PEARL. Insurance
Marketplace
Sign In Start Quote
Trust Center

Paranoid, Professionally.

You hand us your name, birthday, address and the keys to your risk profile. Here is exactly what we do with it, how it's protected, and what we refuse to do.

The architecture
// 01

Encryption At Rest

Sensitive PII fields — birthdays, addresses, phone numbers — are sealed with AES-based envelope encryption before they touch a disk.

// 02

Encryption In Transit

TLS everywhere, HSTS enforced, no exceptions.

// 03

The Carrier Vault

Seller carrier credentials live in an audited vault with per-agency envelope keys; every read is logged with who and why.

// 04

Least Access

Your data reaches exactly one seller — the one the algorithm routed your order to. Losing bidders never see it.

// 05

Full Audit Trail

Logins, binds, coverage changes, credential access — recorded with timestamp and IP, reviewable by our admins.

// 06

Hardened Surface

Strict content-security policy, CSRF protection on every action, rate limits and lockouts on authentication.

The refusals
// 01

We Don't Sell Data

Not to lead aggregators, not to 'marketing partners,' not anonymized, not ever.

// 02

We Don't Cold Call

You hear from us about your quotes and policies. That's the whole list.

// 03

We Don't Ghost-Write Consent

Every signature on Pearl is one you actually made, recorded with hash, timestamp and IP.

Fair questions
Who can see my quote data?

You, the routed seller's licensed staff, the carriers rating you, and Pearl operations under audit. Nobody else.

What happens if I abandon a quote?

Your draft is stored encrypted so you can resume. Reply 'stop' to any follow-up or tell the concierge and contact ends immediately.

Can I delete my data?

Yes — ask the concierge or contact us. We retain only what insurance regulation requires us to keep, and we'll tell you exactly what that is.

Questions we didn't answer?

Security researchers and sharp-eyed customers get fast replies.

Contact Us