferences settings.
7. Data Sharing and Disclosure
We do not sell personal information. We may share information in the following circumstances:
- Stripe (Payment Processing): We share billing information with Stripe, Inc. to process payments. Stripe is PCI-DSS compliant and acts as an independent data controller for payment data. Stripe's privacy policy applies to information shared with Stripe.
- Supabase (Database Hosting): End User lead data and Agency User account data is stored in Supabase's managed Postgres database infrastructure. Supabase processes this data as a service provider under our direction.
- Netlify (Hosting Infrastructure): Our platform and public funnel runtime are hosted on Netlify. Netlify may process request logs and technical data as part of serving the platform.
- Meta (Conversions API): As described in Section 5, we transmit hashed End User data to Meta via CAPI on behalf of Agency Users.
- Google, Meta, and Analytics Providers: As described in Section 6, these providers receive usage and behavioral data through their analytics and pixel tools deployed on our platform.
- CRM and Third-Party Integrations: Agency Users may connect third-party CRM tools (such as GoHighLevel, HubSpot, or others) to receive lead data from their funnels. Data sent to these tools is done at the direction of and under the control of the Agency User.
- Legal Requirements: We may disclose information to comply with a legal obligation, respond to a valid subpoena, court order, or government request, or to protect the rights, property, or safety of Remedy Marketing LLC, our users, or the public.
- Business Transfers: If Remedy Marketing LLC is acquired, merges with another company, or sells substantially all of its assets, your information may be transferred to the successor entity. We will notify Agency Users of any such transfer by email or through the platform.
- With Your Consent: We may share your information for any other purpose with your explicit prior consent.
8. Data Retention
8.1 Agency User Account Data
We retain your account information, campaign data, and funnel configurations for as long as your account is active. Following account termination or cancellation, we will retain your data for up to 90 days to allow for account recovery, after which it will be deleted or anonymized. Billing records and transaction history may be retained for up to 7 years for tax and legal compliance purposes.
8.2 End User Lead Data
Lead data collected through Agency User funnels is retained for as long as the Agency User's account remains active. When an Agency User's account is terminated, their lead data will be deleted within 90 days following the end of the 90-day account recovery window described above. Agency Users may request deletion of specific lead records at any time through the platform or by contacting us. We will establish a formal data retention policy with specific time limits in a future update to this Policy.
8.3 Analytics and Log Data
Technical logs, analytics data, and session data collected for platform operations are retained for up to 12 months, after which they are deleted or anonymized.
9. Data Security
We implement industry-standard technical and organizational security measures to protect personal information, including:
- Encryption of sensitive data fields at rest, including Meta OAuth tokens and other credentials
- HTTPS/TLS encryption for all data transmitted between your browser and our servers
- Role-based access controls limiting which personnel can access personal data
- Row-level security (RLS) in our database layer ensuring workspace data isolation between Agency Users
- Regular security reviews of our infrastructure and third-party dependencies
Despite these measures, no system is completely secure. We cannot guarantee that unauthorized third parties will never be able to defeat our security measures. In the event of a data breach affecting your personal information, we will notify you in accordance with applicable law and as described in Section 22 of our Terms of Service.
10. Your Privacy Rights
10.1 General Rights
Depending on your jurisdiction, you may have the following rights with respect to your personal information:
- Right to access: Request a copy of the personal information we hold about you
- Right to rectification: Request that we correct inaccurate or incomplete information
- Right to erasure: Request that we delete your personal information, subject to certain legal exceptions
- Right to restriction: Request that we limit how we use your information
- Right to data portability: Request a copy of your information in a structured, machine-readable format
- Right to object: Object to our processing of your information in certain circumstances
To exercise any of these rights, please contact us at aaryan@hireremedy.com. We will respond within 30 days or such shorter period as required by applicable law. We may need to verify your identity before fulfilling your request.
10.2 California Residents (CCPA)
If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
- Right to know: Request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the business purpose for collecting it, and the categories of third parties with whom we share it
- Right to delete: Request deletion of your personal information, subject to certain exceptions
- Right to correct: Request correction of inaccurate personal information
- Right to opt out of sale or sharing: We do not sell personal information. We do not share personal information for cross-context behavioral advertising purposes except as described in this Policy
- Right to non-discrimination: We will not discriminate against you for exercising your CCPA rights
To submit a CCPA request, contact us at aaryan@hireremedy.com with the subject line "CCPA Privacy Request." If you are an insurance consumer whose data was collected through an Agency User's funnel, the Agency User is the data controller for that information and you should direct your request to them directly.
10.3 Other State Privacy Laws
If you are a resident of Virginia, Colorado, Connecticut, Texas, or another state with a comprehensive privacy law, you may have similar rights to those described above. We will honor privacy rights requests from residents of all U.S. states to the extent required by applicable law. Contact us at aaryan@hireremedy.com to submit a request.
11. Children's Privacy
The Prospect platform is directed to businesses and is not intended for individuals under the age of 18. We do not knowingly collect personal information from anyone under 18. Agency Users are strictly prohibited from creating funnels designed to collect information from children under 13, and from targeting advertising campaigns at minors. If we become aware that we have collected personal information from a minor without appropriate consent, we will take steps to delete that information promptly. If you believe we have inadvertently collected information from a minor, please contact us at aaryan@hireremedy.com.
12. International Users
Prospect is operated in the United States and is intended for use by U.S.-based businesses. If you access the platform from outside the United States, please be aware that your information will be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using Prospect, you consent to the transfer of your information to the United States.
13. Data Processing Roles — Agency Users as Data Controllers
This section clarifies the relationship between Remedy Marketing LLC and Agency Users with respect to End User data collected through funnels.
Agency Users are the data controllers for all personal information collected from insurance consumers through funnels they create on Prospect. This means Agency Users determine the purpose and means of processing that data — including what questions to ask, how to use the leads, and which third-party tools to send the data to.
Remedy Marketing LLC acts as a data processor with respect to End User data, processing it only on behalf of and under the instructions of the Agency User. Agency Users acknowledge and agree that they are responsible for:
- Having a lawful basis for collecting personal information from End Users
- Providing End Users with a compliant privacy notice and obtaining any required consent
- Ensuring their funnels and data collection practices comply with TCPA, CCPA, CAN-SPAM, HIPAA (if applicable), and all other applicable laws
- Responding to End User privacy rights requests relating to data collected through their funnels
14. Third-Party Links and Services
Funnels built on Prospect and our platform may contain links to external websites or services operated by third parties. We are not responsible for the privacy practices or content of those third-party sites. The fact that we link to a site does not constitute an endorsement. We encourage both Agency Users and End Users to review the privacy policies of any website they visit.
15. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify Agency Users by email to the address associated with your account and by posting a notice on the platform at least 14 days before the changes take effect. The updated effective date will always be reflected at the top of this document. Your continued use of Prospect after changes take effect constitutes your acceptance of the updated Policy. We encourage you to review this Policy periodically.
16. Contact Us
If you have questions, concerns, or requests related to this Privacy Policy or our data practices, please contact us:
Remedy Marketing LLC
Email: aaryan@hireremedy.com
Website: useprospect.io
We take privacy inquiries seriously and will respond within 30 days of receiving your request.