Privacy Policy

We collect only the information necessary to provide our service:

• Email address — to deliver your analysis results and purchased templates.
• Business inputs — industry type, annual revenue range, employee count, and any additional context you provide. These are used to generate personalized cost analyses and communication templates.
• Analytics data — anonymized page views, button clicks, and funnel events via PostHog. No personally identifiable information is included.
• UTM parameters and referrer — to understand which marketing channels bring users to CostShield. Stored with your user record if you complete the wizard.

• We do not collect passwords or create user accounts.
• We do not collect precise financial records, tax IDs, or bank information.
• We do not use cookies for advertising or cross-site tracking.
• We do not sell your data to third parties.

• Service delivery — generating your cost analysis and communication templates.
• Email delivery — sending results and purchase confirmations via Resend.
• Product improvement — analyzing anonymized usage patterns to improve the wizard flow and template quality.
• Marketing — only with your explicit consent (opt-in checkbox at checkout). You can unsubscribe at any time via the one-click link in every email.

We use the following services to operate CostShield. Each processes data on our behalf:

• Stripe — payment processing. Stripe receives your email and payment details.
• Resend — email delivery. Resend receives your email address and message content.
• Cloudflare Workers AI / DeepInfra — AI model inference. Your business inputs are sent to these providers to generate templates. Data is processed in real-time and not retained by these providers.
• Neon (PostgreSQL) — database hosting. Stores session data, report results, and email records.
• PostHog — product analytics. Receives anonymized event data.
• Upstash (QStash + Redis) — job queues and rate limiting.
• Vercel — application hosting and edge delivery.

• Analysis sessions — retained for 30 days, then automatically deleted.
• Purchased reports — retained indefinitely so you can access your templates via the durable link. You may request deletion at any time.
• Email addresses — retained as long as you have purchased reports or are subscribed to marketing emails. Unsubscribed emails are added to a suppression list to prevent further sends.
• Analytics data — retained in PostHog for product analysis. Anonymized after 90 days.

You have the right to:

• Access — request a copy of the data we hold about you.
• Delete — request deletion of your data and purchased reports.
• Unsubscribe — stop marketing emails at any time via the one-click unsubscribe link in every email.
• Object— opt out of analytics tracking (contact us and we'll exclude your data).

To exercise any of these rights, email us at support@cost-shield.com. We'll respond within 30 days.

CostShield does not use first-party cookies for tracking. PostHog analytics may set a cookie for session identification. You can decline analytics cookies by enabling Do Not Track in your browser. See our Cookie Policy for details.

We use industry-standard security practices: HTTPS everywhere, encrypted database connections, rate limiting on all API endpoints, and Stripe's PCI-compliant payment infrastructure. We never store credit card numbers — Stripe handles all payment data.

CostShield is not intended for users under 13. We do not knowingly collect data from children.

We may update this policy as our service evolves. Material changes will be notified by email or a notice on the site.

Privacy questions? Email us at support@cost-shield.com.