Stawry← Back to home

Privacy Policy

Last Updated: January 15, 2026

1. Information We Collect

Personal Information

When you create an account or use our services, we may collect the following personal information:

  • Name, email address, and phone number
  • Account login credentials
  • Payment information processed through third-party services (such as Stripe) — we do not store full credit card numbers

Health-Related Information

To negotiate your medical bills, we may collect health-related information that you voluntarily submit, including:

  • Medical records such as invoices, itemized bills, and diagnosis codes
  • Insurance data including member IDs and Explanations of Benefits (EOBs)

Device and Usage Data

We automatically collect certain information when you access our platform, including IP addresses, browser type, operating system, and usage patterns. This data is used for security, analytics, and improving our services.

2. How We Use Your Information

We use the information we collect to:

  • Negotiate and reduce your medical bills with healthcare providers
  • Verify authority to act on your behalf via HIPAA authorization releases
  • Communicate case updates and results to you
  • Process subscription fees and payments
  • Improve our platform, services, and user experience
  • Comply with legal obligations

3. Disclosure of Information

We do not sell your personal data or medical data to third-party data brokers. We may share your information only in the following circumstances:

  • Medical providers: To discuss and negotiate your bills on your behalf
  • Trusted vendors: Service providers bound by confidentiality agreements who help us operate our platform
  • Legal requirements: When required by law, regulation, or legal process

4. Data Security & Retention

We take the security of your data seriously. All health-related data is encrypted at rest using the AES-256 standard and in transit using SSL/TLS protocols.

Medical documents are retained only as long as necessary to complete your negotiations and are securely deleted afterward. We implement industry-standard security measures to protect against unauthorized access, alteration, or destruction of your data.

5. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including:

  • Right to know: Request a report of the personal information we have collected about you
  • Right to delete: Request deletion of your personal information, subject to certain legal exceptions
  • Right to opt-out: Opt out of the sale of your personal data (note: we do not sell your data)

To exercise these rights, please contact us at help@stawry.com.

6. Children's Privacy

Our services are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13. Parents and legal guardians may submit medical bills on behalf of their minor children.

7. Do Not Track Signals

Our platform does not currently respond to Do Not Track (DNT) browser signals. We may update this practice as industry standards evolve.

8. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email or through a notice on our platform. Your continued use of our services after such changes constitutes your acceptance of the updated policy.

9. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

Email: help@stawry.com