Privacy Policy

We collect the following categories of information:

• Account information: name, email address, and role provisioned by a tenant administrator.
• Cloud data: cost records, resource metadata, and usage metrics retrieved from connected cloud accounts.
• Usage data: audit events, feature usage, and session metadata used for service security and reliability.

Collected information is used to operate and improve the service.

• Authenticate users and enforce role-based access.
• Provide cloud cost analysis, anomaly detection, recommendations, and reporting.
• Generate operational alerts, audit logs, and workflow actions.
• Improve product performance, stability, and security monitoring.

NextOps uses a multi-tenant architecture with tenant data isolation. Each tenant workspace is logically and operationally separated, and tenant data is never intentionally exposed across tenant boundaries.

We do not sell or rent tenant data. Data is shared only when required for service delivery or compliance.

• With explicit customer authorization.
• To satisfy legal or regulatory obligations.
• To protect the security, integrity, or rights of the platform and its users.

We apply encryption in transit, storage protection, role-based access controls, audit logging, and operational hardening for credentials and sensitive platform workflows.

Tenant data is retained while the tenant account is active. After termination, associated data is removed according to contractual retention terms and any legal obligations that still apply.

Depending on jurisdiction, users may be entitled to request access, correction, restriction, or deletion.

Requests should be raised through the tenant administrator or by contacting privacy@nextops.io.

Material updates to this policy may be communicated in-product or through email notification.