Costanalyst

Legal

Privacy Policy

Last updated June 2026

This Privacy Policy explains how Costanalyst ("we", "us") collects, uses, and protects information when you visit our website or use our cost-analysis platform. We aim to be plain and honest about what we do with data.

Information we collect

When you create an account we collect your email address and a verification code we send to confirm it. If you contact us, we collect your name, email, and message. We also collect standard technical information such as your IP address, browser type, and the page that referred you, along with any UTM parameters in the link you arrived from.

Your billing and spend data

Costanalyst connects to your cloud providers (AWS, GCP, Azure) and SaaS subscriptions with read-only access. We read billing and usage metadata, such as invoices, line items, service and resource names, usage figures, and subscription details, so we can find savings, flag anomalies, forecast your budget, and attribute spend by team. We never have write access and we never move money. Enterprise customers may deploy in their own environment so that data never leaves their infrastructure.

How we use information

  • To create and secure your account and confirm your email.
  • To analyze your cloud and SaaS spend and send you savings, anomaly alerts, and product communications about your access.
  • To respond to your messages and provide support.
  • To understand how the site is used and improve it.

How we share information

We do not sell your personal information. We share information only with service providers who help us operate the site and platform (for example, email delivery and analytics), under contracts that require them to protect it, or where required by law.

Data retention

We keep account and contact information for as long as your account is active or as needed to provide the service, then delete or anonymize it. You can ask us to delete your information at any time.

Security

We use industry-standard measures to protect your information, including encryption in transit and at rest, read-only billing and SaaS connections, and access controls. You can revoke our access at any time. Enterprise plans add SSO, audit logging, and in-VPC deployment options.

Your choices

You can access, correct, or delete your information, and you can opt out of non-essential email at any time. To make a request, email [email protected].

Contact

Questions about this policy? Email us at [email protected].