Your data, in plain English.

benefit is a tool for understanding your existing health insurance. To personalise your recommendations, we collect the minimum information we need — your name, age, biological sex, and basic details about your plan (insurer, plan type, group number, and, if you tell us, your deductible and out-of-pocket max).

We do not collect or store your insurance member ID, Social Security number, medical records, diagnoses, prescriptions, or lab results. We never sell your information. You can delete your account and everything attached to it at any time by emailing us at jack@getbenefit.health.

Account information

When you sign in with Google, we receive your name and email address from Google's authentication service. We do not receive or store your Google password.

Profile information you provide

• Your first name (for personalising the dashboard)
• Your age
• Your biological sex (used to filter sex-specific preventive screenings)
• Your insurance provider and, optionally, plan type (PPO, HMO, etc.) and group number
• Optionally, your annual deductible and out-of-pocket maximum — used only to show you progress on your own tracker page
• Whether you have dental and vision coverage (so we can flag gaps in your coverage)
• Optional self-reported life-stage signals (for example, "on a parent's plan", "new to this plan", or "planning a family") that you can turn on or off at any time

Insurance-card scans

If you choose to take a photo of your physical insurance card, we send that image to an AI service so it can read your insurer, plan type, and group number. The photo itself is not stored on our servers after the scan completes. We specifically avoid reading or storing your member ID or any name printed on the card.

Tracker entries you log

When you add copays, bills, premiums, or other out-of-pocket healthcare spending to the tracker, we store the amount, category, optional label, and date you entered. We do not ask for and cannot see the underlying medical service, diagnosis, or provider.

AI chat history

Messages you send to the AI benefits advisor are processed through Anthropic's API so the model can respond. We may retain chat transcripts associated with your account to improve the product and help resolve support issues, but we do not share them with advertisers or sell them.

Usage and device information

Like most websites, we collect standard server logs (IP address, browser type, pages visited, timestamps) and product-analytics events (for example, which pages you viewed and which buttons you clicked) via PostHog. We use this to understand how the product is used and fix what's broken. We do not sell this information.

benefit is designed to stay on the non-PHI side of the line. We do not collect, store, or have the ability to see:

• Your insurance member ID or subscriber number
• Your Social Security number or government ID
• Claims data, Explanation of Benefits (EOB) documents, or billing records
• Diagnoses, medical history, test results, or prescription records
• Provider names, appointment notes, or anything a doctor has written about you
• Payment-card numbers (processed by Stripe; see below)

If you paste this kind of information into the AI chat, it will reach Anthropic's API as part of your message. We recommend against pasting sensitive medical detail into the chat — the AI can help you with general plan questions without it.

• To generate and keep your personalised recommendations up to date
• To operate the tracker, show progress bars, and calculate your return on premium
• To respond to messages you send the AI advisor
• To send you product emails you've opted into, like reminders and newsletters
• To detect abuse, secure the service, and debug issues
• To comply with the law when we're legally required to

We do not use your information for advertising, and we do not sell or rent it to anyone.

We share information only with the service providers that help us run the product:

• Supabase — hosts our database and handles authentication. Your profile and tracker entries are stored here.
• Google— used for Sign-in-with-Google. Google receives the fact that you're signing in to benefit; we receive your name and email from them.
• Anthropic — powers the AI benefits advisor and the insurance-card scan. Your chat messages and scanned card images are processed through their API.
• Stripe — processes payments if you upgrade to the Pro plan. Your payment-card details go directly to Stripe; we never see or store them.
• Vercel — hosts the website and serves it to your browser.
• PostHog — product analytics. We send pseudonymous usage events so we can understand which features people use.

Each of these providers has its own privacy practices. We do our best to choose vendors with strong security and minimise what we send them. We do not share your information with advertisers, data brokers, or anyone else.

If benefit is ever acquired or merged, your information would transfer to the new entity, subject to a privacy policy at least as protective as this one. We'll tell you before that happens and give you a chance to delete your account first.

All traffic between your browser and benefit is encrypted with TLS. Data at rest in our database is encrypted. We use row-level security so that, even inside the database, one user can only ever read their own records.

That said, no online service is perfectly secure. If we ever discover a security incident that affects your information, we'll tell you quickly and honestly.

• Access: Everything we have about you is visible on your dashboard. If you want a structured export, email jack@getbenefit.health.
• Correction: You can edit your profile at any time from the dashboard.
• Deletion:You can delete your account at any time — all profile, recommendation, and tracker data is deleted along with it. Email us if you can't find the button and we'll handle it manually within seven days.
• Opt out of analytics: You can opt out of product analytics in your account settings. Essential service logs (needed to run the site) cannot be disabled.
• California, Colorado, Virginia, and other state residents:Depending on where you live, you may have additional rights under state privacy laws (for example, CCPA / CPRA). Email us and we'll honour them.

benefit is a consumer tool, not a healthcare provider, health plan, or clearinghouse. Because we don't hold protected health information (PHI) on anyone's behalf, HIPAA does not apply to us the way it applies to your doctor or insurance company.

That's one of the reasons we've designed benefit to avoid collecting PHI in the first place: we can't accidentally leak what we don't have.

benefit is intended for adults and young adults aged 18 and over. We don't knowingly collect information from children under 13. If you believe a child has created an account, email us and we'll remove it.

If we make material changes to this policy, we'll email registered users and post a notice on the dashboard at least 14 days before the changes take effect. The current version always lives at this URL, with the last-updated date at the top.

Privacy questions, data requests, or concerns: jack@getbenefit.health.

General support: jack@getbenefit.health.