Skip to main content

Zero-Knowledge Privacy Policy

Effective Date: August 2025

Last Updated: August 2025

Introduction

Medical Bill Rescue ("we," "our," or "us") is committed to protecting your privacy with our industry-leading zero-knowledge architecture. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our medical bill analysis service at medicalbillrescue.com (the "Service").

🔒 Zero-Knowledge Medical Bill Processing

When you upload medical bills for analysis, your medical information is processed using our proprietary zero-knowledge architecture, which means:

  • No Medical PHI Storage: Your personally identifiable health information from medical bills is never stored on our servers
  • Immediate Medical PII Redaction: Patient names, SSNs, and other medical identifiers are automatically removed before processing
  • Memory-Only Analysis: Medical bill analysis happens in temporary memory and is discarded after completion
  • Encrypted Transit: All data transmission uses enterprise-grade encryption
  • Healthcare-Grade Security: Built with industry security standards and best practices from the ground up

Note: We do collect basic account information (email, username) and payment details (processed securely through Stripe) necessary to provide our service, as detailed in the sections below.

Please read this privacy policy carefully. By using the Service, you agree to the collection and use of information in accordance with this policy.

Information We Collect

Information You Provide to Us

Account Information

  • Email address
  • Password (encrypted)
  • Name (optional)
  • Payment information (processed by our payment provider)

Uploaded Documents

  • Medical bills and related documents you upload for analysis
  • We use automated systems to remove personally identifiable information before processing
  • Analysis results and reports generated by our Service

Information Automatically Collected

Usage Data

  • IP address
  • Browser type and version
  • Pages visited and time spent
  • Date and time of visits
  • Device information

Cookies and Tracking

  • Session cookies for authentication
  • Analytics cookies to improve our Service
  • You can control cookies through your browser settings

How We Use Your Information

We use collected information to:

  • Provide and maintain our Service
  • Process your medical bills for anomaly detection
  • Process transactions and send related information
  • Send administrative information and service updates
  • Respond to inquiries and provide customer support
  • Monitor and analyze usage to improve our Service
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

Information Sharing and Disclosure

We may share your information in the following situations:

Service Providers

  • Payment processors (Stripe) for billing
  • Cloud infrastructure providers (AWS) for hosting
  • Email service providers for communications
  • Analytics providers to improve our Service

Legal Requirements

  • If required by law or subpoena
  • To protect our rights or property
  • To prevent fraud or illegal activity
  • To protect the safety of any person

Business Transfers

  • In connection with a merger, sale, or acquisition
  • Your information may be transferred as a business asset

Aggregated Information

  • We may share anonymized, aggregated data that cannot identify you

Data Security

We implement reasonable security measures to protect your information, including:

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls and authentication
  • Secure development practices

Important: No method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

Data Retention

We retain your information for as long as necessary to provide our Service and comply with legal obligations:

  • Account information: As long as your account is active
  • Transaction records: As required for accounting and tax purposes
  • Analysis results: 90 days after generation
  • Usage logs: 12 months

You may request deletion of your account and associated data at any time.

Your Privacy Rights

Depending on your location, you may have certain rights regarding your information:

  • Access to your personal information
  • Correction of inaccurate data
  • Deletion of your information
  • Data portability
  • Opt-out of marketing communications
  • Withdraw consent where applicable

To exercise these rights, please contact us using the information below.

Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information, please contact us.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last Updated" date
  • Sending an email notification for material changes

Contact Us

If you have questions about this Privacy Policy, please contact us:

Email: [email protected]

For privacy-specific concerns: [email protected]