How we handle and protect
your property claim data.
A summary for your security and compliance team. Full details are available to your reviewers on request.
"Quixas reads your claim data and produces a verdict. Every output goes to your team to act on."
Hosting
US-based cloud
Encryption
TLS 1.3, at rest
Infrastructure
SOC 2 Type II infra
SOC 2 Type II infrastructure
The Service runs on SOC 2 Type II certified cloud infrastructure. All data is encrypted in transit and at rest.
Tenant isolation
Claim data is isolated within tenant-specific boundaries through application-layer access controls, under least-privilege access.
AI extraction
Document extraction runs via an enterprise LLM API that does not train on your data and retains it only briefly before automatic deletion.
Deletion within 7 business days
On pilot expiration, termination, or written request, claim data is permanently deleted across our systems within 7 business days.
US-based
Claim data is hosted and processed within the United States.
Subprocessors by role
We use a small set of subprocessors (cloud data, AI extraction, orchestration). A named list is provided to your security team during review.
Low-risk by design. Pilots run out-of-band by secure email forwarding or upload, with no write access or credentials inside your systems of record. Verdicts are drafts your team reviews and sends; Quixas never contacts policyholders on its own.
Request the full data-handling overview.
The complete, section-by-section package, including the named subprocessor list, is available to your security team during review.