Legal
Privacy Policy
Effective date: January 1, 2026
PrismCost, Inc. ("PrismCost", "we", "us", or "our") operates the PrismCost platform — a FinOps service for data teams. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website at prismcost.com and our SaaS platform. Please read it carefully. If you disagree with any part of this policy, please discontinue use of our services.
1. Information We Collect
Account information. When you register, we collect your name, work email address, company name, and role. This information is used to create and manage your account.
Billing information. For paid plans, billing is processed by our payment processor (Stripe). We do not store full credit card numbers on our servers.
Usage data. We collect information about how you use the PrismCost platform, including pages visited, features accessed, and actions taken within the application. This helps us improve the product.
Communications. If you contact us by email or through our website forms, we retain those communications to respond to you and improve our services.
Cookies and tracking. We use cookies and similar technologies for session management, authentication, and analytics. See our Cookies section below for details.
2. How We Use Your Information
We use the information we collect to:
- →Provide, operate, and maintain the PrismCost platform
- →Process transactions and send billing-related communications
- →Send product updates, security alerts, and support messages
- →Respond to comments, questions, and requests
- →Analyze usage patterns to improve the platform
- →Detect, prevent, and address technical issues or abuse
- →Comply with legal obligations
We do not sell your personal information to third parties. We do not use your data to train AI models.
3. Data We Access From Your Warehouse
Important
PrismCost never accesses your actual data — the rows, columns, or query results stored in your warehouse. We only access metadata and operational information.
When you connect your data warehouse (Snowflake, BigQuery, or Databricks) to PrismCost via OAuth or service account with read-only permissions, we access:
- →Query history and execution metadata (query IDs, durations, bytes scanned)
- →Warehouse and cluster configurations and utilization metrics
- →Cost and credit consumption data
- →User and role information (for cost attribution purposes)
- →Storage usage and table-level metadata (sizes, partition counts — not contents)
- →Job and pipeline execution logs
All warehouse access is read-only. We use the minimum permissions necessary to deliver the service.
4. Data Retention
We retain your account information for as long as your account is active or as needed to provide services. Warehouse metadata is retained for up to 13 months to enable year-over-year trend analysis. If you delete your account, we delete or anonymize your data within 30 days, except where retention is required by law or for legitimate business purposes (e.g., billing records). You may request deletion at any time at hello@prismcost.com.
5. Data Security
We implement industry-standard security measures including encryption in transit (TLS 1.2+) and at rest (AES-256), access controls and audit logging, regular security reviews, and SOC 2-aligned practices. Warehouse credentials are encrypted and stored using secrets management best practices. No method of transmission over the internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
6. Third-Party Services
We use the following categories of third-party service providers, each subject to their own privacy policies:
- →Payment processing (Stripe) — for billing and subscription management
- →Cloud infrastructure (AWS) — for hosting and data storage
- →Analytics (privacy-focused, cookieless) — for aggregate product usage analysis
- →Email delivery — for transactional and product communications
- →Customer support tooling — for managing support tickets
We do not share your personal data with third parties for their own marketing purposes.
7. Your Rights (GDPR & CCPA)
Depending on your location, you may have the following rights regarding your personal data:
- →Access — request a copy of the personal data we hold about you
- →Correction — request that we correct inaccurate or incomplete data
- →Deletion — request that we delete your personal data ('right to be forgotten')
- →Portability — request your data in a machine-readable format
- →Restriction — request that we limit how we process your data
- →Objection — object to processing based on legitimate interests
- →Opt-out of sale (CCPA) — we do not sell personal data, so this right is satisfied by default
To exercise any of these rights, contact us at hello@prismcost.com. We will respond within 30 days. For EU/EEA users, you also have the right to lodge a complaint with your local data protection authority.
For California residents: under CCPA, you have the right to know what personal information is collected, the right to delete, and the right to opt-out of sale. We do not sell personal information.
8. Cookies
We use strictly necessary cookies (for authentication and session management), functional cookies (for user preferences), and analytics cookies (for aggregate, anonymized usage data). We do not use advertising or tracking cookies. You may disable cookies through your browser settings, but some features of the platform may not function correctly without them.
9. Children's Privacy
PrismCost is a B2B service intended for business professionals. We do not knowingly collect personal information from anyone under the age of 16. If you believe we have inadvertently collected information from a minor, please contact us immediately at hello@prismcost.com.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by posting a prominent notice on our website at least 7 days before the changes take effect. The "Effective date" at the top of this policy indicates when it was last revised. Your continued use of PrismCost after changes take effect constitutes acceptance of the updated policy.
11. Contact Us
If you have questions about this Privacy Policy or how we handle your data, please contact us: