Privacy Policy

Effective date: July 11, 2026

Alferdize ("we") operates the CostPilot AI service. This policy describes what we collect and how it is handled — every claim below matches what the product actually does.

What we collect

  • Account data: your name, work email, and password hash (bcrypt; we never store plaintext passwords).
  • Billing telemetry from sources you connect: cost records, cluster and warehouse metadata, and usage metrics from cloud billing APIs and Databricks system tables — via read-only credentials you control and can revoke.
  • Product usage: request logs with request IDs for debugging and security (rate limiting, auth failures).

What we do not collect

  • The contents of your data lakes, tables, notebooks, or code.
  • Payment card details (invoicing is handled off-platform today).

How data is protected

  • Every tenant's rows are isolated with Postgres row-level security, enforced at the database layer and verified automatically on every deploy.
  • Credentials you provide are stored as references resolved through a secrets manager (Azure Key Vault in production), not in the application database.
  • Transport is TLS; access tokens are short-lived JWTs with rotating refresh tokens.

Who else touches data (subprocessors)

  • Microsoft Azure — hosting and storage.
  • Anthropic — the "Ask CostPilot" chat sends your question and relevant cost aggregates to the Claude API to generate an answer. Chat is optional; no source credentials are ever included.

Retention and deletion

Billing telemetry is retained while your account is active. On termination or written request we delete your workspace and billing data within 30 days.

Your choices

Revoke connected credentials at any time (collection stops immediately), export your reports, or request account deletion at the contact below.

Contact

support@alferdize.com