Privacy Policy

1. Who We Are

ORVO Health ("Orvo," "we," "us") operates a medical bill data aggregation platform that allows users to compare their billed charges against published hospital pricing data. This Privacy Policy describes how we collect, use, and protect your information when you use our website and services.

2. Information We Collect

We collect the minimum information necessary to provide our service:

3. Information We Never Collect

Our bill extraction process is explicitly designed to exclude personal health identifiers. We never extract, store, or log:

• —Patient name
• —Date of birth
• —Social Security number
• —Home address or phone number
• —Insurance member ID
• —Medical record number
• —Account number
• —Any of the 18 HIPAA identifiers

4. Bill Upload & Auto-Deletion

When you upload a bill image or PDF, the file is processed immediately to extract billing codes and amounts. The original file is automatically deleted within one hour of upload and is never permanently stored. We retain only the extracted billing codes, procedure descriptions, and dollar amounts — never the original document.

5. How We Use Your Information

• —To authenticate your account via email one-time passcode
• —To compare your billed charges against published hospital pricing data
• —To generate market comparison reports for your review
• —To process payments for our services
• —To improve the accuracy and coverage of our pricing database (using anonymized, de-identified billing data only)

6. Data Sharing

We do not sell, rent, or share your personal information with third parties for marketing purposes. We share data only with the following service providers, strictly to operate our platform:

• —Amazon Web Services (AWS) — infrastructure hosting, authentication, and data storage
• —Google Cloud (Gemini) — bill image processing and data extraction
• —Stripe — payment processing

7. Data Security

All data is encrypted in transit (TLS) and at rest (AES-256). Session tokens are stored in httpOnly, secure cookies that cannot be accessed by client-side scripts. We use parameterized database queries to prevent injection attacks. Access to production systems is restricted and audited.

8. Cookies

We use only functional session cookies required to maintain your authenticated session. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

9. Your Rights

You may request deletion of your account and all associated data at any time. Since we store only your email address and billing code data (no personal health identifiers), deletion removes your complete footprint from our systems.

10. California Residents (CCPA)

If you are a California resident, you have certain rights under the California Consumer Privacy Act (CCPA). You have the right to: (a) know what personal information we collect about you; (b) request deletion of your personal information; (c) opt out of the sale of your personal information (we do not sell personal information); and (d) not be discriminated against for exercising your rights. To exercise these rights, contact us at support@orvo.health. We will verify your identity before processing any request. The only personal information we store is your email address (provided at account creation).

11. Washington My Health My Data Act

If you are a Washington State resident, the My Health My Data Act provides additional protections for consumer health data. Orvo does not collect, share, or sell consumer health data as defined by this Act. We extract only billing codes, procedure descriptions, and dollar amounts from uploaded bills — we do not extract, store, or process any health conditions, diagnoses, treatment information, or other protected health data. Your uploaded bill file is automatically deleted within one hour of processing.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the email address associated with your account. Continued use of the service after changes constitutes acceptance.