Skip to content
Portinout
Analyze My Bill
Open menu
Legal

Privacy policy

Portinout uses phone bill data to estimate savings, explain switching options, and operate telecom data products. This policy describes what we collect, how we use it, and the privacy boundaries built into the product.

Last updated

June 12, 2026. This policy applies to Portinout consumer tools, account features, developer tools, public API access, webhooks, and related support communications.

Bill uploads

  • Portinout only needs the plan and charges section of a phone bill. Users should exclude names, addresses, account numbers, phone numbers, and other personal details whenever possible.
  • Uploaded bill images and PDFs are processed to extract plan, price, line count, fees, device payment, usage, and similar telecom fields. Raw upload files are not intentionally stored after extraction.
  • If personal information is accidentally included in an upload, Portinout instructs the extraction system to ignore it and uses the resulting structured telecom fields for analysis.

Analysis data

  • Portinout may retain structured analysis data such as detected carrier, plan name, line count, monthly cost, taxes and fees, device payments, confidence scores, recommendations shown, and recommendation audit data.
  • Anonymous session IDs keep savings reports and switch guides reloadable. These IDs are not intended to identify a person by themselves.
  • Recommendation audit records help explain why a plan was shown, debug inaccurate recommendations, and improve the quality of the service.

Accounts and email

  • Portinout may collect an email address for magic-link sign-in, deal alerts, support, waitlists, saved preferences, and follow-up surveys.
  • Deal alert settings may include current carrier, current monthly cost, preferred network, maximum price, unlimited-data preference, hotspot preference, and alert activity.
  • Post-switch surveys may collect feedback about whether a switch was completed, carrier satisfaction, coverage experience, and actual bill results. Survey email references may be hashed where practical.

Developer and API data

  • For API customers, Portinout may collect account name, contact email, API key metadata, scopes, usage logs, request logs, quota data, billing status, subscription records, invoice links, and support notes.
  • Request logs may include endpoint, method, status code, quota cost, cache status, request ID, IP address, user agent, and timestamp.
  • Public API access must not expose consumer bill uploads, raw extraction data, app feedback, private user sessions, internal review queues, or unpublished internal data.

Webhooks

  • API customers may provide webhook endpoint URLs and event preferences. Portinout stores signing-secret metadata and delivery logs to deliver events and troubleshoot failures.
  • Webhook delivery logs may include event type, payload, customer endpoint URL, HTTP status, attempt count, error message, delivery timestamp, and success status.
  • Customers are responsible for protecting their webhook endpoints, validating signatures, and avoiding sensitive information in endpoint URLs.

Service providers

  • Portinout may use hosting, database, email, analytics, AI extraction, payment, monitoring, and security providers to operate the service.
  • Payment details are handled by the payment provider. Portinout stores billing status, subscription metadata, invoice metadata, and hosted invoice links rather than full card numbers.
  • AI providers may process bill screenshots, extracted text, or deal terms only as needed to provide extraction, analysis, or fine-print explanations.

Retention and deletion

  • Raw bill uploads are intended for transient processing only. Structured session, account, API, billing, webhook, and audit records may be kept while needed for product operation, security, support, accounting, compliance, and service improvement.
  • Operational logs and security records may be retained to investigate abuse, rate-limit misuse, billing disputes, delivery failures, and service reliability issues.
  • Users and API customers may request access, correction, deletion, or account closure by contacting Portinout, subject to legal, security, and operational retention needs.

Security

  • Portinout uses scoped access controls, hashed API keys, signed webhooks, rate limits, internal secrets, and admin role gates to protect product and customer data.
  • No internet service can guarantee perfect security. Users should avoid uploading unnecessary personal information and API customers should rotate exposed keys or webhook secrets promptly.

Contact

Questions or privacy requests can be sent to hello@portinout.com.