Privacy Notice

We collect only the data we need to deliver the platform:

• Account data: work email, name, organization, role.
• Cloud-cost data: billing exports you authorize us to read (typically delivered via read-only IAM credentials to the cloud provider's billing-export bucket).
• Telemetry: request paths, response times, error counts. We do not store request bodies or user payloads in the telemetry pipeline.
• Audit events: every significant action (sign-in, role change, data deletion) is recorded in a hash-chained log.

To operate the platform: render dashboards, run anomaly detection, generate forecasts and commitments, alert on budget thresholds, and provide support. Aggregated and de-identified usage may improve the product. We do not sell your data and we do not train external machine-learning models on customer data.

Every business table in the application database carries an org_idcolumn and is governed by a PostgreSQL row-level-security policy keyed to the authenticated session's tenant context. The application connects as a non-superuser role that cannot bypass RLS; cross-tenant queries are impossible from application code.

Cost-billing data is retained for the lifetime of your account plus a defined trailing window (typically 90 days) to support historical analysis. Audit-log events are retained for the legally required minimum. Notification delivery records are pruned after 90 days. On account deletion, every business-table row carrying your org_id is removed in foreign-key dependency order; the audit-log entry describing the deletion event persists.

We use a small set of subprocessors to deliver the service:

• Cloud infrastructure: Google Cloud, AWS, or Microsoft Azure (your account is deployed in the region you select).
• Identity: Keycloak (self-hosted on the same infrastructure).
• AI: Anthropic, used only for the FinOps agent. Anthropic does not retain customer data submitted via the API beyond the 30-day abuse-detection window per their data-handling policy.
• Email: the platform sends transactional email for sign-up, password reset, and alert delivery.

A complete current list with versions and data-handling terms is provided to paying customers on request.

Depending on your jurisdiction you may have the right to: access your personal data, correct inaccuracies, request deletion, restrict processing, object to certain processing, or receive your data in a portable format. To exercise any of these rights, contact hello@cloudanalyse.com. We respond to verified requests within thirty days.

Day-zero controls:

• TLS 1.2+ enforced on all customer-facing endpoints.
• Application credentials and integration secrets managed through your cloud provider's secret manager — never in source control or environment files.
• Hash-chained audit log — tamper-evident across releases.
• Backend services run with internal-only ingress; public traffic enters through the frontend proxy.
• Database connections use a non-superuser application role; migrations run as a separate, gated role.

We are building toward SOC 2 Type 2 attestation but are not currently certified.

We may update this notice; material changes will be communicated with reasonable notice to active customers. The contract-bound version always takes precedence over this page.

Privacy questions, data-subject requests, or notice of an incident: hello@cloudanalyse.com.