Skip to content
Back to site
How we handle your data

Security & trust center

Effective 2026-07-08

At a glance

  • The public site is in concierge mode: choosing a bill keeps it on your device. It does not upload the document or produce an instant audit.
  • If you choose to request a human audit, you email the bill directly to LifeDesk. We only retain documents and case records when they are needed for the service you request.
  • We don’t sell your data and we don’t share it with advertisers.
  • Anything we do hold, we delete on request.
  • No ad networks, no behavioral pixels, no cross-site tracking.

Current website upload mode

The public website does not currently offer a live online audit. Choosing a document in the browser keeps that document on your device and shows the concierge intake path instead of pretending to return a result. To request a free human audit, attach the bill to an email to cases@getlifedesk.com. Do not send medical documents through a contact or newsletter form.

Case handling and de-identification

If you engage LifeDesk for a human audit or appeal, the documents can contain identifying details. We limit access to the people working on the case and use de-identified billing data where practical for analysis. A signed authorization is required before LifeDesk prepares or coordinates an appeal on your behalf.

Sub-processors

Formspree receives contact and signup form submissions on this website; it does not receive a bill selected in the concierge upload interface. Vercel hosts the public website. The Telegram assistant currently uses DeepSeek for chat and Google Gemini via OpenRouter for image reading; LifeDesk does not have a HIPAA business-associate agreement with those AI providers, so that bot is not part of the real-patient-PHI critical path. We will update this page before enabling any live online audit or new sub-processor that handles case documents.

Retention (full dispute service)

When you ask us to prepare, submit, and track an appeal, we retain the documents and case records needed to do that work. We keep them for up to 12 months after the case is resolved and then delete them; you can request deletion earlier at any time. Conversation logs on the Telegram messaging channel are retained for about 7 days and then deleted automatically.

What we don't do with your data

We don’t sell it. We don’t share it with advertisers or data brokers. We don’t use it to train models for anyone else. The only thing your documents are used for is auditing your bill and, if you ask us to, drafting an appeal on your behalf.

Deletion

Any account data we do hold — your email, case status, and the like — we delete on request. Email security@getlifedesk.com and we’ll remove it.

Vulnerability disclosure

Found something? Email security@getlifedesk.com. We aim to acknowledge reports within one business day and to fix serious issues quickly. We won’t pursue good-faith researchers who report responsibly, and we’re glad to credit you (with your permission) once a fix ships.

Where we're headed

We’re an early-stage company. We’ll keep this page current as our tools and workflows change, and we’d rather tell you what’s true today than overstate it.