Privacy Policy

Privacy Policy for Billing Pilot

Effective Date: May 20, 2026

Contact Email: daywalker191@yahoo.com

At Billing Pilot, we value your privacy and are committed to protecting your personal and sensitive data. This privacy policy explains how the extension collects, processes, and protects user data while ensuring transparency and compliance with applicable privacy regulations.

---

1. Data Collection

The Billing Pilot extension collects the following types of data strictly for its intended purpose of automating billing processes within the OSCAR EMR system:

- Personally Identifiable Information (PII):

  - Patient demographic numbers, age, and other health identifiers.

- Health Information:

  - Medical history, social history (e.g., smoking status), diagnoses, and billing codes.

- Licensing and Account Information:

  - Email address and license key used for subscription verification and payment processing.

This data is accessed directly from the OSCAR EMR system during active use of the extension, or provided by the user at the time of purchase.

---

2. Purpose of Data Collection

The data collected by the extension is used solely for:

- Automating billing code retrieval and submission.

- Determining eligibility for specific billing codes based on patient information.

- Improving workflow efficiency in managing patient records within the OSCAR EMR system.

- Verifying active licenses and managing trial period access.

- Processing subscription payments through our payment provider.

The extension does not use this data for any other purposes.

---

3. Data Processing and Storage

- Local Processing: All patient and health data is processed locally within your browser session. The extension does not transmit or store any patient data on external servers or third-party systems.

- Temporary Storage: Some data may be temporarily cached in memory (e.g., JavaScript variables) to improve performance. This temporary storage is cleared automatically when the browser session ends.

- License and Subscription Data: To verify active licenses and manage trial periods, the extension communicates with a secure licensing server operated by Billing Pilot (hosted on Cloudflare). This communication includes a license key and may include a device or installation identifier. No patient health data is transmitted in this process. License status may be stored persistently using browser storage mechanisms (e.g., chrome.storage) to avoid repeated server lookups.

---

3.5 Payment Processing

Billing Pilot uses LemonSqueezy as its payment processor for subscription and licensing purchases. When you purchase a license, your payment details (name, email address, and payment method) are collected and processed directly by LemonSqueezy. Billing Pilot receives only a license key and basic order confirmation — it does not store your payment card information. LemonSqueezy's privacy policy governs their handling of your payment data and can be reviewed at https://www.lemonsqueezy.com/privacy.

---

4. Data Sharing

The Billing Pilot extension does not share any patient health data with third parties. For billing and licensing purposes, limited non-clinical data (such as email address and license key) is shared with LemonSqueezy (payment processing) and processed by Billing Pilot's licensing infrastructure (Cloudflare Workers). No EMR or patient data is involved in these transactions. All clinical interactions occur securely within the OSCAR EMR environment.

---

5. Data Security

We prioritize the security of your data by implementing the following measures:

- Local Processing of Health Data: All patient and health data processing occurs locally on your device, ensuring no external transmission of clinical information.

- Secure Access: The extension uses secure methods to access necessary information from the OSCAR EMR system.

- Limited External Communication: The extension communicates externally only for license validation and payment processing. This communication is restricted to non-clinical data (license keys, identifiers). All patient and health information remains local to your browser session and is never transmitted externally.

- Secure Licensing Infrastructure: License verification is handled over encrypted connections through Cloudflare Workers, ensuring that licensing data is protected in transit.

---

6. User Rights

As a user of the Billing Pilot extension:

- You can disable or uninstall the extension at any time to stop its functionality.

- The extension does not retain any personal or health information after the browser session ends.

- You may contact us at daywalker191@yahoo.com to request information about your account or to cancel your subscription.

---

7. Updates to This Policy

This privacy policy may be updated periodically to reflect changes in functionality or legal requirements. This policy was last updated on May 20, 2026 to reflect the addition of subscription-based licensing and payment processing infrastructure. Any significant updates will be communicated through the Chrome Web Store listing.

---

8. Contact Information

If you have any questions, concerns, or feedback about this privacy policy or how your data is handled, please contact us at:

Email: daywalker191@yahoo.com

---

This privacy policy ensures transparency while emphasizing that all sensitive patient data remains securely processed locally within the user's browser session. It aligns with Chrome Web Store policies and applicable privacy regulations including GDPR and PIPEDA.