BillerAPI Privacy Policy

Account information (name, email, organization), API keys and client secrets for authentication, billing information processed via Stripe, usage metrics for metering and invoicing, and support communications.

We process end user data on behalf of our customers as a data processor. This includes email addresses (for biller discovery via OAuth), biller portal credentials (encrypted with per-customer AWS KMS keys), bill data (amounts, due dates, account numbers), bill documents (PDFs, statements), and payment information. We only access end user data with explicit consumer authorization obtained through our Connect SDK.

Customer data is used to provide the Service, process payments, communicate about updates, and prevent abuse. End user data is used solely to provide bill discovery, retrieval, and payment services. We do not use end user data for advertising, profiling, or any unrelated purpose. We do not sell or rent any personal information.

We share data with: Amazon Web Services (cloud infrastructure, storage, encryption), AWS KMS (credential encryption with per-customer keys), AWS Cognito (authentication), Anthropic Claude AI (bill document extraction — not trained on your data), and Stripe (payment processing for customer billing). A full sub-processor list is available in our Data Processing Agreement.

Customer account data is retained while the account is active and deleted within 30 days of closure. End user bill data follows customer-configured retention policies or is deleted on request. Biller credentials are deleted when connections are revoked. Usage logs are retained for 90 days. You can retrieve or delete end user data via our API at any time.

We use Anthropic's Claude AI to extract structured data from bill documents. This processing is performed solely to provide the extraction service. Your data is not used to train AI models (per Anthropic's API data processing terms). Only bill content is processed — never credentials or payment information.

All data is encrypted at rest (AES-256 via DynamoDB) and in transit (TLS). Biller credentials are encrypted with per-customer keys via AWS KMS. We use VPC network isolation, role-based access controls, and automated monitoring. For our full security posture, see our Security page.

Customers can access, export, or delete their data via the dashboard or API. End users should contact the customer application they use; customers can retrieve or delete end user data via our API. California residents have CCPA rights — we do not sell personal information. Contact privacy@billerapi.com to exercise any data rights.