Brisker logo
Menu
Home

Features

CarrierContractorInsured
BlogSign up

Privacy Policy

Last updated: April 13, 2026

This policy describes how Brisker (“we,” “us”) collects, uses, stores, and protects information when you visit the public marketing website at brisker.io (the “Site”). It does not govern the separate product application hosted at brisker.ai, which is covered by its own notices and agreements.

1. Information we collect

1.1 Contact and lead forms

If you submit a request through our lead or contact flow, we collect what you enter and send to our servers:

  • Email address (required)
  • Optional fields: name, free-text message, and a self-selected role (client, contractor, or insured)
  • Context: a short source value indicating where the form was submitted (for example, homepage)

These submissions are stored in our database in a dedicated marketing schema, separate from core product assignment data. The table enforces a unique email constraint; duplicate submissions from the same address may be acknowledged without creating a second row.

1.2 Security and abuse prevention

  • Rate limiting: Submissions to the lead API are limited per client IP within a rolling time window using an in-memory counter on the application server. This data is not written to the marketing leads database; it exists only to reduce automated abuse and is not used for marketing profiling.
  • Cloudflare Turnstile (optional): If enabled, we may send a browser-issued challenge token and your IP address to Cloudflare for verification. When Turnstile is not configured, that step is skipped.
  • Server and infrastructure: Our hosting provider (for example, Vercel) and related infrastructure may log IP addresses, URLs, timestamps, and technical diagnostics as part of normal operation. We use that information to operate and secure the Site.

1.3 Analytics

We may use privacy-conscious or product-analytics tools, only when configured:

  • Plausible Analytics: If NEXT_PUBLIC_PLAUSIBLE_DOMAIN is set, Plausible’s script may load. Plausible is designed for aggregated, cookie-light measurement. See Plausible’s privacy policy.
  • PostHog: If NEXT_PUBLIC_POSTHOG_KEY is set, PostHog may load in the browser. We configure person profiles as identified only (no broad automatic person profiling for anonymous visitors). Events we record from the Site include things like navigation clicks, primary CTA clicks, pricing CTA clicks (if applicable), and successful lead submissions—each with properties such as link destination or placement where relevant. See PostHog’s privacy information.

If neither tool is configured, we do not load those scripts for analytics.

1.4 Cookies and local storage

The Site may use cookies or similar storage where required by analytics or security vendors you enable. Essential cookies needed to operate the Site or prevent fraud may also be set by our providers.

2. How we use information

  • To respond to inquiries and follow up on leads you initiate
  • To understand aggregate use of the Site and improve content and funnels
  • To detect, prevent, and address abuse, fraud, or technical issues
  • To comply with law and enforce our terms

We do not sell your personal information as a standalone commercial product. We use service providers (below) to process data on our behalf under appropriate agreements and safeguards.

3. How we protect information

  • Lead data is inserted only through a server-side API using privileged credentials; the marketing leads table has row-level security enabled with no public read or write policies for anonymous or logged-in site visitors.
  • Data is transmitted over HTTPS.
  • Access to operational systems is limited to those who need it to run the business.

No method of transmission or storage is completely secure; we work to follow reasonable industry practices.

4. Where data is processed and retention

Data may be processed in the United States and in jurisdictions where our vendors operate. We retain lead and analytics-related information for as long as needed to fulfill the purposes above, unless a longer period is required by law. You may request deletion as described below.

5. Sharing

We share information only as needed with:

  • Supabase (database hosting for marketing leads)
  • Cloudflare (Turnstile verification, when enabled)
  • PostHog and/or Plausible (when those integrations are enabled)
  • Hosting and infrastructure providers necessary to serve the Site
  • Authorities when required by law or to protect rights and safety

6. Your choices and rights

Depending on where you live, you may have rights to access, correct, delete, or restrict certain processing of your personal information, or to object to certain uses. To exercise these rights or ask questions, contact us at info@brisker.io. We may need to verify your request.

7. Children

The Site is not directed at children under 13, and we do not knowingly collect personal information from them.

8. Third-party sites

The Site may link to other websites or the product application. Their privacy practices are governed by their own policies.

9. Changes

We may update this policy from time to time. We will adjust the “Last updated” date and, where appropriate, provide additional notice.

10. Contact

Brisker — Privacy inquiries: info@brisker.io

This policy is provided for transparency.