Privacy Policy

Last Updated: May 10, 2026

1. Introduction

At Ovrcharged.com, we respect your privacy and are committed to protecting it. This Privacy Policy describes the types of information we may collect from you or that you may provide when you visit our website, and our practices for collecting, using, maintaining, protecting, and disclosing that information.

2. Information We Collect

We collect several types of information from and about users of our Website, including:

  • Personal Information: Name, email address, phone number, and physical address.
  • Health Information: Information contained in the medical bills you upload, which may include Protected Health Information (PHI) such as diagnoses, treatment codes, and provider names.
  • Financial Information: Payment details (processed securely via Stripe) and billing dispute amounts.

3. How We Use Your Information

We use information that we collect about you or that you provide to us to:

  • Analyze your medical bills using AI to identify potential overcharges.
  • Generate dispute templates and appeal letters.
  • Communicate with healthcare providers on your behalf (if you purchase our Negotiation service).
  • Improve our website and AI models (using heavily anonymized and aggregated data only).

4. Data Security and Deletion

We implement industry-standard security measures, including encryption at rest and in transit. We have strict data retention policies:

  • Original uploaded bill files (PDFs/Images) are deleted from our servers shortly after text extraction is complete.
  • Extracted data is stored securely in an isolated database.
  • You may request complete deletion of your account and all associated data at any time via your Account Settings.

5. HIPAA Compliance Note

While Ovrcharged is not a "Covered Entity" under HIPAA, we operate with security protocols that align with HIPAA standards to ensure your sensitive medical and billing information remains confidential.

6. Third-Party Disclosures

We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties except to trusted third parties who assist us in operating our website and conducting our business (e.g., Stripe for payments, Supabase for secure hosting), so long as those parties agree to keep this information confidential.

7. Contact Information

To ask questions or comment about this privacy policy and our privacy practices, contact us at: privacy@ovrcharged.com.