Privacy Policy
Effective Date: March 19, 2026 · Last Updated: March 19, 2026
RedactaBill ("the Service") is operated by Trusler Legal, PLLC doing business as Lexpert AI ("we," "us," "our"). This Privacy Policy describes how we collect, use, and protect information when you use RedactaBill at redactabill.com and redactabill.lexpertai.com.
1. Our Core Principle: Zero Retention
RedactaBill is designed around a zero-retention architecture. Uploaded invoices and documents are processed in temporary memory, never written to permanent storage, and automatically discarded after you download the redacted output or your session expires. We do not retain, archive, or back up the content of your uploaded files.
2. Information We Collect
Account Information
When you create an account, we collect your name, email address, and authentication credentials through our identity provider. This information is necessary to provide the Service and is retained as long as your account exists.
Uploaded Documents (Temporary)
When you upload invoices for redaction, the document content is held in temporary server memory (Redis) only for the duration of your active session. This data is:
- Never written to disk or permanent database storage
- Never used to train AI models
- Automatically purged when your session ends or after download
- Encrypted in transit via TLS 1.3
Usage Data
We collect basic usage metrics such as page views, feature usage counts, and error logs. These do not contain the content of your documents.
3. Third-Party Services
The Service uses the following third-party processors. Each processes data only as needed to provide their specific function:
| Service | Purpose | Data Shared |
|---|---|---|
| Clerk (clerk.com) | Authentication and identity management | Name, email, login credentials |
| Google Gemini (AI API) | AI-powered redaction analysis of time entries | Text content of invoice time entries (temporarily, per-request) |
| Redis (self-hosted) | Temporary session and file storage | Uploaded file data (auto-expiring, not persisted to disk) |
Google Gemini: Invoice text is sent to Google's Gemini API solely for redaction analysis. Google's API terms prohibit using API input data to train models. We do not send document metadata, file names, or account information to the AI service.
4. Authentication and Shared Sign-In
RedactaBill uses a shared authentication system across the Lexpert product family (*.lexpertai.com). When you sign in, a session cookie is set on the .lexpertai.com domain. This means:
- A single account works across all Lexpert products (RedactaBill, Lexpert Docs, Lexpert SkillSets, etc.)
- Signing in on one Lexpert product signs you in on all of them
- You can manage your account and data at www.lexpertai.com
5. How We Use Your Information
- To authenticate you and provide the Service
- To process your invoices for redaction (temporarily)
- To communicate about your account or the Service
- To monitor and improve service reliability
We do not sell, rent, or share your personal information with third parties for marketing purposes.
6. Data Security
- All data in transit is encrypted with TLS 1.3 (256-bit)
- Uploaded content is held only in temporary memory, never persisted to disk
- True redaction removes content from the PDF data stream (not visual overlay)
- Authentication is handled by Clerk with industry-standard security practices
7. Data Retention
| Data Type | Retention Period |
|---|---|
| Account information | Until you delete your account |
| Uploaded documents | Session duration only (auto-deleted) |
| Redacted output files | Session duration only (auto-deleted) |
| Usage logs | 90 days |
8. Your Rights
You have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your account and associated data
- Export your account data
To exercise these rights, contact us at privacy@lexpertai.com.
9. Children's Privacy
The Service is not directed at individuals under 18. We do not knowingly collect personal information from children.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice on the Service. Continued use after changes constitutes acceptance.
11. Contact
Trusler Legal, PLLC d/b/a Lexpert AI
Email: privacy@lexpertai.com