Privacy Policy
Last updated: March 1, 2026
The short version: We collect only what we need to run the service. We never sell your data. Your AWS credentials are stored securely and used only to scan your account. You can delete everything at any time.
1. Who We Are
Cloud Hero AI ("Company," "we," "us," or "our") operates cloudheroai.com and the Hero Savings, Hero Agents, Hero Copilot, and Hero Weekly products. Our registered contact is privacy@cloudheroai.com.
2. Information We Collect
Account information: When you register, we collect your name, email address, and a hashed version of your password (we never store passwords in plaintext).
AWS credentials: To run savings audits, you provide an AWS Access Key ID and Secret Access Key. These are stored in our database to enable scheduled and on-demand scans. We recommend providing read-only IAM credentials with the ReadOnlyAccess policy.
Usage data: We log API requests, audit results, and feature usage to improve the service and diagnose errors.
Payment information: Billing is handled by Stripe. We store your Stripe Customer ID but never your card number or full payment details.
Newsletter: If you subscribe to Hero Weekly, we store your email, name, and role for sending the newsletter and measuring engagement.
3. How We Use Your Information
- To create and manage your account
- To connect to your AWS account and perform cost audits on your behalf
- To process payments and manage your subscription
- To send you the Hero Weekly newsletter (only if you subscribed)
- To send transactional emails (account confirmations, billing receipts, audit completion notifications)
- To improve and debug the platform
- To comply with legal obligations
We do not use your data for advertising. We do not sell your data to third parties. We do not train AI models on your cloud infrastructure data.
4. AWS Credential Security
Your AWS credentials are used exclusively to perform read-only scans of your account. Specifically, we use them to call:
- AWS STS (to verify credentials and get account ID)
- AWS EC2 (to list instances, volumes, snapshots, and Elastic IPs)
- AWS RDS (to list database instances)
- AWS Cost Explorer (to retrieve cost and usage data)
We strongly recommend creating a dedicated IAM user with only the ReadOnlyAccess managed policy for use with Hero Savings. You can revoke access at any time by deleting the IAM user or rotating the keys.
You may delete your AWS connections at any time from your dashboard, which permanently removes the credentials from our database.
5. Data Sharing
We share your information only with the following trusted service providers:
- Stripe — Payment processing. Stripe Privacy Policy
- Resend — Transactional and newsletter email delivery
- Anthropic — AI model inference for audit summaries and Copilot responses. Your infrastructure data may be sent to Anthropic's API for processing. Anthropic does not train on API inputs by default.
- AWS — Your credentials are used to call AWS APIs on your behalf
We may disclose your information if required by law, subpoena, or court order.
6. Data Retention
We retain your account data for as long as your account is active. Audit results are retained for 12 months. If you delete your account, we permanently delete all associated data within 30 days, except where retention is required by law (e.g., billing records).
7. Your Rights
Depending on your location, you may have rights including:
- Access: Request a copy of the data we hold about you
- Correction: Request corrections to inaccurate data
- Deletion: Request deletion of your account and data
- Portability: Request your data in a machine-readable format
- Opt-out: Unsubscribe from Hero Weekly at any time
To exercise any of these rights, email privacy@cloudheroai.com.
8. Cookies
We use minimal cookies necessary to operate the service (session management). We use Google Analytics (if enabled) to understand site traffic using anonymized data. You can disable cookies in your browser settings.
9. Children's Privacy
Cloud Hero AI is not directed at children under 16. We do not knowingly collect data from anyone under 16. If you believe we have collected data from a minor, contact us immediately.
10. Changes to This Policy
We may update this policy from time to time. We'll notify you of material changes by email or via an in-app notice. Continued use of the service after changes constitutes acceptance of the updated policy.
11. Contact
Questions about this privacy policy? Contact us at privacy@cloudheroai.com or by mail at Cloud Hero AI, San Francisco, CA, USA.