Permissions & Access Policy

Last Updated: Jan 1st, 2026

This Permissions & Access Policy describes the level of access FinOpsly requires to deliver its services and how such access is used, controlled, and secured.

1. Overview

FinOpsly is an AI-powered cloud cost optimization platform that integrates with your cloud environment (e.g., Microsoft Azure, AWS, GCP) to provide visibility, analytics, forecasting, and optimization recommendations.

To deliver these services, FinOpsly requires limited, controlled access to certain cloud resources and metadata.

2. Types of Permissions Requested

Depending on the features enabled, FinOpsly may request the following types of permissions:

a. Read-Only Access (Default)

•Access to billing and usage data
•Access to resource metadata (e.g., compute, storage, networking)
•Access to tagging, cost allocation, and configuration data

Purpose:

•Cost analysis and reporting
•Forecasting and budgeting
•Anomaly detection and insights

b. Identity & User Access Integration

•Integration with identity providers (e.g., Azure AD, Okta)
•Access to user names, email addresses, and group memberships

Purpose:

•Authentication and authorization
•Role-based access control within the platform

FinOpsly only uses this data for platform access management and does not use it for marketing or profiling.

c. Optional Write / Action Permissions (Opt-In Only)

If enabled by the customer, FinOpsly may perform automated optimization actions, including:

•Starting or stopping resources
•Rightsizing compute instances
•Scaling infrastructure
•Applying cost optimization recommendations

Important:

•These permissions are strictly opt-in
•Customers maintain full control and can disable them at any time
•Actions are executed based on predefined rules and customer approval settings

This aligns with FinOpsly’s service model where optimization actions may be executed to improve efficiency and cost performance .

3. Principle of Least Privilege

FinOpsly follows the principle of least privilege, meaning:

•Only the minimum necessary permissions are requested
•Permissions are scoped to required resources only
•Customers can configure and restrict access at any time

4. Data Usage and Restrictions

FinOpsly:

•Does not ingest sensitive transactional data, PCI data, or customer business content
•Only processes infrastructure, billing, and limited identity metadata required for service delivery
•Uses anonymized and aggregated data for product improvement and analytics

Customer data is never sold to third parties.

5. Security Controls

All permissions and access are governed by enterprise-grade security practices, including:

•Encryption in transit and at rest
•Role-based access controls (RBAC)
•Continuous monitoring and logging
•Secure API integrations with cloud providers

6. Third-Party Services

FinOpsly operates on cloud infrastructure (e.g., Microsoft Azure) and may rely on third-party services to deliver functionality.

All such integrations:

•Follow strict security and compliance standards
•Are limited to necessary functionality
•Do not expose identifiable customer data unnecessarily

7. Customer Control & Revocation

Customers retain full control over permissions and may:

•Revoke access at any time via their cloud provider
•Modify roles and scopes of access
•Disable automated actions

Revoking permissions may impact the availability or functionality of certain features.

8. Artificial Intelligence Features

FinOpsly uses AI/ML models to generate insights and recommendations.

•AI operates on anonymized and aggregated data
•No customer-identifiable data is shared with third-party AI providers
•Outputs are advisory and should be reviewed by the customer

9. Changes to Permissions

FinOpsly may update required permissions as new features are introduced.
Customers will be notified of any material changes requiring additional access.

10. Contact

For questions regarding permissions or security:

Email: contact@finopsly.com
Website: www.finopsly.com