Privacy Policy

Last updated April 5, 2026

This Privacy Policy describes how Overturn (overturn.app) handles your information when you use our service.

1. Information We Collect

  • Account information: email address and name, provided via Clerk authentication.
  • Appeal metadata: insurance type, insurer name, claim description, and your name as it appears on your policy.
  • Usage data: number of appeals generated and subscription status.
  • Payment information: processed securely by Stripe. We never see or store your card details.
  • Organization data: if you use team features, we store your organization name, team member email addresses, roles, and custom letterhead details.
  • Outcome data: if you voluntarily report whether your appeal was successful, we store that outcome to improve our service.

2. Information We Do NOT Store

Your denial letter text and (optionally) your insurance policy document are processed in memory to generate your appeal letter and are immediately discarded. We do not store, log, or retain the contents of your denial letters or policy documents on our servers.

3. Health Information

Overturn is a document drafting tool and is not a HIPAA-covered entity. While you may include health-related information in your denial letter text, optional policy upload, or claim description, this information is used solely to generate your appeal letter. Denial letter text and policy documents are sent to Anthropic's Claude API for processing and are subject to Anthropic's Privacy Policy. Anthropic does not use API inputs to train their models. We store only the generated appeal letter and metadata (insurance type, insurer name, claim description) — not the original denial letter content.

4. How We Use Your Information

  • To provide and improve the Overturn service
  • To process payments via Stripe
  • To authenticate your account via Clerk
  • To send service-related communications

5. Data Sharing

We do not sell your personal information. We share data only with the following service providers:

  • Clerk (authentication)
  • Stripe (payment processing)
  • Supabase (secure database storage)
  • Anthropic (AI generation — denial letter content is sent to Anthropic’s API for processing and is subject to Anthropic’s privacy policy)
  • Sentry (error monitoring and performance tracking)
  • Resend (transactional emails such as team invitations)

6. Data Security

Your data is stored securely using industry-standard encryption. We use Supabase with row-level security to ensure users can only access their own data.

7. Data Retention

We retain your account information and generated appeal letters for as long as your account is active. Denial letter text is not retained after processing. If you delete your account, we will delete all associated data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., payment records).

8. Your Rights

You may request deletion of your account and associated data at any time by contacting us. You may export your appeal letters from your dashboard at any time.

9. Cookies

We use essential cookies for authentication only. We do not use tracking or advertising cookies.

10. Children's Privacy

Overturn is not intended for users under 18 years of age.

11. Changes to This Policy

We may update this policy at any time. We will notify users of material changes via email.

12. Contact

For privacy questions, contact us at support@overturn.app