SaltSense
Privacy

Privacy Policy

Last updated: December 6, 2025

Company Information

SaltSense
Contact: support@saltsense.xyz
Website: https://saltsense.xyz

1. Introduction

This Privacy Policy describes how SaltSense ("we", "us", or "our") collects, uses, and protects your personal information when you use our Service. We are committed to protecting your privacy and handling your data, especially sensitive medical information, with care and in compliance with applicable data protection laws.

2. Information We Collect

We collect information you provide directly to us, including:

2.1 Account Information

  • Name and email address
  • Password (stored securely using industry-standard hashing)
  • Authentication credentials for login

2.2 Medical Bills and Prescriptions

  • Uploaded medical bills (PDF or image files)
  • Prescription information extracted from bills
  • Medicine names, strengths, dosages, durations, and prices
  • Medical billing codes (ICD-10, CPT, HCPCS, NDC, etc.)

2.3 Medication History

  • Drug names and active ingredients (salts)
  • Dosage and frequency information
  • Start dates and end dates
  • Markers for routine vs short-term medications

2.4 Usage Data

  • Analytics data about how you use the Service
  • Session information and login timestamps
  • Feature usage patterns (for improving the Service)

2.5 Payment Information

Important: We do NOT collect or store payment card information. All payments are processed through secure third-party payment processors. These processors handle all payment and billing information in accordance with their own privacy policies and security standards.

3. How We Use Your Information

We use the information we collect to:

  • Provide the Service: Analyze your medical bills, extract medication information, and generate insights
  • Maintain Your Account: Store your medication history and bill analyses for future reference
  • Improve Quality: Use aggregated, anonymized data to improve our AI models and features
  • Send Notifications: Send you technical notices, support messages, and service updates
  • Respond to Requests: Answer your questions and provide customer support
  • Ensure Security: Detect and prevent fraud, abuse, and security issues

4. Data Security

We implement industry-standard security measures to protect your data, especially sensitive medical information:

  • Encryption: Data is encrypted in transit (HTTPS) and at rest
  • Row-Level Security: Database-level security (Supabase) ensures users can only access their own data
  • Secure Authentication: Passwords are hashed using secure algorithms
  • Access Controls: Limited access to personal data on a need-to-know basis
  • Regular Security Audits: We regularly review and update our security practices

Note: While we implement strong security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your data.

5. Data Sharing

We do not sell your personal information. We may share your information only in the following circumstances:

5.1 With Your Explicit Consent

  • When you choose to share bill analyses or medication history with doctors or healthcare providers
  • When you explicitly authorize sharing for specific purposes

5.2 Service Providers

  • Payment Processors: Secure third-party payment processing services (they handle all payment data)
  • Supabase: Database and authentication services
  • OpenAI and Similar AI Services: For text analysis and OCR processing (data is processed but not stored by these services)
  • Hosting Providers: Vercel and other infrastructure providers

All service providers are contractually obligated to protect your data and use it only for the purposes we specify.

5.3 Legal Requirements

  • To comply with legal obligations or court orders
  • To protect our rights, property, or safety, or that of our users
  • To investigate fraud or security issues

6. Medical Data Sensitivity

We recognize that medical bills, prescriptions, and medication history are sensitive personal information. We treat this data with extra care:

  • Medical data is encrypted both in transit and at rest
  • Access to medical data is restricted to authorized personnel only
  • We do not use medical data for marketing purposes
  • We do not share medical data with third parties except as described in this policy

7. Your Rights

You have the following rights regarding your personal data:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your account and associated data (where technically feasible and legally allowed)
  • Export: Request export of your data in a portable format
  • Opt-Out: Opt out of marketing communications (if any)
  • Withdraw Consent: Withdraw consent for data processing where consent is the legal basis

To exercise these rights, please contact us at support@saltsense.xyz. We will respond to your request within a reasonable timeframe, subject to applicable law.

8. Data Retention

We retain your data for as long as your account is active or as needed to provide services. You can request deletion of your data at any time by contacting us or deleting your account. Upon account deletion:

  • Your account information will be deleted
  • Your uploaded bills and medication history will be deleted
  • Some data may be retained for legal or regulatory purposes (e.g., transaction records)

9. Cookies and Tracking

We use essential cookies to maintain your session and preferences. We do not use third-party tracking cookies for advertising purposes. Specifically:

  • Session Cookies: To maintain your login session
  • Authentication Cookies: To verify your identity
  • Preference Cookies: To remember your settings (e.g., theme preference)

You can control cookies through your browser settings, but disabling cookies may affect the functionality of the Service.

10. Children's Privacy

SaltSense is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

11. International Data Transfers

Your data may be processed and stored in servers located outside your country of residence. We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy and applicable law.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes via email or through the Service. The "Last updated" date at the top of this page indicates when the policy was last revised.

13. Contact Us

For privacy-related questions, concerns, or to exercise your rights, please contact us at:

  • Email: support@saltsense.xyz
  • Website: https://saltsense.xyz

We will respond to your inquiry within a reasonable timeframe.