// Modal pages — AI statement, How we use data, Privacy/GDPR, "We don't store your data".
const PAGES = {
ai: {
title: "AI statement",
deck: "How AI participates in your bill analysis, where it doesn't, and what we do to keep it honest.",
body: () => (
The short version.
We use a large language model to read your bill, extract line items, and explain what they mean.
We do not let the model decide what is owed, what is fraud, or what your legal options are.
Those framings are written by humans and reviewed quarterly.
Where the model helps
Parsing free-form text and tables out of PDFs and photos.
Mapping vague descriptions ("Admin recovery surcharge") onto a normalized vocabulary.
Drafting plain-English explanations of CPT, HCPCS, and revenue codes.
Producing the first draft of a negotiation script that you can edit before using.
Where the model does not decide
Flag thresholds (when a line is "suspicious") are set in code by our medical-billing team and a board-certified coder we contract with.
Regional benchmark prices come from anonymized aggregations of real bills, not model output.
"Likely recoverable" estimates use deterministic rules — not the model's judgment — so two users with the same bill see the same number.
Honesty checks
Every flag carries a citation back to the line item, the rule that triggered it,
and the underlying source (NCCI policy, payer manual, or aggregated benchmark).
If you can't see why we flagged something, that's a bug — please tell us.
Models we use
Document parsing and explanation generation run on a frontier model under a zero-retention
enterprise agreement. Your bill is sent as a transient prompt and is not used to train
that model or any other.
Mistakes
AI gets things wrong. So do humans. So do hospitals. Treat our output as a sharp second
opinion — not a final answer. We surface uncertainty by marking lines as flagged,
negotiable, or within range, and we tell you when the underlying market
data is thin.
)
},
data: {
title: "How we use your data",
deck: "Plain-English answer to the question: what happens to my bill after I upload it?",
body: () => (
One sentence.
Your bill is parsed in memory, returned to you as an analysis, and discarded —
unless you opt in to anonymized benchmarking, in which case the line-item amounts
(without your name, account, or address) help everyone else negotiate better.
What we collect by default
The file itself — held only in volatile memory for the duration of one analysis.
Operational logs (request timing, error rates) without bill content.
A coarse hash of your IP for rate-limiting. We don't keep the IP itself.
What we collect if you opt in
Anonymized line items: code, description, charged amount, ZIP-3.
No names, no account numbers, no provider patient identifiers.
You can withdraw at any time and we will purge contributions within 30 days.
What we never do
Sell your data to insurers, employers, advertisers, or data brokers.
Use your bill content to train any AI model.
Share identifiable information with affiliated providers we link out to.
Why benchmarks exist
Negotiation power comes from knowing the median rate. The more bills our community
contributes, the sharper the percentile we can show every user. We are honest that
this is a network effect — and we believe the only ethical version of it is the one
where contribution is opt-in, anonymized, and reversible.
)
},
privacy: {
title: "Privacy & compliance",
deck: "GDPR, CCPA, CPRA, Texas, Virginia, Colorado. The same rights, restated for each.",
body: () => (
Your rights, regardless of jurisdiction
Access. Ask what we hold on you. We respond within 30 days.
Portability. Download an export in JSON.
Correction. Fix anything inaccurate.
Deletion. Have all records purged from primary and backup systems.
Objection. Opt out of anonymized benchmarking at any time.
EU / UK · GDPR
We act as the data controller for the limited operational data described above.
Lawful bases are consent for benchmark contribution and legitimate interest for
rate-limiting and abuse prevention. International transfers use Standard Contractual Clauses.
Our EU representative is listed at the bottom of this page.
California · CCPA / CPRA
We do not sell or share personal information for cross-context behavioral advertising.
We honor Global Privacy Control signals automatically.
Texas · Virginia · Colorado · Connecticut · Utah
State-level consumer privacy rights mirror the protections above. Sensitive personal
information categories collected: none by default. Health information from medical
bills is processed only for the duration of the analysis and is not retained.
Children
Checkthisbill is not directed at people under 16. We do not knowingly collect data from minors.
A parent or guardian uploading a child's medical bill processes that bill on the child's behalf;
the same in-memory-only handling applies.
Changes to this policy
When we change anything material, we post the change with a 30-day window before it takes effect,
and we email everyone with an account. Quiet rewrites are not allowed under our internal rules.
)
},
storage: {
title: "We don't store your bill.",
deck: "Most billing tools want everything: your inbox, your bank, your card. We want about thirty seconds.",
body: () => (
Zero-retention by default.
The PDF or image you upload is held in volatile memory only.
When the analysis finishes — or after 5 minutes, whichever is first — it is gone.
What that means in practice
No copy is written to disk on our servers.
No copy is written to disk on any model provider we use.
You will not find your bill in a "history" tab — there isn't one.
If you want a record, download the PDF report at the end of the analysis. That copy lives on your device, not ours.
What we do keep
The fact that some analysis ran, with timestamps, for billing and abuse-prevention.
If you opt in: anonymized line-item benchmarks with no link back to you.
Why this is the default
Billing data is sensitive in ways most product teams understand only after a breach.
We'd rather not be the team that learns the lesson the hard way — and we'd rather you
not be the user who teaches them. The cheapest way to keep something safe is to not
keep it at all.
Independent verification
We are mid-audit for SOC 2 Type II. Once complete, the report is available on request.
Our infrastructure-as-code is open for inspection by partners under NDA — no hidden
retention paths.
)
},
how: {
title: "How it works",
deck: "Upload, read, explain, negotiate. Four moves. About thirty seconds end-to-end.",
body: () => (
1. Upload
Drag a PDF, snap a photo, or paste a screenshot. Internet bills, medical statements,
repair quotes, subscription invoices, hotel folios. We support most consumer billing formats
and a growing set of business invoices.
2. Read
We extract every line — codes, descriptions, quantities, amounts. We normalize vague
surcharge names against a vocabulary built from millions of real bills, so
"Administrative Recovery Fee", "Cost Recovery Surcharge", and "Operational Adjustment"
all resolve to the same family.
3. Explain
Each line gets one of three labels — flagged, negotiable, or within range —
and a one-sentence explanation in plain English. If a line shouldn't be there, we say so,
and we tell you why.
4. Negotiate
We hand you a script tuned to the actual issues we found. Calm, specific, and short.
Use it on a phone call, paste it into live chat, or attach it to a written dispute.
Then close the tab and get on with your life.
)
},
monitor: {
title: "Bill creep monitoring",
deck: "Coming soon — we'll watch your future bills against this baseline and ping you only when something changes.",
body: () => (
One-time analysis is most of the value. But if you'd like, we can hold a checksum
of this bill (no content, just structural fingerprints) and compare it against future
uploads. When a fee creeps, a new line appears, or a promo expires, we'll send one email.
No dashboards, no daily reminders.
Premium feature, $4/month, opt-in. Available in beta from June.