Skip to content

Your data, your decisions, your control.

We are a cost calculator, not a bank. Here is exactly what we keep, encrypt, and let you delete.

What we store

A short list, and you can clear any of it whenever you want.

WhatWhyCan you delete it?
Your decisions (price plus verdict)So you can see your patternsYes, anytime
Journal entriesSo Amy can give better contextYes, anytime, per entry
Amy conversationsSo Amy remembers between turnsYes, Reset Amy wipes everything
Profile (country, return-rate preference, check-in cadence)So we can tailor to youYes, anytime
Email and hashed passwordSo you can log inYes, with account deletion

What we never store

  • Your bank account details. We do not connect to your bank.
  • Your card numbers. Our billing provider handles those, we never see them.
  • Your social security number, or any government ID.
  • Your location beyond the country you choose.
  • Anything from outside CostMe. We do not track you across the web.

How we protect what we do store

  • Everything is encrypted, both in transit and at rest.
  • Your data is isolated to your account. No other user can read it, and neither can our support team.
  • Every database table enforces per-user access rules, and we audit them.
  • Any privileged access is logged and monitored.

We do not sell or train on your data

  • We never sell your data. Not to advertisers, not to data brokers, not to anyone.
  • We never use your data to train outside AI models.
  • Your patterns stay in your account, where they belong.

Care with sensitive moments

A licensed psychotherapist reviews how Amy handles moments of distress, and any feature that touches mental wellbeing. We do not promise medical advice, and we are careful with the words we ship.

Two-factor authentication

Two-factor authentication is on our roadmap and not live yet. When it ships, you will be able to add a second step at login for extra protection. We would rather tell you it is coming than pretend it is already here.

Delete everything, in one tap.

One tap deletes everything we have on you. No follow-up emails, no retention period, no guilt screen asking if you are sure.

Questions, answered plainly

Do you sell my data?

No. We never have and we never will.

Can I export everything?

Yes. From your account, open Profile and choose Download my data for a full copy.

Where can I report a security issue?

Email security@costme.io and we will take a look.

Why does Amy need to see my journal?

Context. It helps Amy give you a better answer. You can turn it off any time in your settings.

Responsible disclosure

If you research security and believe you have found a vulnerability in CostMe, email security@costme.io with steps to reproduce. We acknowledge reports within seventy-two hours and will not pursue legal action against good-faith research. A security.txt file is published per RFC 9116.