Commission statements carry sensitive information. Here’s exactly how CommissionSight keeps it safe — isolated, encrypted, and removable on demand. Every claim below reflects how the platform works today.
Every customer’s data lives in its own dedicated database — never co-mingled with any other customer’s. Access is resolved per-account, so one account can never read another’s data.
Encrypted in transit (TLS) and at rest. API tokens are stored only as hashes, and each account’s database credentials are AES-GCM encrypted — never stored in the clear.
We delete the original uploaded statement file from storage within ~24 hours of processing (and within 3 days if it never processes). We keep the scored results, not your raw file.
Your data is never used to train AI models, and never sold or shared. The in-app assistant queries only your own database, read-only — it cannot change anything or see anyone else’s book.
Retract a period, purge the raw files, or delete your entire account and all of its data on request. Your data is yours — and removable on demand.
Access is via revocable, hashed API tokens. Outbound notifications are cryptographically signed, and an append-only audit trail records account actions — uploads, rate and team changes, and purges.
To reconcile your book and score every member, CommissionSight stores the member and policy identifiers, plan, premium, and commission figures from each statement — and it preserves the original values for audit accuracy, so the numbers always tie back to the source. That data lives only in your isolated, encrypted database, and you can delete it at any time.
Yes. Every account has its own dedicated database — your data is never co-mingled with another customer’s, and access is resolved per-account so cross-account reads are impossible.
No. CommissionSight reconciles on the carrier’s own member or policy identifiers and the commission and premium figures. It does not require SSNs, bank account numbers, or clinical/health data.
The raw uploaded file is deleted from storage within about 24 hours of processing (or within 3 days if it never processes). The scored results stay in your isolated database until you choose to delete them.
Never. Your data is not used to train any models, and it is never sold or shared. The built-in assistant runs read-only queries against your own database only.
Yes. You can retract a single period, purge the raw files, or delete your entire account and all of its data. Deletion is permanent.
Yes. Field-level data minimization lets us drop or one-way-hash specific columns at ingest so they are never stored — configured per carrier. Member matching still works because identity is computed before any redaction. Tell us which fields and we will enable it for your carriers.
We’re happy to walk your compliance team through how CommissionSight handles data, and to review your security questionnaire, data-processing agreement, or BAA. Single sign-on (SAML/OIDC) and granular roles are on the roadmap.
Talk to us