Trust

Security at CostLynx

This page provides a high-level overview of how CostLynx protects customer information and controls access to the service. It is intended as a practical summary, not a certification statement.

Data handling overview

CostLynx is designed to process AI usage metadata such as token counts, model names, cost estimates, and attribution labels (for example: project, environment, and feature). CostLynx does not require storing prompt or response content to provide core cost analytics.

Encryption and secrets

  • Traffic to the dashboard and APIs is protected in transit using HTTPS/TLS.
  • Sensitive fields such as provider credentials and webhook secrets are encrypted at rest.
  • Ingestion and API keys are treated as credentials and are shown in full only at creation.

Authentication and access control

  • User authentication is handled via Clerk.
  • Programmatic ingestion uses scoped ingestion/API keys.
  • Access to account data is scoped by organization membership and role-based controls.

Policies

For details on data processing and legal terms, review our Privacy Policy and Terms of Service.

Security and compliance inquiries

For security or compliance inquiries, contact security@costlynx.com.

Contact securityView privacy policy →