Map your AWS architecture — interactive diagram & AI audit for Mac

Privacy Policy

Last updated: April 20, 2026

1. What the app does with your data

The AWSAnalyze desktop app (distributed via Homebrew and GitHub Releases) operates entirely within your macOS environment:

• AWS credentials you enter are stored in the macOS Keychain on your machine, encrypted by the operating system. We have no mechanism to read them.
• AWS API calls are made directly from your Mac to AWS endpoints using the AWS SDK. No proxy, no relay, no server of ours sits in between.
• AI audit requests use your own OpenAI or Anthropic API key (or OpenAI OAuth session), stored locally. The app calls the provider's API directly from your Mac. We never see your key, your prompts, or the responses.
• Scan results, diagrams, and AI findings are persisted in a local SwiftData store inside your app's sandbox (~/Library/Containers/com.awsanalyze.app). They stay on your disk.
• Exports (CloudFormation, Terraform, PDF) are written to wherever you choose on your filesystem. We don't see them.

2. What we collect — nothing

We do not operate any backend infrastructure for the app. That means:

• No analytics, no telemetry, no usage metrics, no crash reporting.
• No user accounts, no sign-in, no licensing server, no "phone home" on launch or exit.
• No third-party SDKs inside the app that transmit data about you (no Sentry, no Firebase, no Mixpanel, no Google Analytics).

If you don't want to take our word for it, you can verify this at runtime: run a network inspector (Little Snitch, Charles Proxy, pfctl, etc.) while using AWSAnalyze and you will only see outbound connections to AWS endpoints (*.amazonaws.com) and, if the AI audit is enabled, your chosen AI provider (e.g. api.openai.com). Nothing is sent anywhere else.

3. This website (awsanalyze.app)

The marketing site you're reading is a static HTML page hosted on Cloudflare Pages. A few things happen that you should know about:

• Cloudflare, as the CDN and DNS provider, automatically logs request metadata (IP address, user agent, URL path) for security and availability purposes. This is governed by Cloudflare's privacy policy. We do not receive or store these logs.
• Google Fonts are loaded from fonts.googleapis.com to render Inter and JetBrains Mono. Google may see your IP address when your browser fetches the font files, governed by Google's privacy policy.
• We do not set any first-party cookies. No analytics scripts (no GA, no Plausible, no Fathom) are loaded on this site.
• We do not use any advertising or tracking pixels.

4. Distribution (Homebrew & GitHub)

When you install the app via brew install --cask itsfreddyrb/awsanalyze/awsanalyze, the .dmg is downloaded from GitHub Releases. GitHub will log your IP address as part of serving that download, per GitHub's privacy statement. We do not receive those logs.

5. Contact (hello@awsanalyze.app)

If you email hello@awsanalyze.app, the message is routed through Cloudflare Email Routing to the maintainer's personal inbox. The content of your email is retained there under standard mail-provider terms. We only use the address to reply to you and will not share it.

6. Donations (PayPal)

If you donate via the "Help a Venezuelan Developer" buttons, the payment flow is handled entirely by PayPal. We never see or store your card or bank details. PayPal sends us the donor's name/email as visible in any standard PayPal transaction; that's governed by PayPal's privacy policy.

7. Your rights (GDPR / CCPA & equivalents)

Since we do not collect personal data about you, there is nothing on our side to access, rectify, export, or delete. If you've emailed us and want that correspondence removed from the maintainer's inbox, reply to the thread and ask — it will be deleted.

8. Children

AWSAnalyze is a developer tool for administering AWS accounts and is not directed at children under 13. We do not knowingly collect data from children.

9. Changes to this policy

If this policy changes materially, the "Last updated" date above will change and the diff will be visible in the repo's git history. There is no mailing list to notify you from, because we have no list.

10. Trademark & Affiliation disclaimers

AWSAnalyze is an independent, third-party tool. It is not affiliated with, endorsed by, sponsored by, or otherwise associated with Amazon Web Services, Inc., Amazon.com, Inc., or any of their subsidiaries. "AWS", "Amazon Web Services", the AWS logo, and any AWS service names referenced in this app (EC2, S3, RDS, Lambda, etc.) are trademarks or registered trademarks of Amazon.com, Inc. or its affiliates. All AWS service icons displayed by the app are sourced from the publicly distributed AWS Architecture Icons package and are used solely to identify the services they represent.

"OpenAI" and "ChatGPT" are trademarks of OpenAI, L.L.C. AWSAnalyze is not affiliated with OpenAI. When you enable the AI audit feature, you use your own OpenAI account under OpenAI's terms.

"Claude" and "Anthropic" are trademarks of Anthropic, PBC. AWSAnalyze is not affiliated with Anthropic. When you enable the Claude audit provider, you use your own Anthropic account under Anthropic's terms.

"Homebrew" is a trademark of the Homebrew project. "Apple", "macOS", "Mac", "Swift" and "SwiftUI" are trademarks of Apple Inc. AWSAnalyze is not affiliated with Apple Inc.

11. Contact

Questions about this policy? Email hello@awsanalyze.app.