MDBill – Security & Data Transmission Policy

Effective Date: January 2025

MDBill is a product of AcerHealth Inc. This policy explains how MDBill protects personal and payment-related information and how payment card details are transmitted during transactions.

1. Secure Website Connection (Encryption)

MDBill uses industry-standard encryption to protect information transmitted between your browser and our systems. When you access MDBill, your connection is secured using HTTPS (TLS encryption) to reduce the risk of interception or tampering while data is in transit.

2. Payment Card Data Handling (PCI)

MDBill uses PCI-compliant payment gateway partners to process card transactions. MDBill does not store full credit card numbers or card verification values (CVV) on our servers.

  • Card data entered during checkout is handled through secure, gateway-provided mechanisms (tokenization / transient tokens)
  • MDBill receives only limited data needed for receipts, reconciliation, and support (for example: transaction ID, card brand, last 4 digits when provided by the processor)
  • Sensitive authentication elements (like CVV) are not stored after authorization
3. Access Controls

MDBill applies access controls designed to restrict access to systems and data to authorized personnel and services only. We also use logging and monitoring to help detect suspicious activity and protect platform integrity.

4. Data Minimization

MDBill collects and retains data that is reasonably necessary to provide the service, support transactions, prevent fraud, and comply with legal and operational requirements. Where feasible, we use tokenization and avoid storing sensitive payment card data.

5. Account Security Responsibilities

Users are responsible for maintaining the confidentiality of their login credentials and for using secure devices and networks. If you suspect unauthorized access to your account or payment activity, notify us immediately.

6. Emails, Links, and Phishing Protection

MDBill will never ask you to send full card numbers or CVV by email. Do not share sensitive payment details through email or chat. If you receive a suspicious message claiming to be MDBill, contact us directly using the official support email below.

7. Service Providers

MDBill may use reputable third-party service providers (such as payment processors, hosting providers, and communication services) to deliver the platform. These providers are expected to maintain appropriate security controls for the services they provide.

8. Security Incidents

If we become aware of a security incident that materially affects user data, we will take reasonable steps to investigate, mitigate, and provide notices as required by applicable laws and contractual obligations.

9. Contact Information

If you have questions about this Security & Data Transmission Policy, contact:
Email: support@mdbill.io
Website: https://mdbill.io

Note: For full details on how we collect, use, and retain personal data, please see our Privacy Policy.