Last updated: July 6, 2026
ClaimHelper (getmyyes.com) helps you turn a health-insurance denial into appeal paperwork. The documents you upload are sensitive — this policy explains exactly what we collect, why, where it goes, and how to remove it.
The short version: your files are processed only to draft your appeal, never to train AI. Unsaved uploads auto-delete after 24 hours. Saved cases stay until you delete them. Payments are handled by Stripe — we never see your card number. You can delete everything, any time, from Settings.
| Data | When | Why |
|---|---|---|
| Documents you upload (denial letters, EOBs, prior-auth denials) and the facts extracted from them — which may include health information | When you upload them | To draft your preview and appeal packet |
| Your answers to the guided questions | When you answer them | To tailor the appeal to your situation |
| Account email and password (password stored as a hash by Firebase Authentication) | When you create an account | Sign-in, saving cases, purchase receipts |
| Purchase records (amount, date, case reference, email; not card numbers) | When you buy a packet | Delivering what you paid for, receipts, tax records |
| Basic technical logs (IP, timestamps, errors) | Automatically | Security and keeping the Service working |
We do not run analytics on the contents of your documents, and we do not sell your personal information or share it for cross-context behavioral advertising.
These providers act as our processors and may not use your data for their own purposes beyond what their agreements allow.
ClaimHelper is a consumer self-help tool. We are not a healthcare provider, health plan, or clearinghouse, and not a HIPAA covered entity or business associate. HIPAA generally does not cover copies of records you upload yourself. We protect them under this policy and applicable consumer-privacy law instead.
We send transactional email only: purchase confirmations/receipts and messages about your account or cases. We do not send marketing email unless you separately opt in (there is currently no marketing list).
The Service is for adults 18+. We do not knowingly collect information from children under 13; if you believe a child has used the Service, contact us and we will delete the data.
Encryption in transit and at rest, uid-scoped storage rules so only your account can access your files, server-side entitlement checks, and secrets kept out of the client. No system is perfectly secure — if a breach affects you, we will notify you as required by law.
We'll post any changes here with a new "Last updated" date. Material changes will be highlighted in the app.