LightSkye
Sign In

Privacy Policy

Last updated: April 14, 2026

LightSkye Energy (“we”, “us”, “our”) operates the LightSkye Console platform at console.lightskye.com (“the Platform”). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Platform.

By accessing or using the Platform, you agree to the collection and use of information as described in this policy. If you do not agree, please do not use the Platform.

Information We Collect

We collect the following categories of information:

  • Account Information: Your name, email address, and role within your organization, provided during the invitation and registration process.
  • Authentication Data: Login credentials managed through our authentication provider (Supabase), and OAuth tokens when you sign in with Google.
  • Usage Data: Pages visited, features used, actions performed, and timestamps of activity within the Platform.
  • Device Information: Browser type, operating system, IP address, and device identifiers collected automatically when you access the Platform.
  • Business Data: Lead information, appointment scheduling data, operational data, and other content you input into the Platform as part of your business operations.
  • Google Calendar Data:If you connect your Google Calendar, we access your free/busy availability and create or delete calendar events for assigned appointments. We store encrypted OAuth tokens to maintain this connection. See “Google Calendar Data” below for full details.

How We Use Your Information

We use your information for the following purposes:

  • To provide, maintain, and improve the Platform
  • To authenticate your identity and manage your account
  • To send platform notifications and operational communications
  • To monitor for security threats and unauthorized access
  • To maintain audit logs of platform activity
  • To develop new features and improve existing ones
  • To comply with legal obligations

Google Calendar Data

If you connect your Google Calendar to the Platform, we access the following data through the Google Calendar API:

  • Free/Busy Information: We query your calendar availability to determine open time slots for appointment assignment. We do not read the titles, descriptions, attendees, or other details of your calendar events.
  • Event Creation and Deletion: When an appointment is assigned to you, we create a calendar event on your Google Calendar with the appointment details. If an appointment is cancelled, we delete the corresponding event.
  • OAuth Tokens: When you authorize Google Calendar access, we receive OAuth tokens from Google. These tokens are encrypted at rest using AES-256-GCM encryption before being stored in our database. We do not store your Google password.

You can disconnect your Google Calendar at any time from the Calendar Settings page. Disconnecting immediately revokes the Platform’s access to your calendar data and deletes your stored tokens.

LightSkye Console’s use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Appointment and Scheduling Data

When appointments are submitted through the Platform (via webhook, form, or manual entry), we collect:

  • Contact name, email address, and phone number of the appointment requestor
  • Requested date, time, and timezone for the appointment
  • Assignment history, including which sales representative was assigned and why

This data is used to schedule appointments, assign sales representatives, and synchronize with connected third-party services (Google Calendar, HubSpot).

Third-Party Services

We use the following third-party services that may process your data in accordance with their own privacy policies:

  • Supabase: Authentication and database services. Processes account and authentication data.
  • Google OAuth: Authentication service. Processes authentication data when you choose to sign in with your Google account.
  • Google Calendar API:Calendar integration service. Processes free/busy data and creates/deletes calendar events when you connect your Google Calendar. See “Google Calendar Data” above for full details.
  • Vercel: Hosting and deployment. Processes request data to deliver the Platform.
  • SMTP2GO: Email delivery service. Processes email addresses for platform notifications and invitations.
  • HubSpot: Customer relationship management. Receives lead and contact data, appointment ownership assignments, and contact owner mappings when CRM synchronization is enabled.

Data Sharing

We do not sell your personal information. We may share your data in the following circumstances:

  • With the service providers listed above, solely to operate the Platform
  • With your organization’s administrators for platform management purposes
  • To comply with applicable laws, regulations, or legal proceedings
  • To protect our rights, privacy, safety, or property, or that of our users

Data Retention

We retain your data for as long as your account is active or as needed to provide the Platform’s services. When your account is deactivated, we retain data only as required by law or for legitimate business purposes, after which it is securely deleted.

Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption in transit via TLS/HTTPS
  • Row-level security policies on all database tables
  • Role-based access controls
  • Comprehensive audit logging of all platform actions
  • Strong password requirements for all accounts
  • AES-256-GCM encryption for third-party OAuth tokens stored at rest

While we strive to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • The right to access your personal data
  • The right to correct inaccurate data
  • The right to request deletion of your data
  • The right to object to or restrict data processing
  • The right to data portability
  • The right to revoke Google Calendar access at any time via the Calendar Settings page or through your Google Account permissions

To exercise any of these rights, contact us at privacy@lightskye.com.

Cookies and Local Storage

We use essential cookies and browser local storage for:

  • Authentication session management
  • Theme preferences (light/dark mode)

We do not use third-party advertising or tracking cookies. The Platform uses only cookies that are strictly necessary for its operation.

Children’s Privacy

LightSkye Console is a business platform not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have inadvertently collected such data, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes through the Platform or via email. Your continued use of the Platform after any changes constitutes acceptance of the updated policy.

Contact Us

For questions or concerns about this Privacy Policy or our data practices, contact us at: