Privacy Policy

Effective date: March 2026

1. Information We Collect

When you use CutMyMedicalBill.com, we collect the following information:

  • Account information: Your name, email address, and phone number when you create an account.
  • Bill data: Medical bill line items including CPT/HCPCS codes, revenue codes, charges, dates of service, provider names, and diagnosis codes that you upload or enter manually.
  • Insurance information: Insurance company name and member ID, stored in encrypted form.
  • Authorization data: If you authorize us to act on your behalf, we collect your full legal name and date of birth for provider verification purposes only.
  • Communications: Emails and messages you send to us, and records of communications we make on your behalf.

2. Information We Do NOT Collect or Store

  • Social Security numbers: We never ask for, collect, or store your SSN.
  • Insurance ID numbers are stored only in encrypted form and are never exposed in plain text in our analysis database.
  • We do not sell, rent, or trade your personal information to any third party for marketing or advertising purposes. Ever.

3. How We Use Your Data

We use the information we collect exclusively for the following purposes:

  • Bill analysis: To analyze your medical bills for billing errors, overcharges, and potential savings using Medicare coding rules and industry benchmarks.
  • Case management: To track the progress of your case, generate dispute letters, and manage communications with providers.
  • Communications: To send you analysis results, case updates, and respond to your inquiries.
  • Service improvement: To improve our analysis algorithms and user experience (using aggregated, de-identified data only).

4. Third-Party Services

We use the following third-party services to operate CutMyMedicalBill.com:

  • Anthropic (Claude AI): We use Claude AI to assist with extracting billing data from uploaded documents. Bill data is processed through Anthropic's API, which is subject to Anthropic's privacy policy. Anthropic does not use API inputs to train its models.
  • Stripe: We use Stripe for secure payment processing. We do not store your credit card information on our servers. Stripe's handling of payment data is subject to Stripe's privacy policy.
  • Resend: We use Resend for transactional email delivery (case updates, analysis results). Your email address is shared with Resend solely for delivery purposes.

We do not share your data with any other third parties except as required by law.

5. Data Retention

  • Active cases: Your data is retained for as long as your case is active and for a reasonable period afterward for record-keeping purposes.
  • Closed cases: Case data is retained for up to 3 years after case closure for reference and dispute resolution purposes.
  • Deletion on request: You may request deletion of your data at any time by contacting us at support@cutmedicalbill.com. We will delete your personal data within 30 days, except where retention is required by law.

6. Cookies and Tracking

We do not currently use tracking cookies, analytics services, or third-party advertising pixels. We use only essential cookies required for session management and authentication. If this changes in the future, we will update this policy and notify you.

7. Data Security

We take reasonable measures to protect your data, including:

  • Encryption of sensitive fields (insurance member IDs) at rest
  • HTTPS encryption for all data in transit
  • Access controls limiting data access to authorized personnel
  • Regular security reviews of our systems

8. Health Information Security

We implement security measures consistent with industry best practices for protecting health-related information, including encryption in transit and at rest, access controls limiting data to authorized personnel, and maintenance of audit logs for all data access.

9. Your Rights

You have the right to:

  • Request a copy of the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Withdraw authorization for us to act on your behalf at any time

To exercise any of these rights, contact us at support@cutmedicalbill.com.

10. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or by posting a notice on our website. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Your State Privacy Rights

California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act:

  • Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: You may request that we delete personal information we have collected from you, subject to certain exceptions.
  • Right to Opt-Out: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights.

To exercise these rights, contact us at privacy@cutmedicalbill.com.

Other State Privacy Laws

Residents of Colorado, Connecticut, Virginia, Utah, and other states with comprehensive privacy laws may have similar rights to access, delete, and correct their personal information. To exercise your rights under any applicable state law, contact us at privacy@cutmedicalbill.com.

Categories of Personal Information We Collect

  • Identifiers: Name, email address, phone number, IP address
  • Financial Information: Medical billing charges, payment method (via Stripe — we do not store card numbers)
  • Health-Related Information: Medical procedure codes (CPT/HCPCS), diagnosis codes (ICD-10), dates of service, provider information
  • Internet Activity: Pages visited, features used, device information

How We Use This Information

  • To analyze your medical bill for errors and overcharges
  • To generate dispute and negotiation documents
  • To communicate with you about your case
  • To process payments for our services

Third Parties We Share Data With

  • Anthropic (Claude AI): Bill text/images for data extraction (no patient names or dates of birth sent)
  • Stripe: Payment processing
  • Resend: Transactional email delivery
  • Railway: Cloud hosting infrastructure

Children's Privacy

Our service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, contact us immediately at privacy@cutmedicalbill.com.

12. Contact

For questions about this Privacy Policy or to request data deletion, contact us at:

support@cutmedicalbill.com