cicosts

Privacy Policy

Last updated: December 20, 2025

1. Introduction

CICosts ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our CI/CD cost tracking service.

By using CICosts, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Account Information

When you sign up using GitHub OAuth, we collect:

  • Your GitHub username and email address
  • Your GitHub profile picture URL
  • Your GitHub user ID

2.2 GitHub Actions Data

When you connect your GitHub organizations, we collect:

  • Workflow run metadata (run ID, status, duration, timing)
  • Job metadata (job names, runner types, billable minutes)
  • Repository names and organization names
  • Workflow file names

Important: We do NOT access your source code, secrets, environment variables, or the contents of your workflow files. We only access metadata required to calculate costs.

2.3 Usage Data

We automatically collect certain information when you use CICosts:

  • Browser type and version
  • Pages visited and features used
  • Time spent on pages
  • Error logs for debugging purposes

3. How We Use Your Information

We use the collected information to:

  • Provide, maintain, and improve CICosts
  • Calculate and display your CI/CD costs
  • Send cost alerts and notifications you've configured
  • Respond to your support requests
  • Send service updates and announcements
  • Detect and prevent fraud or abuse
  • Comply with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information with:

  • Service Providers: Third-party services that help us operate CICosts (e.g., hosting, email delivery)
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

5. Third-Party Services

CICosts integrates with and uses the following third-party services:

  • GitHub: For authentication and accessing workflow data
  • Supabase: For database hosting
  • AWS: For infrastructure and email delivery
  • Vercel: For frontend hosting
  • Stripe: For payment processing (if applicable)

Each service has its own privacy policy governing data handling.

6. Data Security

We implement appropriate security measures to protect your information:

  • Encryption in transit (HTTPS/TLS)
  • Encryption at rest for sensitive data
  • Secure authentication via GitHub OAuth
  • Regular security audits
  • Limited employee access to user data

7. Data Retention

We retain your data as follows:

  • Account data: Until you delete your account
  • Cost data: 30 days (Free tier) or 1 year (Pro/Team tier)
  • Usage logs: 90 days

You can request deletion of your data at any time by contacting us.

8. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Delete your personal data
  • Export your data in a portable format
  • Opt out of marketing communications
  • Withdraw consent for data processing

9. Cookies

We use essential cookies to maintain your session and remember your preferences. We do not use tracking or advertising cookies.

10. Children's Privacy

CICosts is not intended for users under 16 years of age. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the service. Your continued use of CICosts after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy, please contact us at privacy@cicosts.dev

← Back to home