Security & Privacy

Uploaded PDFs are processed in memory by our servers and discarded immediately after analysis. We never write your bill to disk and we never share it with third parties.

You can run an analysis without giving us an email address. If you choose to receive your report by email or sign up for ongoing check-ins, we ask for your express consent and you can unsubscribe at any time using the link in any email.

All traffic between your browser, our servers, and our database is encrypted with TLS 1.2+. Secrets and database credentials are stored in our hosting provider and never appear in client-side code.

We follow the Personal Information Protection and Electronic Documents Act (PIPEDA) for privacy and Canada’s Anti-Spam Legislation (CASL) for any commercial email. We collect only what we need, use it only for the stated purpose, keep records of email consent, and respond to access or deletion requests within 30 days.

Every concierge negotiation we run is paired with a documented per-customer authorization: the exact wording you ticked, the specific carrier we are authorized to contact, and a server-stamped timestamp. We never call a carrier without one.

We use Anthropic’s Claude API to analyze your bill text. Per Anthropic’s API privacy practices, content submitted to the API is not used to train Anthropic’s models. We extract structured data (carrier, plan, cost) and discard the bill text after analysis.

Our API is rate-limited per IP to prevent abuse and to protect the cost of third-party services we use to analyze your bill. We do not log full IP addresses in the analyses table.

Our business model is the optional concierge negotiation service. We make money only when you choose to have us call your carrier. We do not sell or rent your data and we do not run third-party advertising on this site.