Everything people ask before signing up.
Pricing, security, integrations, free tools, refunds, support — all answered straight, no marketing fluff. If your question isn't here, email hello@cartieai.com and we'll add it.
A Financial Operating System for cloud and AI infrastructure — we tell you exactly which features, customers, and commitments are losing you money, and what to change to fix it.
AI-native B2B SaaS founders, CFOs, and FinOps engineers running $10K–$5M/mo on AWS / Azure / GCP / Snowflake / Databricks. Sweet spot is teams whose AI inference bill is now bigger than their EC2 bill.
Those tools optimise commitments or surface anomalies. CARTIE answers the questions they don't: which AI features pay for themselves, which customers cost more than they pay you, and what the next $1 of cost will buy. Decision-support, not just dashboards.
Cost-per-Customer P&L (Stripe-powered), AI Feature Profitability (per-feature unit economics), AI Token Budgets (with throttle webhooks), Decision Simulator (6 what-if scenarios), Engineer Savings Wall (gamified), Tag-Drift Detective, Daily AI Brief, Commitment Posture Coach, and PR-Time Cost Prediction.
Yes — a fully populated demo account is one click away. Use demo@cartieai.com / demo123 / OTP 123456. Every chart, alert, and report is rendered with realistic seed data so you can see the full surface in 60 seconds.
Under 10 minutes for the AI feature side (you POST events from your code with an API key). 24 hours for the full cloud-cost side once you upload a CUR / Azure / GCP export — we don't auto-pull from S3 yet because most enterprise teams prefer upload-only for security.
Yes — AWS, Azure, GCP. Bills are normalised into the FOCUS standard so a 'compute hour' means the same thing across providers. Snowflake and Databricks have dedicated audit modes.
The web app is fully responsive and we ship a daily Slack 1-liner so you don't need to open a dashboard. A native PWA install prompt is also available if you want CARTIE on your home screen.
Outcome-based: you pay a percentage of verified savings, capped per tier. Starter 8% (capped $2.5K/mo), Growth 12% (capped $10K/mo), Enterprise 15% (capped $40K/mo). If we don't save you at least $1K/mo, you don't pay.
Then your invoice is $0. The minimum tier requires $1K/mo of verified savings. If we can't surface that, there's no fee — that's the pact.
Self-reported, then admin-verified. You decide what counts. Our role is to surface the opportunities; your role is to validate that 'rightsized this RDS' actually went into prod and saved $X. The Engineer Savings Wall makes that traceable.
Yes — every tier has a hard monthly cap. Starter $2.5K · Growth $10K · Enterprise $40K. If we save you $1M/mo, your fee is still capped. We'd rather build a long relationship than gouge a quarterly win.
All public calculators (savings, bill score, AI profitability, commitment coach, PR cost predictor, decision simulator) are 100% free with no signup. The full multi-tenant product unlocks at the outcome-pricing tier when you're ready to share live data.
Stripe metered billing on a 30-day-net invoice. Every line item references the verified savings event that produced it — no surprise charges, no opaque platform fees.
Yes — month-to-month, no contracts, no termination fees. Export your data on the way out (we ship CSV / JSON / FOCUS exports) and rotate your Stripe restricted key to lock us out instantly.
Yes — within 14 days of any invoice if you can show the verified savings number was incorrect. Detailed refund policy on /refund.
Not yet — and we'll never claim otherwise. Today we operate with SOC 2-aligned controls (15 written policies derived from the open-source strongdm/comply MIT-licensed bundle) and our auditor selection begins at customer #25. We publish the policy bundle and live security proof for your InfoSec review.
Yes for the rights customers can exercise (data access, export, deletion, portability) — those work end-to-end today. EU data-residency and a formal DPA are available for Enterprise customers; reach out to hello@cartieai.com.
30 days for raw cost-line events by default, 90 days for aggregated metrics, indefinitely for your savings and verified-action history (you control deletion). Audit logs are retained 90 days minimum to satisfy compliance.
AES-256 at rest in MongoDB Atlas, TLS 1.2+ in transit, Cloudflare-fronted ingress. Stripe API keys are stored encrypted with envelope encryption — even our database backups can't read them without a key the application holds in memory.
Stripe (payments), Resend (transactional email), Slack (alerts), MongoDB Atlas (database), Cloudflare (CDN/WAF), and our LLM providers (OpenAI / Anthropic / Google) for narrative generation only. Full list with purpose & data-shared is gated to verified InfoSec reviewers.
US-East (Virginia) by default. EU-West and APAC residency are available for Enterprise tiers — your tenant rows live in a geographic shard, our application enforces it at the DB-collection level.
Yes — admin role can pull JSON or CSV exports from /admin/audit-log with date filtering, plus on-demand security-proof PDFs that show the live tenant-isolation checks running on your account.
Internal red-team review is run weekly by our automated leak-guard cron (4 rounds + 1 weekly). External 3rd-party pen test is scheduled alongside the SOC 2 Type II audit at customer #25 — we publish the dated commitment on /trust.
No. We never share your data with model providers in a way that could be used to train models on it for other customers. LLM calls (Claude / GPT / Gemini) only ever see anonymised, structured numbers — not customer names, emails, or workload identifiers.
Only restricted keys with read-only Customer/Subscription/Invoice scopes (90-day window). If you'd rather not share a key, the CSV-upload path imports the same data without one. Either way, the key is encrypted at rest, never logged, and revocable instantly from your Stripe dashboard.
Email addresses (yours and your customers' — for P&L attribution), names if you provide them, and IP-address-derived org metadata. No payment-card data, no source code, no production database content.
Yes — every list and table has a CSV export, and admin-tier users can pull a full JSON dump of all tenant collections. Deletion is one click from /settings — verifiably wipes your tenant rows within 24 hours.
Physically scoped at the database level — every read/write is proxied through tenant_db.py which forces the tenant filter at the collection-name level, not in-memory. We publish a live test that fails if a tenant ever sees another tenant's data.
Generate an API key on /settings/api-keys, set it as CARTIE_API_KEY, and POST to /api/ai-cost-events/track with {feature_slug, cost_usd, customer_id}. Python, JavaScript, and cURL snippets are on /developers.
Yes — 1000 events/minute per API key on the single-event endpoint, 50 batches/minute on /track-batch (each batch up to 500 events). 429 with retry-after header on overflow. Higher limits available on Enterprise.
Every outbound webhook carries an X-Cartie-Signature: sha256=<hex> header. Recompute hmac.sha256(signing_secret, '<timestamp>.<raw_body>') and timing-safe compare. The signing secret is shown once when you create an API key.
Stripe (revenue sync), Slack (alerts/digests), Resend (email), AWS CUR / Azure / GCP / Snowflake / Databricks (cost imports), GitHub Actions (PR-time cost via your own workflow). VS Code extension + a hosted GitHub App are on the roadmap.
Yes — Google SSO is live for all tiers; Okta / Azure AD / SAML / SCIM provisioning are available on Enterprise. Reach out to hello@cartieai.com to get configured.
Genuinely free, no signup, no rate limit. Some have an optional 'send me the detailed plan' email field — if you submit it, we add you to the appropriate sales lane (CFO / engineer / InfoSec). That's the only catch. Don't submit the email and we never see who you are.
It uses the same 18% FinOps Foundation baseline + driver multipliers most enterprise audits use. Capped at 40% so we never over-promise. Real audits land within ±5pp for ~80% of teams.
Yes — paste any `terraform show -json` output, see the exact dollar delta in 2 seconds. Supports EC2 (29 instance types), RDS, ElastiCache, Lambda, NAT GW, EBS, S3 — priced from a Jan-2026 us-east-1 snapshot. Architecture-aware (gp3 vs gp2, Graviton vs x86).
Yes — every result generates a sharable badge SVG with your score. Tweet it, drop it in Slack, or paste it in your engineering README. The badge links back to the quiz so colleagues can compare.
100% deterministic Python. Every scenario (LLM swap, SP coverage increase, caching, K8s rightsizing, drop unprofitable customer, token cap) is a pure function with side-effect-free math. The LLM only writes the plain-language narrative on top of the numbers — never the numbers themselves.
Email hello@cartieai.com — replies within 4 business hours, usually faster. Enterprise customers get a private Slack Connect channel and a named CSM. We don't gate basic support behind a paid tier.
Yes — first login fires a 4-step product tour (connect cloud OR upload CUR · seed P&L · set first AI budget · invite a teammate). You can replay it from /settings any time. The Daily AI Brief widget surfaces the most useful next-step on each visit.
Yes — unlimited seats on every tier. Roles are admin / member / viewer. Engineers can log savings actions on the Engineer Savings Wall without admin permissions, and the verify step keeps numbers honest.
Best-effort 99.9% uptime today (we publish live status on /system-status). A formal contractual SLA with credits is available on Enterprise. We don't fake an SLA we can't deliver — that's the deal.
Email hello@cartieai.com or shout it on the founder's calendar (linked in /contact). We ship roadmap-public — every accepted request gets a public ETA and a Slack ping when it ships.
Founded by Lakshmi Kiranmai Guduru. We build in public — see /about for the story and /careers if you want to join.