Privacy Policy

Last updated: December 29, 2025

1. Introduction

At Costrail, we take your privacy seriously. This Privacy Policy explains how we collect, use, and protect your information when you use our SaaS spend tracking service.

2. Information We Collect

We collect information that you provide directly to us:

  • Account information: Email address, name, and password when you create an account
  • Invoice data: SaaS invoices you forward to us, including vendor names, amounts, billing cycles, and renewal dates
  • Payment information: Billing details processed securely through our payment provider
  • Usage data: How you interact with our service to improve the product

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our service
  • Extract and organize subscription data from forwarded invoices
  • Send you alerts about renewals, price changes, and cost anomalies
  • Process payments and send billing-related communications
  • Respond to your requests and provide customer support
  • Send product updates and service announcements

4. Data Security

We implement appropriate security measures to protect your data:

  • All data is encrypted in transit using TLS 1.3
  • Data at rest is encrypted using AES-256
  • We do not require bank access or accounting software integrations
  • Access to user data is restricted to essential personnel only

5. Data Sharing

We do not sell your personal information. We may share data only in these circumstances:

  • With service providers who assist in operating our service (e.g., hosting, payment processing)
  • To comply with legal obligations or respond to lawful requests
  • To protect our rights, privacy, safety, or property
  • In connection with a merger, acquisition, or sale of assets (with notice to you)

6. Data Retention

We retain your data for as long as your account is active. You can export your data at any time. If you cancel your account, your data will be permanently deleted within 30 days, unless we are required to retain it for legal purposes.

7. Your Rights

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Opt out of marketing communications

8. Cookies

We use essential cookies to maintain your session and preferences. We do not use third-party tracking cookies for advertising purposes.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the service. Your continued use of the service after changes indicates acceptance of the updated policy.

10. Contact Us

If you have questions about this Privacy Policy or your data, please contact us at hello@costrail.com