Terms, Privacy and Refund

Terms of Service

By accessing bastioneer.com and using our services, you agree to these terms. Bastioneer provides an AWS cleanup and cost visibility report service. We are a solo operator: Bastioneer is owned and operated by an individual consultant based in El Salvador.

Our services include automated AWS account scanning, scan reports, and related digital deliverables that may be released over time. All digital products are delivered electronically.

You agree to use Bastioneer only for lawful purposes. You must have the authority to grant the AWS access permissions requested during onboarding. By deploying our CloudFormation template, you confirm that you own or have permission to authorize access to the AWS account being scanned.

AWS Access and Security

When you connect your AWS account, Bastioneer creates a read-only IAM role via a CloudFormation template. This role uses AWS STS (Security Token Service) temporary credentials to access your account for scanning. These credentials are valid for a maximum of 1 hour and expire automatically.

Bastioneer will never:

• Modify, create, or delete any AWS resource in your account
• Store your AWS credentials or access keys
• Maintain standing or persistent access to your account
• Share your scan data with third parties

You may revoke access at any time by deleting the Bastioneer CloudFormation stack from your AWS console. Deletion immediately and permanently removes all access.

Privacy Policy

Bastioneer collects the following information to operate its services:

• Name, email address, and company name submitted through contact forms
• AWS account metadata required to generate scan reports: resource counts, resource IDs, cost estimates, and service utilization data
• Inquiry details and preferences submitted through contact or onboarding forms

We use this information for the following purposes:

• Delivering scan results, paid reports, and digital products you have purchased
• Responding to your inquiries and providing customer support
• Fraud detection and spam prevention
• Improving the accuracy and quality of our service over time

Scan results are stored securely in AWS S3 and DynamoDB within our AWS account. Raw resource data is retained for a maximum of 30 days to allow report delivery. After 30 days, raw data is deleted. Summary metadata may be retained for internal analytics.

We use AWS SES for email delivery and AWS Bedrock to process scan data. No scan data is sent to external APIs outside of AWS infrastructure.

Payments are processed by a third-party payment provider (Paddle). Bastioneer does not store, handle, or have access to full card details. All payment processing is governed by the payment provider's own terms and privacy policy.

Your browser may store limited non-personal settings in local storage to support the Bastioneer experience between visits.

We do not sell, rent, or share your personal information with third parties for marketing purposes. Data is only shared with service providers required to operate Bastioneer, including AWS infrastructure, email delivery, and our payment processor.

You may request deletion of your data at any time by contacting us through the contact page.

Refund Policy

All sales are final for the following digital products, as they are consumed upon delivery:

• Full audit reports, delivered digitally and consumed upon receipt
• Any future digital downloads or add-ons, if purchased after release, once delivered or activated
• Any future recurring service fees for completed billing periods, if such services are introduced

If you believe there has been an error in your order or a technical issue prevented delivery, contact us through the contact page within 7 days of purchase and we will review the situation on a case by case basis.

Disclaimer & Limitation of Liability

Bastioneer's scan reports, findings, and recommendations are provided for informational purposes only. They do not constitute professional cloud engineering, financial, or legal advice.

All recommendations should be reviewed and validated by a qualified engineer before being applied to any environment. You are solely responsible for any infrastructure changes, resource deletions, configuration modifications, or other actions taken based on this report. Bastioneer strongly recommends testing all changes in a non-production environment prior to applying them to production workloads.

Bastioneer assumes no liability for:

• Service disruptions, outages, or degraded performance resulting from actions taken based on our recommendations
• Data loss or corruption caused by resource deletions or modifications
• Inaccurate cost estimates: savings projections are based on current AWS pricing and observed usage patterns and may not reflect your actual billing
• Security vulnerabilities introduced as a result of changes made based on this report
• Any indirect, incidental, consequential, or punitive damages of any kind

Cost estimates and waste calculations are approximations. Actual savings may vary based on reserved instance commitments, enterprise discount programs, support tiers, data transfer costs, and other factors not visible through read-only scanning.

Bastioneer's total liability for any claim arising from use of our services is limited to the amount you paid for the specific service giving rise to the claim.

Contact

For all legal, privacy, billing, or support inquiries, please use the contact page.

Response time: usually within 1 business day.