Legal
Privacy Policy
Effective Date: April 2, 2026 · Last Updated: April 2, 2026
The short version: Your PDF is processed in your browser — it never reaches our servers as a file. We do not store your medical records, your analysis results, or any personally identifiable information beyond what is strictly required to process your payment and deliver your report.
1. Who We Are
VeteranCalc is a service operated by Delvir LLC ("Delvir," "we," "our," or "us"). If you have questions about this Privacy Policy, please contact us at team@delvir.co.
2. Information We Collect
Information you provide:
- Medical record text: When you upload a PDF, your browser extracts the text locally using pdf.js. That extracted text is transmitted to our servers solely to perform the AI analysis and is never written to disk or stored in any database.
- Payment information: When you purchase a full report, your payment is processed by Stripe. Delvir never sees, stores, or has access to your credit card number or other payment credentials.
Information collected automatically:
- Standard web server logs may capture your IP address, browser type, and referring URL for security and diagnostic purposes. These logs are retained for no more than 30 days and are not used for marketing purposes.
3. How We Use Your Information
We use the information we collect exclusively to:
- Perform the AI-powered disability analysis on your uploaded medical record text.
- Generate and deliver your paid report upon successful payment.
- Temporarily store a tokenized version of your paid report in Upstash Redis for up to 24 hours solely to survive the Stripe payment redirect. This token is deleted immediately upon your first report retrieval.
- Diagnose technical errors and maintain the security and integrity of the Service.
4. What We Do Not Do
- We do not store your military medical records or any personally identifiable health information on our servers.
- We do not sell, rent, lease, or share your personal information with any third party for marketing or commercial purposes.
- We do not use your data to train AI models.
- We do not retain your analysis results after your report is delivered.
- We do not use cookies for tracking or advertising.
5. Third-Party Service Providers
- Anthropic: We transmit your extracted medical record text to Anthropic's API to generate the disability analysis. Anthropic does not use API inputs to train its models by default.
- Stripe: Payment processing under their own privacy policy.
- Upstash: Temporary Redis storage for the 24-hour report token. Data is automatically deleted after 24 hours or upon first retrieval.
- Vercel: Web hosting and serverless function execution.
6. Data Security
All data transmitted between your browser and our servers is encrypted using TLS (HTTPS). Medical record text is processed in memory only and is never written to persistent storage. No method of transmission over the Internet is 100% secure, but we apply commercially reasonable measures to protect your information.
7. Data Retention
- Medical record text: Processed in memory, discarded immediately after analysis. Never persisted.
- Report tokens: Stored in Upstash Redis for a maximum of 24 hours, deleted upon first retrieval.
- Server logs: Retained for up to 30 days, then automatically purged.
8. Your Rights
Depending on your jurisdiction, you may have rights to access, delete, or correct personal information we hold. Given our minimal data retention practices, there is typically no personally identifiable information stored that would be subject to these requests. To submit a privacy request, contact us at team@delvir.co.
9. Children's Privacy
The Service is not directed at individuals under the age of 18. We do not knowingly collect personal information from anyone under 18.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date at the top of this page. Your continued use of the Service after any changes constitutes your acceptance of the revised Policy.