Privacy Policy

Last updated: March 13, 2026

Overview

BillBot is designed with privacy in mind. We process medical bills to provide educational analysis and take steps to minimize the personal health information we retain. This policy explains what we collect, how we use it, and how we protect it.

Information We Collect

Uploaded Documents

When you upload a medical bill, we process the document to extract charge information. Patient names are automatically redacted before any data is stored. The original uploaded file is stored securely for analysis purposes.

Email Address

If you purchase a paid report, we collect your email address to deliver the report. We do not use your email for marketing unless you explicitly opt in.

Payment Information

Payments are processed by Stripe. We do not store credit card numbers or payment details on our servers. Please refer to Stripe's Privacy Policy for details on their data handling.

Usage Data

We collect anonymized usage data such as page views and scan counts for rate limiting and service improvement. IP addresses are hashed and never stored in plain text.

How We Use Your Information

  • To analyze your medical bill and generate reports
  • To deliver purchased reports to your email
  • To prevent abuse through rate limiting
  • To improve the accuracy and quality of our analysis

Data Protection

We use industry-standard security measures to protect your data, including encrypted storage (Supabase with row-level security), HTTPS for all data transmission, and automatic redaction of patient names. We do not sell, share, or provide your data to third parties except as necessary to provide the Service (e.g., Stripe for payments, Resend for email delivery).

AI Processing

We use Anthropic's Claude AI to extract and analyze bill data. Document content is sent to the AI model for processing. Anthropic does not use API inputs to train their models. For details, see Anthropic's Privacy Policy.

Data Retention

Uploaded documents and analysis results are retained for up to 90 days to allow you to access your reports. After this period, data may be automatically deleted. You may request earlier deletion by contacting us.

Your Rights

You have the right to request access to, correction of, or deletion of your personal data. To exercise these rights, please contact us at team@billbot.co.

Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at team@billbot.co.