Privacy Policy

Last updated: April 13, 2026

1. Who We Are

SlashMyCloudBill is operated by Eshkol AI Cloud and AI Services. This Privacy Policy explains how we collect, use, and protect your personal information when you use our platform at slashmycloudbill.com.

2. Information We Collect

Data TypePurposeRetention
Name, email, phone, companyAccount creation, communication, billingUntil account deletion
AWS invoice PDFsAI-powered cost analysisDeleted within 24 hours
AWS Cost Explorer dataDashboard, AI insights, waste detectionCached for session only
Payment informationSubscription and top-up billingHandled by Paddle (MoR)
Usage data (tokens, actions)Service delivery, billingUntil account deletion

3. How We Use Your Information

  • To provide and improve the SlashMyCloudBill service
  • To process payments through Paddle.com (our Merchant of Record)
  • To send service-related communications (analysis results, account alerts)
  • To provide customer support
  • To detect and prevent fraud or abuse

We do not sell your personal information to third parties. We do not use your AWS billing data for any purpose other than providing you with analysis and recommendations.

4. Payment Processing

All payments are processed by Paddle.com Market Limited, which acts as our Merchant of Record. Paddle collects and processes payment information directly. We do not store credit card numbers or bank details. See Paddle's Privacy Policy for details on how they handle payment data.

5. AWS Account Access

When you connect an AWS account, we access it via a read-only IAM role that you create in your own AWS account. This role is scoped to Cost Explorer and billing APIs only. We use an External ID for additional security. You can revoke access at any time by deleting the CloudFormation stack or IAM role.

6. Data Security

  • All data is encrypted in transit (TLS/HTTPS) and at rest (AES-256)
  • AWS bills are stored temporarily in encrypted S3 buckets and auto-deleted within 24 hours
  • Authentication is handled via Amazon Cognito with email verification
  • IAM roles use External IDs to prevent confused deputy attacks

7. Cookies and Analytics

We use Google Analytics (gtag.js) to understand how visitors use our site. This collects anonymized usage data such as pages visited and session duration. No personal billing data is sent to Google Analytics.

8. Data Sharing

We share data only with:

  • Paddle.com — payment processing (Merchant of Record)
  • Amazon Web Services — infrastructure hosting, AI analysis (Amazon Bedrock)
  • Google Analytics — anonymized site usage analytics

We do not share your AWS billing data with any third party.

9. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your data
  • Withdraw consent for marketing communications

To exercise any of these rights, contact us at ariel@slashmycloudbill.com.

10. Data Retention

We retain account data for as long as your account is active. Uploaded AWS bills are deleted within 24 hours. When you delete your account, all associated data is removed within 30 days.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email.

12. Contact

For privacy-related questions, contact us at ariel@slashmycloudbill.com.