Your data never leaves your tenant.

Your billing data, your recommendations, and your debate transcripts stay inside your Azure subscription. Skerply reads them; it never copies them out. The only data that crosses the boundary is the metering event we send to the Azure Marketplace so we can bill you correctly.

How the boundary is enforced

Managed Application. Deployed from the Marketplace into a resource group in your subscription. The publisher (us) has no role assignment that grants data read access.
Read-only. Skerply's Managed Identity holds Cost Management Reader and Reader at the subscription scope. No write or delete permissions are granted.
In-tenant storage. Cost data, recommendations and the full debate transcripts persist to an Azure SQL Serverless database provisioned inside your subscription. We do not have credentials to it.
In-tenant LLM. The Analyst and Debate pipelines call your Azure OpenAI resource (deployed alongside the Managed Application). No prompts or completions traverse our infrastructure.
Egress audit. The only outbound traffic Skerply makes is to the Azure Marketplace metering endpoint and the Azure Retail Prices API. Both are documented and Network Watcher rules can confirm no other egress.

Data flow at a glance

The diagram below shows every direction data moves. Everything labelled read stays inside your tenant. The only thing that crosses the boundary is the metering event we send to the Azure Marketplace so we can bill you correctly.

One outbound boundary crossing per month, per subscription — the Marketplace metering event. Everything else stays inside your tenant.

What we store about you

In our publisher subscription, we store only what's needed to bill and support the account:

Your Marketplace subscription ID, plan, status and activation date.
The Entra account ID of the owner who completed activation.
Your billing email and (optional) support PIN.
An audit log of sign-ins, licence reveals, recipient changes and cancellations.
The metering events we send to Azure Marketplace (total identified savings per month, the resulting bill line).

We do not store the names, IDs, sizes or costs of your individual Azure resources. We do not store any recommendation text. We do not store any debate transcript content.

Sub-processors

Sub-processors handle only the publisher-side data described above:

Microsoft Azure — hosts the publisher infrastructure (region: South Africa North).
Microsoft Azure Marketplace — receives metering events for billing.
Azure Communication Services — sends transactional email (sign-in confirmations, statements, anomaly alerts).

Adding a new sub-processor triggers a 30-day notice to all customers via the customer portal and email.

Reporting a vulnerability

Email security@skerply.com or follow our security.txt. See also our Recommendations Disclaimer for the limits of what an automated recommendation can and cannot claim about your environment.

Try via Marketplace Talk to us