🚀 EARLY ACCESS OFFER: Get CostGoat lifetime license for just $199 instead of $299! Get it now

CostGoat Logo

CostGoat

BETA
Try For Free

Privacy Policy

Last updated: August 13, 2025

Privacy-First Design

At CostGoat, privacy isn't just a feature—it's the foundation of our product.

This Privacy Policy explains how CostGoat, operated by FUNCTIONCRAFT - FZCO ("we," "us," or "our"), collects, uses, and protects information when you use our desktop application and website. We are committed to protecting your privacy and being transparent about our data practices.

The key principle: Your cost and usage data never leaves your device. We cannot see, access, or process your actual cloud costs, API usage, or subscription data.

1. Information We Collect

1.1 Information for License Management

We collect minimal information necessary to manage licenses and provide support:

  • • Email address (for license delivery and support)
  • • Name (optional, for personalization)
  • • License key and activation status
  • • Device identifiers (for license validation)
  • • Payment information (processed by Paddle, not stored by us)

1.2 Information We DO NOT Collect

CostGoat is designed to protect your sensitive data. We do NOT collect:

  • • Your actual cost or usage data from any service
  • • API keys or credentials for your services
  • • Detailed usage patterns or metrics
  • • Website analytics or tracking cookies
  • • Behavioral data or telemetry from the desktop app

2. How CostGoat Protects Your Privacy

2.1 Local-First Architecture

  • Direct API Connections: Your CostGoat desktop app connects directly to your service providers (AWS, GitHub, etc.) without any intermediary servers.
  • Local Data Processing: All cost calculations, usage tracking, and data aggregation happen entirely on your device.
  • Secure Credential Storage: API keys are stored using your operating system's native secure storage (Keychain on macOS, Credential Manager on Windows, Secret Service on Linux).
  • No Cloud Backend: There is no CostGoat cloud service that processes or stores your cost data.

2.2 Secure Team Sharing (Optional)

When implemented, our team sharing feature will maintain your privacy:

  • • End-to-End Encryption: Shared data is encrypted on your device before transmission
  • • Zero-Knowledge Design: We cannot decrypt or view shared data—only designated team members can
  • • Aggregated Data Only: Only cost summaries are shared, never credentials or detailed usage
  • • User-Controlled: You choose what to share, when, and with whom

3. How We Use Information

The limited information we collect is used solely for:

  • • License validation and management
  • • Delivering software updates and release notes
  • • Providing customer support when you contact us
  • • Sending important service announcements
  • • Processing payments through Paddle
  • • Complying with legal obligations

4. Third-Party Services

We work with select third-party services to operate CostGoat:

ServicePurposeData Shared
PaddlePayment processing (Merchant of Record)Email, payment details, purchase history
VercelWebsite hostingIP address (for website visits only)
Cloudflare R2Software distributionDownload requests (anonymous)
Database ProviderLicense management database (Frankfurt, Germany)License and account information

Important: We do not use any analytics services, tracking pixels, or marketing tools on our website or in our application.

5. Data Storage and Security

5.1 Infrastructure

  • • Website: Hosted on Vercel's global network
  • • License Database: Hosted in Frankfurt, Germany with encryption at rest
  • • Your Cost Data: Stored only on your local device, never transmitted to us

5.2 Security Measures

  • • TLS/SSL encryption for all network communications
  • • Secure license key generation and validation
  • • Regular security updates and patches
  • • Access controls and authentication for internal systems
  • • No storage or logging of sensitive user data

6. Your Rights and Choices

You have control over your information:

6.1 Access and Correction

You can request access to the personal information we have about you and ask for corrections by contacting support@costgoat.com.

6.2 Deletion

You can request deletion of your account and associated data. Note that we may need to retain certain information for legal or billing purposes.

6.3 Data Portability

Your cost data is already stored locally on your device in a format you control. License information can be exported upon request.

6.4 Communication Preferences

You can opt out of non-essential communications at any time. We will always send critical service announcements and license-related information.

7. International Data Transfers

While our company is registered in the United Arab Emirates, our infrastructure spans multiple regions:

  • • Website visitors access our site through Vercel's global CDN
  • • License data is stored in Frankfurt, Germany
  • • Payment processing occurs through Paddle's international infrastructure

By using CostGoat, you consent to the transfer of your information to these locations. We ensure appropriate safeguards are in place for all international data transfers.

8. Legal Compliance

8.1 GDPR (European Users)

For users in the European Economic Area, we comply with GDPR requirements:

  • • Lawful basis: Contract performance and legitimate interests
  • • Data minimization: We collect only essential information
  • • Right to access, rectification, and erasure
  • • Data portability and objection rights

8.2 CCPA (California Users)

For California residents, we comply with CCPA requirements:

  • • We do not sell personal information
  • • Right to know what information we collect
  • • Right to delete personal information
  • • Right to non-discrimination for exercising privacy rights

8.3 Other Jurisdictions

We respect privacy laws worldwide and will comply with applicable data protection regulations in your jurisdiction.

9. Children's Privacy

CostGoat is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately at legal@costgoat.com.

10. Data Retention

We retain information only as long as necessary:

  • • Active accounts: Information retained while license is active
  • • Inactive accounts: Basic information retained for 2 years for reactivation purposes
  • • Legal requirements: Some data may be retained longer if required by law
  • • Your cost data: Never stored by us; deleted when you uninstall the app

11. Security Incidents

In the unlikely event of a security incident affecting personal information:

  • • We will notify affected users within 72 hours
  • • We will provide details about what information was affected
  • • We will outline steps we're taking to address the issue
  • • We will provide recommendations for protective measures

Note: Since we don't store your cost data or API credentials, these cannot be compromised through our systems.

12. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or for legal compliance. When we make changes:

  • • We will update the "Last updated" date
  • • For material changes, we will make reasonable efforts to notify you

Your continued use of CostGoat after changes indicates acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices:

General Support: support@costgoat.com

Privacy & Legal: legal@costgoat.com

PricingContactAffiliate ProgramTermsPrivacy

© 2025 CostGoat. All rights reserved.