Privacy Policy

Last updated: May 2026

This Privacy Policy describes how Piezopy (“Piezopy”, “we”, “us”, or “our”), a service operated by Pyriter, LLC, handles personal information collected from users of the Piezopy web dashboard at app.piezopy.com, the Piezopy Alarm mobile application, and any related services (collectively, the “Service”). By using the Service you consent to the practices described below.

1. Information We Collect

We deliberately collect only what we need to operate Piezopy:

  • Email address — your unique account identifier, used for sign-in and for service-related communications such as cost-threshold alerts, pipeline-failure alerts, billing receipts, and account notices. When you sign in with a third-party identity provider (Google or Facebook), we receive and store the email address associated with that account.
  • Authentication tokens issued by your identity provider, used to keep you signed in to the dashboard.
  • AWS account identifiers (the 12-digit account IDs you register) and the IAM role ARN you grant Piezopy.
  • AWS cost and pipeline metadata read from your AWS accounts through the IAM role — daily and monthly cost figures, currency, alarm thresholds, and CodePipeline statuses. We never read or store the underlying resources, IAM users, or any data inside your AWS account beyond what these read-only billing and pipeline APIs return.
  • Mobile device push tokens (APNs tokens) that you generate from the dashboard and link from the Piezopy Alarm iOS app, used to deliver push notifications.
  • Subscription and billing information managed by Stripe — your Stripe customer ID, subscription status, plan, and order history. Payment card numbers and other sensitive payment data are held by Stripe, never by us.
  • Application usage and error data (such as which dashboard pages were viewed and any errors encountered) used to improve performance and reliability.
  • Preferences such as dark mode, privacy mode, and dashboard widget configuration.

We do not collect your name, mailing address, phone number, or AWS root credentials, and we do not read or store the contents of any resources inside your AWS account.

2. How We Use Your Information

We use the information above only to:

  • Identify your account and authenticate you at sign-in.
  • Display your AWS cost and pipeline data in the dashboard and the mobile app.
  • Send service-related emails — cost-threshold alerts, pipeline-failure alerts, weekly cost summaries, billing receipts, and account notices.
  • Deliver push notifications to your registered mobile devices when configured thresholds are crossed.
  • Process subscription billing through Stripe.
  • Improve the reliability, security, and performance of the Service.
  • Provide customer support when you contact us.

3. Third-Party Services

Piezopy integrates with the following third parties solely to operate the Service. Each operates under its own terms and privacy policy:

  • AWS (Amazon Web Services) — we use the IAM role you provision to read your billing and CodePipeline data via the AWS Cost Explorer and CodePipeline APIs.
  • Amazon Cognito — manages user accounts and federated sign-in.
  • Google and Facebook — optional federated sign-in providers; if you sign in via one of these, we receive your email and a stable user ID for that provider.
  • Stripe — processes all paid subscriptions and billing portal interactions; payment instruments are stored with Stripe, not with us.
  • Apple Push Notification service (APNs) — delivers push notifications to your iOS device.

We do not sell, rent, or trade your personal information to anyone.

4. Data Storage and Security

Your data is stored in AWS infrastructure operated by Pyriter, LLC. Account records, AWS account metadata, mobile device records, and order history live in Amazon DynamoDB; cost data is stored in Amazon S3. Data in transit is encrypted via TLS, and data at rest is encrypted using AWS-managed keys. Access to production data is restricted to Pyriter, LLC personnel who require it to operate the Service.

No system is perfectly secure. While we follow industry-standard practices, you should also keep your account credentials safe and notify us promptly if you suspect unauthorized access.

5. Data Retention

We retain your account and associated data for as long as your account is active. If you cancel your subscription but keep your account, we continue to retain your data so the Service remains available to you. When you request deletion (see Section 8), we remove your data as described there. We may retain limited records (such as billing receipts and order history) for as long as required by applicable tax, accounting, or other legal obligations, even after deletion of your account.

6. Cookies and Local Storage

The Piezopy dashboard uses browser local storage to keep you signed in across sessions and to remember UI preferences (theme, recently viewed accounts, widget layout). We do not use third-party advertising cookies, and we do not track you across other sites.

7. Your Rights

You have the right to:

  • Access and review the information we hold about you.
  • Request correction of inaccurate information.
  • Request deletion of your account and associated data (see Section 8).
  • Opt out of non-essential email communications. Service-essential emails (such as billing receipts and security notices) cannot be opted out of for as long as you maintain an account.

8. Data Deletion

You can request that we delete your account and the data associated with it.

How to request deletion

  • From the dashboard. Sign in to the Piezopy dashboard, open Settings, and contact us via the support link to initiate deletion.
  • By email. Send a deletion request from the email address on your account to the support address listed on the Contact page.
  • Automatically, via Facebook. If you signed in with Facebook and remove Piezopy from your Facebook account, Facebook will notify us automatically and we will process the deletion. This uses Facebook’s signed Data Deletion Callback at https://app.piezopy.com/api/v1/data-deletion/facebook.

What gets deleted

When you request deletion, we remove:

  • Your account record, including your email address and authentication tokens.
  • All registered AWS account metadata, cost history, alarm thresholds, and CodePipeline records associated with your account.
  • All registered mobile device records and push notification tokens.
  • Your subscription, order, and billing history (subject to legal retention requirements).

Tracking deletion status

When deletion is requested through the Facebook callback, we issue a unique confirmation code. You can check the status of the request at https://piezopy.com/data-deletion-status?code=<confirmation_code>.

We may retain a limited subset of records (for example, billing records required for tax reporting) for as long as required by applicable law, even after a deletion request. These records are kept only for that legal purpose and are not used to provide services back to you.

9. Children

The Service is not directed to and is not intended for use by anyone under the age of 18, and we do not knowingly collect personal information from children. If you believe a child has provided personal information to us, please contact us and we will delete it.

10. International Data Transfers

Piezopy infrastructure is hosted in AWS regions in the United States. If you access the Service from another country, you understand and consent that your information will be transferred to and processed in the United States, where data-protection laws may differ from those in your country.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the “Last updated” date at the top and, for material changes, take reasonable steps to notify active users by email. Your continued use of the Service after a change takes effect constitutes acceptance of the updated Policy.

12. Contact Us

Questions about this Privacy Policy can be sent via the Contact page.