Data & Privacy
How Starlight handles your data.
|
Data Sources
Lead Data
Lead information (names, titles, companies, contact info) comes from Apollo.io, a third-party B2B data provider with 250M+ contacts. This data is publicly available business information.
Email Content
Outreach messages are generated by AI based on your settings and publicly available prospect information. Sent messages and replies are stored in your Starlight account and accessible only to your team.
Security
Encryption
- OAuth tokens (Gmail, Outlook, Google Calendar, HubSpot) are encrypted with AES-256-GCM before storage
- Database connections use TLS encryption in transit
Authentication
Starlight uses passwordless authentication exclusively:
- Google OAuth β delegates authentication to Google
- Magic Links β one-time login links sent to your email
No passwords are stored in the system.
Session Management
You can terminate all active sessions from Settings β Security β Sign Out Everywhere.
Email Handling
- Starlight only reads and tracks email threads initiated through the platform
- Your personal inbox is never accessed or scanned
- Connected email permissions can be revoked at any time from the Connectors page or your Google/Microsoft account settings
Data Retention
- Your data is retained for as long as your account is active
- Deleting your account permanently removes all associated data
- Blacklisted email addresses are retained to prevent future outreach to those contacts
Third-Party Services
Starlight integrates with the following services:
| Service | Purpose | Data Shared |
|---|---|---|
| Apollo.io | Lead search | Search queries |
| xAI (Grok) | AI message generation | Lead data, your AI settings |
| Stripe | Payment processing | Billing information |
| Gmail/Outlook | Email sending | Outreach messages |
| HubSpot | CRM sync | Contact information |
| Google Calendar / Calendly / Cal.com | Calendar sync | Meeting data |
Contact
For data privacy questions, contact spencer@joinstarlight.com.
Was this page helpful?