Encryption At Rest
Sensitive PII fields — birthdays, addresses, phone numbers — are sealed with AES-based envelope encryption before they touch a disk.
Encryption In Transit
TLS everywhere, HSTS enforced, no exceptions.
The Carrier Vault
Seller carrier credentials live in an audited vault with per-agency envelope keys; every read is logged with who and why.
Least Access
Your data reaches exactly one seller — the one the algorithm routed your order to. Losing bidders never see it.
Full Audit Trail
Logins, binds, coverage changes, credential access — recorded with timestamp and IP, reviewable by our admins.
Hardened Surface
Strict content-security policy, CSRF protection on every action, rate limits and lockouts on authentication.
We Don't Sell Data
Not to lead aggregators, not to 'marketing partners,' not anonymized, not ever.
We Don't Cold Call
You hear from us about your quotes and policies. That's the whole list.
We Don't Ghost-Write Consent
Every signature on Pearl is one you actually made, recorded with hash, timestamp and IP.
Who can see my quote data?
You, the routed seller's licensed staff, the carriers rating you, and Pearl operations under audit. Nobody else.
What happens if I abandon a quote?
Your draft is stored encrypted so you can resume. Reply 'stop' to any follow-up or tell the concierge and contact ends immediately.
Can I delete my data?
Yes — ask the concierge or contact us. We retain only what insurance regulation requires us to keep, and we'll tell you exactly what that is.
Questions we didn't answer?
Security researchers and sharp-eyed customers get fast replies.
