Legal

Privacy Policy

We built CostWise AI to help you plan smarter. This policy explains what data we collect, how we use it, and the choices you have — in plain language.

Effective Date: March 25, 2026  ·  Last Updated: March 25, 2026

1. Introduction

CostWise AI ("we," "us," or "our") operates the CostWise AI mobile application (the "App"). This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you use our App.

By downloading, installing, or using CostWise AI, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the App.

2. Data We Collect

2.1 Information You Provide

  • Apple ID Credentials: When you sign in with Apple, we receive a unique user identifier, and optionally your name and email address (which Apple may relay or hide at your discretion). We do not receive or store your Apple ID password.
  • Estimation Prompts: The text descriptions and voice inputs you submit to generate cost estimates. These are processed by our AI pipeline and are not stored on our servers after processing is complete.
  • Edited Estimates: Any modifications you make to generated cost breakdowns, including added, removed, or adjusted line items.

2.2 Information Collected Automatically

  • Usage Data: We track the number of estimates you generate per billing cycle for subscription enforcement purposes. This data is stored in our backend database and includes timestamps, estimate category selected, and a count of API calls made.
  • Device Information: General device type and operating system version may be collected for app compatibility and debugging purposes.
  • Crash & Performance Data: Anonymous diagnostics to help us identify and fix bugs, improve app stability, and optimize performance.

2.3 Information We Do Not Collect

We do not collect your precise location, contacts, browsing history, photos, health data, financial account details, or any biometric information. We do not engage in behavioral tracking or advertising profiling.

3. How We Use Your Data

Data Type Purpose Legal Basis
Apple ID identifier Authenticate your account; link your subscription and usage records Contract performance
Estimation prompts Generate AI-powered cost estimates; perform web research for real-time pricing Contract performance
Usage counts Enforce subscription tier limits; monitor for abuse or fraud Legitimate interest
Crash & performance data Diagnose issues; improve app reliability and user experience Legitimate interest

We do not use your data for advertising, selling to third parties, or building user profiles for purposes unrelated to the App's core functionality.

4. AI & Data Processing

CostWise AI uses artificial intelligence to generate itemized cost estimates based on your natural language descriptions. Here is how your data flows through our system:

4.1 Processing Pipeline

  • Your prompt is sent from the App to our secure backend servers (hosted on Supabase) over an encrypted HTTPS connection.
  • Our backend forwards the prompt to OpenAI's API for processing. OpenAI may generate clarifying questions, perform web searches for current pricing data, and produce a structured cost breakdown.
  • The generated estimate is returned to the App and saved locally on your device via iCloud. It is not retained on our backend servers.

4.2 OpenAI Data Handling

We use OpenAI's API to power our AI features. Per OpenAI's API data usage policy, data submitted through the API is not used to train or improve OpenAI's models. Your prompts and results are subject to OpenAI's data retention policies for abuse and safety monitoring purposes (typically retained for up to 30 days, then deleted). For more details, see OpenAI's API Data Usage Policies.

4.3 Web Search for Pricing

To provide accurate and up-to-date cost estimates, our AI pipeline may perform web searches for real-time pricing information relevant to your request. These searches are conducted through OpenAI's search functionality and do not include any personally identifiable information — only contextual terms derived from your prompt (e.g., material names, product types, or service categories).

5. Third-Party Services

We use the following third-party services to operate CostWise AI. Each service receives only the minimum data necessary to perform its function:

Service Purpose Data Shared
Supabase Authentication, usage tracking, backend serverless functions Apple user ID, usage counts, timestamps
OpenAI AI-powered estimate generation, clarifying questions, web search for pricing Estimation prompts (anonymized — no user ID attached)
RevenueCat Subscription management and entitlement verification Anonymous app user ID, purchase receipts
Apple (Sign in with Apple) User authentication Authentication tokens (managed by Apple)
Apple iCloud On-device and cloud-synced storage of your saved estimates Estimate data (stored in your private iCloud container)

We do not share your data with advertisers, data brokers, or any parties not listed above. We do not engage in data selling or cross-app tracking.

6. iCloud & On-Device Storage

Your generated cost estimates, edited line items, and saved projects are stored locally on your device and synced through your personal Apple iCloud account. This means:

  • Your estimate data is stored in your private iCloud container, accessible only to you and protected by your Apple ID credentials.
  • We do not have access to your saved estimates once they are delivered to your device. We cannot read, modify, or delete your iCloud-stored data.
  • If you delete the App or sign out of iCloud, your locally stored data may be removed. iCloud data retention is governed by Apple's policies and your iCloud settings.
  • Exported PDFs are generated locally on your device and are not transmitted to our servers.

7. Subscriptions & Payments

CostWise AI offers monthly subscription plans managed entirely through Apple's In-App Purchase system. Key points about your payment data:

  • Payment processing is handled exclusively by Apple. We never receive, process, or store your credit card number, billing address, or other payment instrument details.
  • We receive a purchase receipt from Apple confirming your subscription tier and status, which we verify through RevenueCat for entitlement management.
  • Subscription management (upgrades, downgrades, cancellations) is performed through your Apple ID settings or the App Store. Refund requests are handled by Apple.
  • We track your estimate usage count per billing cycle solely to enforce the limits associated with your subscription tier.

8. Data Retention

  • Estimation prompts: Processed in real-time and not stored on our servers after the response is delivered. OpenAI may retain prompts for up to 30 days per their API data policy.
  • Usage logs: Retained for the duration of your account to enforce subscription limits and for internal analytics. Individual API call records are periodically cleaned up.
  • Account data: Your authentication profile is retained as long as your account is active. Upon account deletion, your data will be removed from our systems within 30 days.
  • Estimate data in iCloud: Retained indefinitely in your private iCloud container until you manually delete it. This data is not under our control.

9. Your Rights & Choices

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of any inaccurate personal data.
  • Deletion: Request deletion of your account and associated data from our servers. Note that iCloud-stored estimates must be deleted separately through your device or iCloud settings.
  • Portability: Request your data in a structured, machine-readable format.
  • Restriction: Request that we restrict processing of your personal data under certain circumstances.
  • Withdrawal of Consent: Where processing is based on consent, you may withdraw consent at any time.

To exercise any of these rights, please contact us using the details provided in the Contact section below. We will respond to your request within 30 days.

App Permissions

CostWise AI may request access to your device microphone for voice input functionality. This permission is entirely optional, and you can use the App fully with text input only. Microphone access is used only for real-time speech-to-text conversion on your device — audio recordings are not stored or transmitted to our servers.

10. Security

We implement industry-standard security measures to protect your data:

  • All data transmitted between the App and our servers is encrypted using TLS (Transport Layer Security).
  • Our backend infrastructure on Supabase uses Row-Level Security (RLS) policies to ensure users can only access their own data.
  • Authentication is handled through Sign in with Apple, leveraging Apple's secure token-based authentication system.
  • API keys and sensitive credentials are stored securely in server-side environment variables and are never exposed to the client application.
  • We employ idempotency mechanisms and job tracking to prevent duplicate operations and ensure data integrity.

While we take reasonable steps to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

11. Children's Privacy

CostWise AI is not intended for use by children under the age of 13 (or the applicable minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately, and we will take steps to remove that information from our systems.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by updating the "Last Updated" date at the top of this page and, where appropriate, providing notice through the App.

We encourage you to review this Privacy Policy periodically. Your continued use of CostWise AI after changes are posted constitutes your acceptance of the updated policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: ali.itech.company@gmail.com

We aim to respond to all inquiries within 30 calendar days.