Last updated: April 2, 2025
reCost.io ("we", "our", "us") operates the reCost Data Flow platform ("Service"). reCost.io is operated by reCost Inc., a Delaware corporation ("we," "us," or "our"). For privacy inquiries, contact: privacy@recost.io. This Privacy Policy explains how we collect, use, and protect information when you use our Service.
Account information: When you register, we collect your name, email address, and company name.
Usage data: We collect information about how you interact with the Service, including pages visited and features used.
Cloud infrastructure metadata: With your authorization, we collect metadata from your AWS account (S3 access logs, Glue job execution records, Athena query history, table metadata). We do not collect the contents of your data files.
S3 access log data processed by reCost may include: AWS IAM role ARNs and principal identifiers, S3 bucket and object key paths (which may contain personal data patterns such as email addresses or account identifiers), IP addresses, HTTP user-agent strings including SDK versions, request timestamps, and HTTP response codes. reCost processes this data solely to provide the observability service and does not use it for advertising or sell it to third parties.
We implement industry-standard security measures including TLS 1.3 encryption in transit, AES-256 encryption at rest, least-privilege IAM access, and SOC 2 Type II-audited controls. Cloud metadata collected from your account is stored in isolated, per-customer infrastructure.
Account data is retained for the duration of your subscription plus 30 days after termination. Cloud metadata is retained according to your plan's event retention policy (7 days, 90 days, or unlimited). You may request deletion of your data at any time.
We use third-party services for hosting, analytics, and customer support. These services are bound by their own privacy policies and data processing agreements with us.
If you are located in the European Economic Area, you have rights to access, correct, delete, and port your personal data. Contact us at privacy@recost.io to exercise these rights.
For customers in the European Economic Area: reCost Inc. acts as a data processor on behalf of the customer (data controller) for S3 access log data. A Data Processing Agreement (DPA) is available upon request at privacy@recost.io.
For privacy questions, contact us at privacy@recost.io.