Privacy Policy

MyBillRX (“we,” “us,” “our”) is a direct-to-consumer dental billing education service operated at mybillrx.com. We help patients understand their dental bills and explanations of benefits (EOBs) by generating plain-English analyses of uploaded documents.

MyBillRX is not a healthcare provider, dental practice, insurance company, or health plan. We are not a “covered entity” or “business associate” as defined under the Health Insurance Portability and Accountability Act (HIPAA). We voluntarily hold our data practices to a standard that exceeds what HIPAA would require.

We do not collect, store, transmit, or use Protected Health Information (PHI). PHI includes any individually identifiable information related to your health, dental treatment, insurance, or payment history — including your name, date of birth, Social Security number, patient ID, member ID, provider name, diagnosis codes, and claim numbers.

When you upload a document:

• Your file is transmitted over an encrypted (HTTPS/TLS) connection for processing.
• The document is analyzed in real time by an AI model to generate your report.
• Neither the document nor its contents are stored on our servers — by design.
• We do not log file contents, extracted text, or any patient-identifiable fields.
• No human at MyBillRX ever views your document.

We do not sell, share, license, or otherwise transfer your health-related data to any third party — because we don't have it.

We collect only the minimum data necessary to operate the service:

• Payment information: Processed by Stripe. We receive a payment confirmation token only. We never see or store your full card number, CVV, or billing address.
• Session data: Standard server logs may capture your IP address, browser type, and the pages you visit for security and abuse prevention. These logs are not tied to any document you upload.
• Cookies: We use functional cookies to maintain your session (e.g., confirming you have paid). We do not use advertising trackers or behavioral profiling cookies.
• Analytics: Aggregate, anonymized page view data (e.g., number of visits) may be collected. No personally identifiable information is included.

The limited data we collect is used solely to:

• Process your payment and deliver your report
• Maintain the security and performance of the service
• Comply with legal obligations

We do not use your data for advertising, marketing profiling, or sale to third parties.

We use the following third-party service providers in the operation of MyBillRX. Each is governed by its own privacy policy:

• Stripe — payment processing (stripe.com/privacy)
• Anthropic — AI analysis of uploaded documents. Documents are transmitted to Anthropic's API for processing under their data processing terms. Anthropic does not use API-submitted data to train models by default.
• Netlify / Vercel — hosting and CDN infrastructure

No document content is shared with any other third party.

Because we do not store document content or PHI, there is nothing to retain or delete. Your uploaded file and its contents exist only in transient memory during processing and are not written to any persistent storage.

Payment records are retained by Stripe per their policies. Server access logs are retained for up to 90 days for security purposes, and do not contain document content.

MyBillRX is intended for adults (18+). We do not knowingly collect information from children under 13. If you believe a child has submitted information through our service, contact us at the address below and we will take appropriate action.

All data transmitted to and from MyBillRX is encrypted using TLS (HTTPS). We do not store your documents, so there is no database of health records that could be breached. We implement standard security controls to protect the infrastructure and payment flow.

Because we do not retain personally identifiable information tied to your document, we have no stored record to access, correct, or delete on request. If you have questions about what minimal data we may hold (e.g., Stripe payment token), contact us and we will respond within 30 days.

We may update this Privacy Policy from time to time. If we make material changes, we will update the “Last updated” date at the top of this page. Continued use of MyBillRX after changes are posted constitutes acceptance of the updated policy.

Questions about this Privacy Policy? Email us at hello@mybillrx.com.