Privacy Policy

What we collect

We try to collect the minimum we need to operate the service. Specifically:

• Account information. Your email address and name when you join the waitlist or create an account.
• Cloud connection metadata. The AWS account ID you connect, the ARN of the IAM role you grant us, the External ID we use to assume that role, and the region(s) you authorize. We do notstore AWS access keys or secret keys — we use STS AssumeRole, which means we only ever hold short-lived, scoped credentials.
• Discovered AWS resource metadata. The output of the Describe*, List*, and Get*APIs we call on your behalf: instance IDs, tags, sizes, security group rules, IAM policy documents, cost line items, and so on. This is what powers Crewlo’s analysis.
• Audit log records. Every cloud API call we make on your behalf, with timestamp, action, ARN, response status, and the agent that requested it.

What we don’t collect

• Long-lived AWS access keys or secret keys. The IAM role you grant us is the only credential boundary; we never see static credentials.
• Customer data inside your compute, storage, or databases. We don’t read S3 object contents, EBS volume contents, RDS row data, or anything else inside your workloads.
• Payment card information. Subscription billing is handled by our payment processor; we only see the last four digits of the card and the billing email.
• Personally identifiable information beyond what you supply (email, name) and what your IAM role exposes (e.g. usernames in the IAM policies we read for the security report).

Where we store it

All Crewlo data lives in PostgreSQL hosted in our infrastructure in AWS US-East, encrypted at rest with AWS-managed KMS keys. All connections to Crewlo are TLS 1.2+. Backups are encrypted and retained for 30 days.

The audit log is stored in an append-only table. On Enterprise we can stream it directly to your SIEM (Splunk, Datadog, Snowflake, S3) so you have an independent copy.

Who we share it with

We don’t sell your data and we don’t share it with anyone except the subprocessors we need to run the platform:

• Anthropic— LLM inference for the analysis agents. We send anonymized resource metadata; we never send credentials.
• AWS— the cloud we run on. Hosting, managed Postgres, KMS for encryption.
• Loops— transactional and waitlist email.
• Vercel— hosting for this marketing site (crewlo.dev).

If we add or remove a subprocessor, we’ll update this page and email Enterprise customers in advance.

Retention

• Waitlist emails are kept until you unsubscribe.
• Account data(cloud connection metadata, discovered resources, reports) is kept while the connection is active and for 30 days after disconnect. After 30 days it’s permanently deleted.
• Audit logs are kept for at least one year. Enterprise customers can configure longer retention or stream to their own SIEM.
• Backups roll off on their own 30-day schedule.

Your rights

You can request an export of your data, or its deletion, at any time. Email privacy@crewlo.dev and we’ll respond within seven business days. For deletion, we’ll confirm before purging anything irreversibly.

If you’re an EU/UK resident, you have the additional rights granted by GDPR: rectification, restriction of processing, portability, and lodging a complaint with your local data protection authority. We honor all of them.

Cookies and tracking

We use the minimum cookies required to keep you signed in (a single auth session cookie). We don’t use third-party advertising trackers or analytics that send personally identifiable information to third parties on crewlo.dev. If we ever add product analytics, it’ll be a self-hosted, privacy-first tool and we’ll update this page first.

Changes to this policy

If we make a material change, we’ll email all active users at least 30 days before it takes effect. Editorial fixes (typos, clarifications) we’ll just push live.

Contact

Questions? Email privacy@crewlo.dev. For security issues specifically, use security@crewlo.dev.