Privacy Policy

1. Our Unique Data Model (Zero Exfiltration Commitment)

Teev is an AWS-native application deployed entirely inside your AWS account(s). Our architecture is built around data residency, isolation, and control.

1.1 Data Residency and Control

• • Customer Environment: All telemetry analysis, reporting, and storage occur solely within your AWS environment, using your S3 buckets, DynamoDB tables, and IAM roles.
• • No Data Transmission: We do not collect, transmit, or store your Bedrock metadata, usage logs, or any customer data outside of your AWS account.
• • No Control Plane: Teev does not maintain a central SaaS backend; the Service runs entirely within your VPC or AWS account boundary.
• • Data Ownership: You retain full ownership of all telemetry, logs, and analytics generated by the Service. Teev has no rights to access, copy, or derive insights from your usage data.

1.2 Data We Do Not Access

Teev is explicitly designed not to access:

• • The input, output, or contents of your Amazon Bedrock Agents and Knowledge Bases.
• • Personal Identifiable Information (PII) of your users or employees.
• • Any customer data not required for cost, performance, or emissions analytics.

2. Information We Process to Provide the Service

Because the Service operates inside your AWS account, processing occurs locally ("in-place") within your trust boundaries. We do not extract or replicate telemetry.

2.1 Telemetry Data (Processed In-Place)

Using read-only, least-privilege IAM roles you provide, the Service analyzes the following non-sensitive AWS telemetry:

• • Usage Metrics: Token counts, model names, invocation timestamps, and aggregate utilization statistics.
• • Cost Data: Records from your AWS Cost & Usage Reports (CUR) and CloudWatch logs.
• • Operational Metrics: Error codes, latency, throttling rates, and Bedrock resource ARNs.
• • Attribution Data: Resource identifiers required to map costs and usage to Bedrock Agents or Knowledge Bases.

This processing is limited to your environment and never transmitted externally.

2.2 Operational Data (Managed by Teev)

Outside your AWS account, we handle only minimal data necessary for business operations:

• • Account & Billing Data: Information you provide when subscribing (e.g., company name, contact name, billing address, email, plan details, and payment records). Billing and account data is retained for 7 years to comply with UK tax and accounting requirements. Upon request, we will delete your data after this period or earlier if legally permissible.
• • License Validation Data: Your deployment communicates only your license key and deployment region to verify subscription status. No usage metrics or telemetry are included in these validation calls.
• • Communication Data: Support emails, feedback, or feature requests you send to us.

This data is stored securely by Teev and used only for account management and support.

3. How We Use Information

We use the limited external data described in Section 2.2 solely to:

• • Operate and Maintain the Service: Manage subscriptions, issue invoices, and verify deployments.
• • Communicate: Send product updates, billing notices, and operational or security alerts.
• • Provide Support: Respond to technical inquiries and troubleshoot deployment issues.
• • Comply with Legal Requirements: Respond to lawful requests or enforce contractual rights.

Teev does not use telemetry or account data for advertising, profiling, or resale.

4. Information Sharing and Disclosure

We do not sell or rent personal information. We share limited data only under strict circumstances:

• • Service Providers: Trusted vendors (e.g., payment processors, CRM, or billing platforms) who perform essential business functions under confidentiality agreements.
• • Legal Obligations: When required by law, subpoena, or valid government request.
• • Business Transfers: In the event of a merger, acquisition, or asset sale, account data may transfer under equivalent privacy protections.

All third parties are contractually bound to maintain appropriate security and confidentiality measures.

5. Security

Our security model is built on data non-exfiltration and AWS-native controls.

• • In-VPC processing ensures your telemetry never leaves your environment.
• • All IAM roles follow least-privilege principles and are created under your control.
• • Teev applies strong encryption and access management for any limited external data we handle (e.g., billing and contact records).
• • You inherit the full security posture of your AWS infrastructure, including KMS, CloudTrail, and VPC isolation.

6. Your Rights

For the limited Account and Billing Data Teev maintains, you have the right to:

• • Access and correct your information.
• • Request deletion of your account information, subject to retention obligations.
• • Opt out of non-essential communications.

To exercise your rights, contact us using the details below. We will respond promptly and in accordance with applicable data protection laws (e.g., UK GDPR).

7. Changes to This Policy

We may update this Privacy Policy periodically. Material updates will be communicated via our website or email. Continued use of the Service after an update constitutes acceptance of the revised policy. The "Last Updated" date reflects the most recent version.

8. Contact Information

For any privacy or data protection inquiries, please contact:

Teev Ltd.
Email: privacy@teev.ai