Bill Savvy

Privacy Policy

Effective Date: February 18, 2026

1. Introduction

Bill Savvy, Inc. (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Bill Savvy application, website (billsavvy.ai), and related services (collectively, the “Service”).

By using the Service, you consent to the data practices described in this Privacy Policy. If you do not agree with the practices described herein, please do not use the Service.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: Name, email address, and password when you create an account
  • Bill Data: Information about your recurring bills, including provider names, amounts, billing dates, and account identifiers that you manually enter or upload
  • Document Uploads: Bill statements, invoices, or other documents you upload for analysis (processed via OCR and AI parsing)
  • Payment Information: Billing address and payment method details processed through our third-party payment processor (we do not store full credit card numbers)
  • Communications: Messages you send to our support team, feedback, and survey responses

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, time spent on the Service, click patterns, and interaction data
  • Device Information: Device type, operating system, browser type, screen resolution, and unique device identifiers
  • Log Data: IP address, access times, referring URLs, and error logs
  • Analytics Data: Aggregated usage statistics collected through analytics tools

2.3 Information from Third-Party Sources

  • Authentication Providers: If you sign in using a third-party service (e.g., Google, Apple), we receive your name and email address as permitted by that service
  • Research Data: Publicly available rate information and provider data used to generate savings recommendations

3. How We Use Your Information

We use the information we collect for the following purposes:

PurposeData UsedLegal Basis
Provide and maintain the ServiceAccount info, bill data, usage dataContract performance
Generate AI-powered savings analyses and recommendationsBill data, document uploads, research dataContract performance
Process payments and manage subscriptionsPayment info, account infoContract performance
Improve and optimize the ServiceUsage data, analytics data, aggregated bill dataLegitimate interest
Send service-related communicationsAccount info (email)Contract performance
Send marketing communications (with consent)Account info (email)Consent
Prevent fraud and ensure securityDevice info, log data, usage dataLegitimate interest
Comply with legal obligationsAll categories as requiredLegal obligation

4. AI Processing and Data Usage

Our Service uses artificial intelligence (AI) to analyze your bills and generate savings recommendations. Understanding how AI processes your data is important:

Bill Analysis: When you submit bill data or upload documents, our AI systems process this information to identify potential savings opportunities, compare rates, and generate personalized recommendations.

Data Minimization: We send only the minimum necessary information to our AI processing systems. Full account numbers and sensitive financial identifiers are redacted before AI processing where possible.

Caching: AI-generated analyses may be cached to improve performance and reduce costs. Cached results are associated with your account and subject to the same protections as other personal data.

No Training on Personal Data: We do not use your personal bill data or uploaded documents to train or improve our AI models. Your data is used solely to provide the Service to you.

Third-Party AI Services: We use Anthropic's Claude AI services for analysis. Data sent to these services is processed under strict data processing agreements that prohibit the use of your data for model training.

5. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

5.1 Service Providers

We share data with trusted third-party service providers who assist us in operating the Service, including cloud hosting providers, payment processors, AI service providers, analytics tools, and customer support platforms. These providers are contractually obligated to protect your data.

5.2 Aggregated and De-Identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you. This may include aggregate rate information used to build our community rate database and improve recommendations for all users.

5.3 Legal Requirements

We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or if we believe disclosure is necessary to protect the rights, property, or safety of our company, our users, or others.

5.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

6. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption of data in transit (TLS/SSL) and at rest (AES-256)
  • Secure authentication with password hashing (bcrypt)
  • Regular security assessments and vulnerability testing
  • Access controls limiting employee access to personal data on a need-to-know basis
  • Monitoring and logging of system access for security purposes

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service to you. Specific retention periods include:

  • Account Data: Retained while your account is active and for 30 days after deletion request to allow for account recovery
  • Bill Data and Analyses: Retained while your account is active; deleted within 90 days of account deletion
  • Payment Records: Retained for 7 years as required for tax and accounting purposes
  • Usage and Log Data: Retained for up to 24 months for analytics and security purposes
  • Cached AI Results: Automatically expired after the cache duration period (typically 30–90 days)

Upon account deletion, we will delete or anonymize your personal data within the timeframes specified above, unless retention is required by law.

8. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

8.1 Access and Portability

You have the right to request a copy of the personal information we hold about you in a structured, commonly used, machine-readable format.

8.2 Correction

You have the right to request correction of inaccurate personal information.

8.3 Deletion

You have the right to request deletion of your personal information, subject to certain legal exceptions (e.g., records required for tax compliance).

8.4 Opt-Out of Marketing

You may opt out of marketing communications at any time by clicking the “unsubscribe” link in our emails or adjusting your notification settings.

8.5 Data Processing Restrictions

You may request that we restrict or cease processing your personal information under certain circumstances.

8.6 Exercising Your Rights

To exercise any of these rights, please contact us at privacy@billsavvy.ai. We will respond to your request within 30 days (or sooner as required by applicable law). We may ask you to verify your identity before processing your request.

9. State-Specific Privacy Rights

9.1 California Residents (CCPA/CPRA)

California residents have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), including the right to know what personal information is collected, the right to delete personal information, the right to opt out of the sale of personal information (we do not sell personal information), and the right to non-discrimination for exercising privacy rights.

9.2 Other State Laws

Residents of Colorado, Connecticut, Virginia, Utah, and other states with comprehensive privacy laws may have similar rights. Please contact us to exercise your rights under applicable state law.

10. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child under 18, we will promptly delete that information. If you believe we may have collected information from a child, please contact us immediately.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from those in your jurisdiction. We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy.

12. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect usage data and improve the Service. Types of cookies we use include:

Essential Cookies: Required for the Service to function properly, including session management and security.

Analytics Cookies: Help us understand how users interact with the Service so we can improve it.

Preference Cookies: Remember your settings and preferences for a better experience.

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect Service functionality.

13. Third-Party Links and Services

The Service may contain links to third-party websites or services that are not owned or controlled by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through our platform.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting a notice within the Service, sending an email to your registered email address, or through other appropriate means. The “Effective Date” at the top of this Policy indicates when the latest version took effect.

Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of such changes.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Bill Savvy, Inc.
Privacy inquiries: privacy@billsavvy.ai
General support: support@billsavvy.ai
Website: billsavvy.ai

© 2026 Bill Savvy, Inc. All rights reserved.