Legal
Costimo.ai is designed as a professional construction cost-management platform. We recognise that users may store and process confidential project, estimate, budget, vendor, and commercial information through the platform. This Security Statement summarises the general security approach followed by Costimo.ai.
Costimo.ai uses reasonable technical and organisational measures to protect user accounts, project data, and platform infrastructure against unauthorised access, misuse, loss, alteration, or disclosure. Security is treated as an important part of platform development, hosting, access control, and operational maintenance.
Costimo.ai uses cloud-based infrastructure and managed service providers for hosting, application delivery, storage, database, authentication, and related services. We aim to use reputable service providers with established security practices. However, security also depends on correct user configuration, access control, and responsible account management.
Access to Costimo.ai is controlled through user accounts and authentication mechanisms. Depending on the applicable plan and configuration, Costimo.ai may support role-based access control, such as administrator, editor, viewer, or other permission levels.
Users and subscribing organisations are responsible for:
Costimo.ai may apply the following security measures, where applicable:
Controlled user authentication and role-based permission management.
Industry-standard cloud infrastructure with built-in security controls.
Encrypted data in transit where supported by the platform and infrastructure.
Application-level access logging and security monitoring.
Backup and recovery arrangements to protect against data loss.
Regular maintenance, dependency updates, and security patching.
Users are responsible for maintaining secure use of the platform, including:
If we become aware of a security incident affecting user data or platform access, we will take reasonable steps to investigate, contain, and address the matter. Where required by applicable law or contractual obligation, we will notify affected users or organisations.
Costimo.ai may contain commercially sensitive data such as tender estimates, resource rates, BOQs, budgets, cost-control records, and vendor information. Users should apply appropriate internal controls before granting access to such data. Costimo.ai should be used as part of a broader organisational cost-governance and approval process.
While Costimo.ai applies reasonable security measures, no internet-based service, software system, or cloud platform can be guaranteed to be completely secure or uninterrupted. Users should maintain appropriate internal backups, approvals, and verification procedures for business-critical information.
If you discover a suspected security vulnerability, misconfiguration, or unauthorised access, please contact us promptly so we can investigate and respond appropriately.
Email: admin@costimo.ai
Website: costimo.ai
Please include as much detail as possible. We aim to respond within two business days.