Legal & Trust
The paperwork, the controls, and the mode you deploy in.
AI2BI Hub is a product of CostTrail Inc., a Delaware corporation. This page is the single entry point to our legal documents, security posture, and the ways you can run the Service — whether that’s our shared cloud, a private tenant, or a local agent on your own machine.
Documents
Terms of Service
The contract that governs your use of AI2BI Hub, including subscription, acceptable use, liability, and termination.
Privacy Policy
What personal information we collect, how we use and share it, your rights, and how to contact our DPO.
Cookie Policy
Cookies and similar technologies used by the website and the product, with a full cookie table.
Data Handling
How we treat PII and PHI, encryption, sub-processors, retention, and acceptable-content rules.
Deployment Modes
Cloud (shared), Private cloud (single-tenant), On-prem, and Local Agent (keep data on your machine).
Security controls
Encryption
TLS 1.2+ in transit. AES-256 at rest via AWS-managed keys (SSE-S3, SSE-KMS, DynamoDB). HttpOnly + Secure cookies for session and refresh tokens.
Identity
Amazon Cognito user pools with email verification, Google SSO, and optional TOTP MFA. JWT-based service-to-service auth with scope-limited tokens.
Model isolation
All generative calls go through Amazon Bedrock on inference-only terms. No Customer Data is used to train foundation models.
Audit & retention
CloudTrail + CloudWatch audit trails, 400-day log retention on critical paths, 35-day point-in-time recovery on billing and tenant tables.
Change management
Infrastructure as Terraform, deploys via GitHub Actions with OIDC (no long-lived AWS keys). Dev and prod fully isolated accounts.
Program
SOC 2 Type II in progress. GDPR-ready with SCCs for EU/UK transfers. Responsible-disclosure email: security@ai2bihub.com.
Contact
Legal: legal@ai2bihub.com
Privacy / DPO: privacy@ai2bihub.com · dpo@ai2bihub.com
Security: security@ai2bihub.com
CostTrail Inc., Delaware, United States