Privacy Policy

Last updated: March 23, 2026

ClearCost ("we," "us," or "our") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, and protect your information when you use our insurance benefit verification and drug cost estimation service.

1. Information We Collect

Account Information: When you create an account, we collect your email address, password (stored securely via Supabase Auth), and practice name.

Practice Information: Practice name, NPI, address, phone number, and operational preferences (fee schedules, default settings).

Usage Data: We track the number of eligibility checks performed per month for billing purposes. We do not track which patients are checked.

2. Information We Do NOT Collect or Store

Patient Health Information (PHI): ClearCost is designed with a stateless, privacy-first architecture. Patient data — including names, member IDs, dates of birth, and insurance details — is processed entirely in your browser. This data is:

• Never stored on our servers
• Never written to any database
• Never logged in server-side analytics
• Transmitted only as a stateless proxy request to the payer's eligibility endpoint and immediately returned to your browser

3. How We Use Your Information

• To provide and maintain the ClearCost service
• To manage your account and subscription
• To track usage for billing purposes
• To communicate service updates and important notices
• To improve our service based on aggregate, non-identifying usage patterns

4. Data Security

We use industry-standard security measures including:

• TLS encryption for all data in transit
• Row-Level Security (RLS) in our database ensuring practice isolation
• JWT-based authentication with short-lived tokens
• Service-role separation between client and server operations

5. Third-Party Services

We use the following third-party services:

• Supabase — Authentication and account data storage
• Stripe — Payment processing (we never see or store your credit card details)
• Stedi — Insurance eligibility verification (stateless proxy)
• Vercel — Application hosting

6. Data Retention

Account and practice data is retained for the duration of your subscription. Upon account cancellation, we retain your data for 30 days in case of reactivation, then permanently delete it.

7. Your Rights

You may:

• Access and update your account information at any time through Settings
• Request a copy of all data we hold about your practice
• Request deletion of your account and all associated data

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via the email associated with your account.

9. Contact

For privacy-related questions or requests, contact us at privacy@clearcost.app.