Decode File

Legal

Privacy Policy

We keep this short and specific. Your uploaded policies are stored in your own account, we do not sell any data, and the list of third-party services we rely on is below.

Last updated: 23 April 2026

1. Who we are

Decode File (“we”, “us”) is a product operated from India that explains Indian health-insurance policies in plain English. You can reach us at hello@decodefile.com.

2. Data we collect

We collect only what the product needs to work.

Account data

  • Email address (required to sign in via one-time link).
  • An identifier generated by our auth provider (Supabase) that links your sessions together.

Policy data

  • Files you upload (PDFs, photos) and the extracted text used to generate your report.
  • Structured fields we extract — insurer name, plan, premium, sum insured, start and renewal dates.
  • The decoded summary we write back to your account.

Payment data

  • We never see your card details. Razorpay collects payment information directly; we only receive a payment identifier and status.

Usage and feedback

  • Basic usage logs (API calls, errors) for debugging and reliability.
  • Feedback you submit through the in-app form (and whether you flagged it urgent).

3. How we use your data

  • Deliver the core product: decoding policies, running Q&A, listing your saved analyses.
  • Send transactional emails (sign-in links, payment receipts).
  • Investigate bugs, improve accuracy of our decoders, and respond to feedback you submit.
  • Prevent abuse and enforce our Terms of Service.

We do not sell your data. We do not show advertising on the product. We do not use your uploaded policy documents to train third-party AI models.

4. Who we share data with

We use a small set of trusted service providers to operate the product. Each one only receives the data required for its function.

  • Supabase — authentication, database, and file storage. Hosts your email, policy files, and decoded reports.
  • Razorpay — payments. Receives your name, email and card information directly at checkout.
  • Resend — transactional email. Receives your email address and the email body we send you.
  • Vercel — application hosting. Sees request-level traffic and operational logs.

When we add a new processor (for example, an AI provider for real-time Q&A) we will update this page and note it in the “Last updated” date.

5. Data retention

  • Your policy files and decodes are kept as long as your account is active.
  • If you delete an analysis, we remove both the stored file and the database row. We do not keep backups of individual analyses after deletion.
  • If you delete your account (by emailing us), we erase your profile, analyses, files, feedback and payment records within 30 days, except where law requires us to retain certain records (for example, tax invoices for up to 8 years under Indian law).

6. Your rights

You can request access, correction, export, or deletion of your data at any time by emailing hello@decodefile.com from the address on your account. We aim to respond within 7 working days.

7. Security

  • All traffic to the site is encrypted in transit (HTTPS / TLS).
  • Data at rest is encrypted by our underlying providers (Supabase, Vercel, Razorpay).
  • Access to production databases is restricted to a small list of administrator email addresses.
  • We will notify affected users within 72 hours of discovering any material breach that affects their data.

8. Cookies

We use essential cookies only — a signed session cookie set by Supabase to keep you logged in, and functional cookies required by Razorpay on the checkout page. We do not use analytics or advertising cookies on this product.

9. Children

Decode File is not intended for children under 18. If you believe a minor has created an account, contact us and we will remove it.

10. Changes to this policy

We will update the “Last updated” date at the top of this page whenever this policy changes. If the change is material (for example, a new category of data processor), we will also notify account holders by email.

11. Contact

Questions, requests, or concerns? hello@decodefile.com.

Questions or requests about this page? Email hello@decodefile.com.