Data & Privacy

How Starlight handles your data.

Lead information (names, titles, companies, contact info) comes from third-party B2B data providers with access to 250M+ verified business contacts. This data is publicly available business information.

Email Content

Outreach messages are generated by AI based on your settings and publicly available prospect information. Sent messages and replies are stored in your Starlight account and accessible only to your team.

Security

Encryption

OAuth tokens (Gmail, Outlook, Google Calendar, HubSpot) are encrypted with AES-256-GCM before storage
Database connections use TLS encryption in transit

Authentication

Starlight uses passwordless authentication exclusively:

Google OAuth — delegates authentication to Google
Magic Links — one-time login links sent to your email

No passwords are stored in the system.

Session Management

You can terminate all active sessions from Settings → Security → Sign Out Everywhere.

Email Handling

Starlight only reads and tracks email threads initiated through the platform
Your personal inbox is never accessed or scanned
Connected email permissions can be revoked at any time from the Connectors page or your Google/Microsoft account settings

Data Retention

Your data is retained for as long as your account is active
Deleting your account permanently removes all associated data
Blacklisted email addresses are retained to prevent future outreach to those contacts

Third-Party Services

Starlight integrates with the following services:

Service	Purpose	Data Shared
B2B data providers	Lead search and enrichment	Search queries
AI model providers	AI message generation and analysis	Lead data, your AI settings
Stripe	Payment processing	Billing information
Gmail/Outlook	Email sending	Outreach messages
HubSpot	CRM sync	Contact information
Google Calendar	Calendar sync	Meeting data

Contact

For data privacy questions, contact spencer@joinstarlight.com.

Was this page helpful?

PreviousFAQ