Privacy Policy

1. Introduction

Costif.ai ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our IT asset management and cost optimization platform (the "Service").

Please read this privacy policy carefully. By using the Service, you consent to the data practices described in this policy.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, company name, job title, and billing information when you register for an account.
• Profile Information: Any additional information you choose to add to your profile.
• Communications: Information you provide when contacting our support team or participating in surveys.

2.2 Information Collected Automatically

• Software Asset Data: Information about software installations, licenses, and usage patterns collected through our agent software deployed on your systems.
• Device Information: Hardware specifications, operating system details, and network configuration of monitored endpoints.
• Usage Data: Information about how you interact with our Service, including access times, pages viewed, and features used.
• Log Data: Server logs, error reports, and performance metrics.

2.3 Information from Third Parties

• Information from single sign-on (SSO) providers when you choose to authenticate through them.
• Information from business partners for account verification purposes.

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our Service
• Process transactions and send related information
• Send technical notices, updates, security alerts, and support messages
• Respond to your comments, questions, and customer service requests
• Analyze software assets and generate optimization recommendations
• Monitor and analyze trends, usage, and activities
• Detect, investigate, and prevent fraudulent transactions and unauthorized access
• Personalize and improve your experience
• Comply with legal obligations

4. Data Sharing and Disclosure

We may share your information in the following circumstances:

• Service Providers: With third-party vendors who perform services on our behalf, such as hosting, data analysis, and customer service.
• Business Transfers: In connection with a merger, acquisition, or sale of all or a portion of our assets.
• Legal Requirements: When required by law or to respond to legal process, protect our rights, or ensure the safety of our users.
• With Your Consent: When you have given us explicit permission to share your information.

We do not sell your personal information to third parties.

5. Data Security

We implement appropriate technical and organizational security measures to protect your information, including:

• Encryption of data in transit (TLS 1.3) and at rest (AES-256)
• Regular security assessments and penetration testing
• Access controls and authentication requirements
• Employee training on data protection practices
• Incident response procedures

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide you services. We will retain and use your information as necessary to:

• Comply with our legal obligations
• Resolve disputes
• Enforce our agreements
• Maintain business records for audit purposes

Upon account termination, we will delete or anonymize your data within 90 days, except where retention is required by law.

7. Your Rights

Depending on your location, you may have the following rights:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal information
• Portability: Request a copy of your data in a portable format
• Opt-out: Opt out of certain data processing activities
• Withdraw Consent: Withdraw previously given consent

To exercise these rights, please contact us at privacy@costif.ai.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by relevant authorities
• Adequacy decisions where applicable
• Binding Corporate Rules for internal transfers

9. Children's Privacy

Our Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child, we will take steps to delete such information.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at: