Privacy Policy — Fix My Bill

This Privacy Policy explains how Fix My Bill (“we”, “us”) handles the personal information and bill content you share with us. If anything here is unclear, email privacy@getfixmybill.com and we will answer plainly.

What we collect

Account data: your email address, a hashed password (if you sign up with email), your full name if you provide one, and your country preference.
Bill content: any PDF, image, or text you upload for analysis, plus the extracted text we generate from PDFs and photos.
Analysis output: the findings our AI produces and any dispute letter generated from them.
Usage metadata: timestamps, IP address (for rate-limiting and fraud prevention), browser type, scan counts, and error logs.
Payment data: handled by Dodo Payments. We store only a reference to the payment, the pack purchased, and the amount — we do not see or store your card details.

How we use it

To run the bill analysis you asked for and return the results.
To generate dispute letters at your request.
To operate, secure, and improve the service (rate limits, abuse prevention, error monitoring, aggregate analytics).
To send essential transactional email (scan completion, payment receipts, password resets). We do not send marketing email without opt-in consent.

Retention

Uploaded bill files and the raw extracted text are automatically deleted 30 days after upload. Your structured analysis results (findings, savings estimate, dispute letter) are retained with your account so you can reference them later. You can delete an individual scan at any time from your dashboard, or delete your entire account from your account settings, which wipes all associated data within 30 days.

Who sees your bills

You. Row-level security in our database restricts each scan to the account that created it.
Our AI provider (OpenAI). Bill text is sent to OpenAI's API for analysis. OpenAI does not train models on data submitted via the API per their Enterprise Privacy policy.
Our infrastructure providers (Supabase for database and storage, Vercel for hosting, Resend for transactional email, Dodo Payments for checkout) process data only as needed to operate the service.
Nobody else. We do not sell, rent, or share your bill data with advertisers, brokers, or any third party for marketing purposes.

We are not a HIPAA covered entity

Fix My Bill is a consumer decision-support tool. You voluntarily upload your own bills. We are not a HIPAA covered entity and we do not operate as a business associate of any healthcare provider. If your bill contains protected health information, you are uploading it as an individual for your own use — we treat it with the care described on this page.

Cookies

We use a small number of strictly necessary cookies: a session cookie to keep you logged in, and a theme preference cookie for light/dark mode. We do not run advertising cookies or third-party trackers.

Your rights

Depending on where you live (EU, UK, California, Australia, New Zealand, and others), you may have the right to access, correct, port, or delete your personal data, and to object to or restrict certain processing. To exercise any of these rights, email privacy@getfixmybill.com. We will respond within 30 days.

Security

Data is encrypted in transit (HTTPS) and at rest. Bill files sit in a private storage bucket that is not publicly accessible. Access to the service-role database key is restricted to server-side code and never shipped to the browser.

Children

Fix My Bill is not directed to children under 16 and we do not knowingly collect data from them. If you believe a child has created an account, contact us and we will delete it.

Changes

If we make a material change to this policy we will notify account holders by email and update the “last updated” date at the top of this page.

Contact

Questions, requests, or concerns: privacy@getfixmybill.com

What we collect

Account data: your email address, a hashed password (if you sign up with email), your full name if you provide one, and your country preference.

Bill content: any PDF, image, or text you upload for analysis, plus the extracted text we generate from PDFs and photos.

Analysis output: the findings our AI produces and any dispute letter generated from them.

Usage metadata: timestamps, IP address (for rate-limiting and fraud prevention), browser type, scan counts, and error logs.

Payment data: handled by Dodo Payments. We store only a reference to the payment, the pack purchased, and the amount — we do not see or store your card details.

How we use it

To run the bill analysis you asked for and return the results.

To generate dispute letters at your request.

To operate, secure, and improve the service (rate limits, abuse prevention, error monitoring, aggregate analytics).

To send essential transactional email (scan completion, payment receipts, password resets). We do not send marketing email without opt-in consent.

Retention

Who sees your bills

You. Row-level security in our database restricts each scan to the account that created it.

Our AI provider (OpenAI). Bill text is sent to OpenAI's API for analysis. OpenAI does not train models on data submitted via the API per their Enterprise Privacy policy.

Our infrastructure providers (Supabase for database and storage, Vercel for hosting, Resend for transactional email, Dodo Payments for checkout) process data only as needed to operate the service.

Nobody else. We do not sell, rent, or share your bill data with advertisers, brokers, or any third party for marketing purposes.

We are not a HIPAA covered entity

Your rights