Privacy Policy

BILLY PRIVACY NOTICE

Effective Date: April 20, 2026

1. INTRODUCTION

This Privacy Notice describes how Billy Health Technologies, LLC ("Billy," "we," "us," or "our") collects, uses, shares, and protects information when you use the Billy mobile application for iOS (the "App") and the services we offer through it (collectively, the "Service"). Billy helps you scan medical bills, identify potential billing errors using AI, generate dispute letters, and optionally mail those letters on your behalf.

We have tried to write this notice in plain English. If anything is unclear, email us at privacy@billydisputes.com.

2. SCOPE

This notice applies to information we collect through the App, through our support and billing channels, and through the optional mailing service we offer via Lob, Inc. It does not apply to the practices of third parties we do not own or control, including your healthcare providers, insurers, Apple, or the service providers we identify in Section 5 (each of which has its own privacy policy).

The Service is currently offered only to individuals located in the United States who are 18 years of age or older.

3. INFORMATION WE COLLECT

(a) Account Information. When you create an account, we collect your email address and, if you use the mailing service, your legal name and mailing address (used as the return address on dispute letters). Authentication is handled via a one-time passcode ("OTP") sent to your email through our auth provider, Supabase. We do not store your password because we do not use one.

(b) Medical Bill Data. When you scan or upload a bill, we collect the bill image, the text and structured data extracted from it (including provider names, service dates, CPT/HCPCS/ICD codes, charges, adjustments, insurance information, account numbers, and any other text present on the document), and any notes you add.

(c) Dispute Content. When you generate a dispute letter, we collect the letter text, recipient information (provider or payer name and address), your review status, and — if you authorize mailing — your typed-name signature, the timestamp and device information captured at the time of authorization, and the Lob mail tracking identifiers returned to us.

(d) Usage Data. We collect limited usage information, such as the number of scans you run per month, which screens you view, and feature interactions (for example, whether you tapped "Generate Letter"). Where we use PostHog for product analytics, we configure it to avoid collecting IP addresses and to avoid identifying you across devices unless you are signed in.

(e) Device and Diagnostic Information. We collect device model, operating system version, App version, locale, and crash logs. Crash and error reports are captured via Sentry and may include a stack trace and limited surrounding state. We configure Sentry to scrub obvious personal identifiers from error payloads, but we cannot guarantee that no personal data ever appears in a crash report.

(f) Payment Information. The App is free at the time this notice takes effect. If we introduce paid features, payments will be processed by Apple through the App Store or by a PCI-compliant payment processor. We do not receive or store your full payment card number. We may receive a transaction identifier, the last four digits of your card, and the billing ZIP code.

(g) Communications. If you email us, we retain your message and our response for support and recordkeeping purposes.

We do not knowingly collect biometric identifiers, precise geolocation, or contacts from your device.

4. HOW WE USE YOUR INFORMATION

We use the information described above to:

- Provide and operate the Service, including running OCR on bill images, sending extracted text to our AI provider for analysis, and generating dispute letters;
- Print and mail dispute letters when you authorize us to do so;
- Authenticate you and secure your account;
- Respond to support inquiries and communicate service-related notices;
- Detect, investigate, and prevent fraud, abuse, and security incidents;
- Debug and improve the App, including by reviewing aggregated usage metrics and crash reports;
- Comply with legal obligations and enforce our Terms of Service.

We do not use your medical bill data or dispute content to train AI models, and we do not permit our AI provider to do so under our agreement with them (see Section 5).

5. THIRD-PARTY SERVICE PROVIDERS

We share specific categories of information with the service providers below, each acting on our instructions and under a written contract. These providers are not permitted to use your information for their own purposes.

- Anthropic, PBC (AI analysis). Receives: extracted bill text and, where image analysis is required, bill images. Purpose: generating billing-error analysis and draft dispute letters. Anthropic's API terms prohibit training on customer inputs. See https://www.anthropic.com/legal/privacy.

- Lob, Inc. (mail delivery). Receives: your return address, the recipient's name and address, and the letter content you authorized for mailing. Purpose: printing and USPS delivery. See https://www.lob.com/legal/privacy-policy.

- Supabase, Inc. (authentication and database). Receives: your email address, account identifiers, and application data stored in your account. Purpose: user authentication and backend data storage. See https://supabase.com/privacy.

- Functional Software, Inc. d/b/a Sentry (crash reporting). Receives: crash stack traces, device and OS metadata, and App version. Purpose: detecting and diagnosing errors. See https://sentry.io/privacy/.

- PostHog, Inc. (product analytics, optional). Receives: de-identified event data about feature usage. Purpose: understanding aggregate product usage. You can disable analytics at any time with the "Share Usage Analytics" toggle in Settings. See https://posthog.com/privacy.

- Apple Inc. (App Store distribution and, if applicable, in-app purchases). Apple may collect information under its own policies. See https://www.apple.com/legal/privacy/.

Billy does not currently hold HIPAA Business Associate Agreements with Anthropic or Lob. We explain what that means for your health information in the Data Security & Health Info Notice displayed elsewhere in the App.

6. HOW WE SHARE INFORMATION

We do not sell your personal information, and we do not share it for cross-context behavioral advertising.

We may disclose information:

- To the service providers listed above, as described;
- To comply with applicable law or a valid legal process (subpoena, court order, or lawful government request), where we will give you notice unless legally prohibited;
- To protect the rights, property, or safety of Billy, our users, or the public, including to investigate fraud;
- With your direction — for example, when you authorize us to mail a letter to a specific recipient;
- To a successor entity in connection with a merger, acquisition, reorganization, or sale of substantially all of our assets, subject to the successor's agreement to honor this notice or provide notice of any material change.

7. DATA RETENTION

We retain information for only as long as we need it.

- Bill images that are uploaded for AI analysis are transmitted to Anthropic for processing and are not retained in plaintext on our servers after analysis completes. A hashed reference may be retained to prevent duplicate processing.
- Structured analysis results (codes, charges, findings) are stored primarily on your device. A copy may be stored in your Supabase account so your history is available across reinstalls; you can delete it at any time from Settings.
- Generated dispute letters are retained in your account until you delete them.
- Mail authorization records (the typed-name signature, timestamp, device metadata, and Lob tracking IDs) are retained for seven (7) years as part of our audit log, because these records may be relevant to any dispute over whether a letter was properly authorized.
- Account records and support communications are retained while your account is active and for up to twenty-four (24) months after deletion, after which they are purged or de-identified, except where a longer retention is required by law.
- Crash and diagnostic logs are retained for up to ninety (90) days.

8. DATA SECURITY

We use administrative, technical, and physical safeguards designed to protect your information, including:

- TLS 1.2 or higher for all data in transit between the App and our servers and between our servers and our subprocessors;
- iOS Data Protection (device-level encryption) for data stored on your device;
- Encryption at rest for data stored by Supabase;
- Role-based access controls on our internal systems, with access limited to personnel who need it;
- No third-party advertising SDKs or cross-app tracking in the App.

No security program is perfect. We cannot guarantee that your information will never be accessed or disclosed in a manner inconsistent with this notice.

9. YOUR CHOICES AND RIGHTS

Regardless of where you live, you can:

- Access and review your data from the App's Settings screen;
- Correct inaccurate information by editing it in the App or emailing privacy@billydisputes.com;
- Delete individual disputes — including their letters and extracted bill data — from the dispute's screen in the App, or delete your entire account and all on-device data from Settings;
- Export your data in a machine-readable format by emailing privacy@billydisputes.com;
- Revoke your mail authorization at any time (note: this will not recall letters already dispatched to USPS);
- Opt out of optional analytics with the "Share Usage Analytics" toggle in Settings.

We will respond to verifiable requests within 30 days, or within 45 days where permitted by law.

10. CALIFORNIA RESIDENTS

If you reside in California, the California Consumer Privacy Act ("CCPA"), as amended by the CPRA, gives you additional rights:

- The right to know what personal information we have collected about you and how we have used and shared it;
- The right to delete personal information, subject to certain exceptions;
- The right to correct inaccurate personal information;
- The right to opt out of the sale or sharing of personal information. We do not sell or share personal information as those terms are defined under the CCPA;
- The right to limit the use of sensitive personal information. We only use sensitive personal information (including health information) to provide the Service, as permitted by Cal. Civ. Code § 1798.121(a);
- The right not to be discriminated against for exercising these rights.

To exercise these rights, email privacy@billydisputes.com. You may designate an authorized agent to make a request on your behalf; we will ask for written authorization and may verify the agent's identity.

11. RESIDENTS OF THE EUROPEAN ECONOMIC AREA AND THE UNITED KINGDOM

The Service is not directed to, and is not currently offered in, the EEA or the UK. If you access the Service from one of those regions, please be aware that your information will be transferred to and processed in the United States. Our legal basis for processing, where the GDPR or UK GDPR applies, is (i) performance of the contract you entered into when you accepted our Terms, (ii) our legitimate interests in securing and improving the Service, and (iii) your consent where we ask for it. The data controller is Billy Health Technologies, LLC You have the right to lodge a complaint with your local supervisory authority.

12. CHILDREN'S PRIVACY

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 13, and we do not knowingly permit users between 13 and 17 to create accounts. If you believe a child has provided us with personal information, email privacy@billydisputes.com and we will delete it.

13. CHANGES TO THIS NOTICE

We may update this notice from time to time. When we do, we will revise the "Effective Date" above. For material changes, we will provide prominent notice in the App and, where we have your email address, by email at least 14 days before the change takes effect. Your continued use of the Service after the effective date of a revised notice means you accept the revised notice.

14. CONTACT US

Billy Health Technologies, LLC
Attn: Privacy
Email: privacy@billydisputes.com
Support: support@billydisputes.com
Legal: legal@billydisputes.com