1. Introduction
CostMaps ("we," "us," or "our") operates CostMaps (the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our Service.
Contact Information:
Email: support@costmaps.com
Data Protection Officer: support@costmaps.com
2. Information We Collect
2.1 Information You Provide
- Account Information: Email address, password (encrypted), name (optional)
- Billing Information: Company name, billing address
- Payment Information: Processed by Stripe (not stored by us)
- Communications: Support requests, feedback, surveys
2.2 Information Automatically Collected
- Usage Data: API requests, pages visited, features used
- Technical Data: IP address, browser type, operating system, device information
- Performance Data: Error logs, performance metrics
3. How We Use Your Information
Service Delivery
Provide access to CostMaps, process API requests, manage subscriptions
Account Management
Authenticate identity, process payments, respond to support
Service Improvement
Analyze usage, fix bugs, develop new features
Security
Detect abuse, monitor suspicious activity, enforce Terms
4. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), we process your data based on:
- Contractual Necessity: Performance of our Terms of Service
- Legitimate Interests: Service improvement, fraud prevention, marketing
- Legal Obligation: Compliance with laws, tax requirements
- Consent: Marketing communications, optional cookies
5. Data Sharing and Disclosure
We do not sell your personal information.
We share data with:
Infrastructure Providers
Cloud hosting, database hosting, CDN services
Payment Processing
Stripe (payment processing)
Analytics
Google Analytics (with IP anonymization), error tracking
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account data | Duration of account + 30 days |
| API usage logs | 90 days (Enterprise: 1 year) |
| Payment records | 7 years (legal requirement) |
| Support tickets | 3 years |
7. Your Rights and Choices
Access & Portability
Request a copy of your data in portable format
Email: support@costmaps.com
Rectification
Correct inaccurate information
Update in account settings
Erasure (Right to be Forgotten)
Request deletion of your data
Settings → Delete Account
Object to Processing
Object to marketing or automated decisions
Unsubscribe links or contact us
8. International Data Transfers
Your data may be transferred to and processed in countries other than your own. For EEA users, we ensure adequate protection through Standard Contractual Clauses (SCCs) approved by the European Commission.
9. Children's Privacy (COPPA)
Our Service is not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18.
10. Security Measures
Technical Measures
- • Encryption in transit (HTTPS/TLS)
- • Encryption at rest for sensitive data
- • Secure password hashing (bcrypt)
- • Regular security audits
Organizational Measures
- • Access controls (least privilege)
- • Employee training
- • Confidentiality agreements
- • Incident response procedures
11. Cookies and Tracking
We use cookies and similar technologies to remember your preferences, authenticate sessions, and analyze usage. See our Cookie Policy for detailed information.
12. California Privacy Rights (CCPA)
Your California Rights:
- Right to Know: Request disclosure of data collected about you
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: We do not sell personal information
- Right to Non-Discrimination: We will not discriminate for exercising rights
How to Exercise: Email support@costmaps.com (45-day response time)
13. Data Breach Notification
In the event of a data breach affecting your personal information, we will notify affected users within 72 hours (as required by GDPR) and provide information about the breach and steps to protect yourself.
14. Contact Us
Privacy Inquiries: support@costmaps.com
Data Protection Officer: support@costmaps.com
Support: support@costmaps.com
Response Time: 5-7 business days (general), 30 days (data requests)
This Privacy Policy is compliant with GDPR, CCPA, LGPD, and other major privacy regulations. For the complete policy including all sections, please contact support@costmaps.com.