Privacy Policy

1. Introduction

Starlight Sales, Inc. ("we", "us", or "our") operates the Starlight platform at joinstarlight.com. This Privacy Policy explains how we collect, use, store, and protect your information when you use our Service.

2. Information We Collect

Account Information

• Authentication data: name, email address, and profile photo from Google OAuth or email magic link sign-in
• Billing information: payment details are processed and stored by Stripe — we do not store credit card numbers

Usage Data

• Search queries and lead interactions
• Messages composed and sent through the platform
• Feature usage and credit consumption
• Sequence enrollment and email delivery status

Integration Data

• Email (Gmail/Outlook): we access only email threads initiated through Starlight. We do not read or scan your personal inbox
• Calendar: meeting data from connected calendar services for scheduling features
• CRM (HubSpot): contact data synced between Starlight and your CRM

3. How We Use Your Information

• To provide and maintain the Service, including lead search, AI message generation, and email automation
• To process billing and manage your subscription
• To send transactional emails (account verification, billing receipts, security alerts)
• To improve the Service based on usage patterns
• To enforce our Terms of Service and prevent abuse

4. AI and Data Processing

Starlight uses AI (powered by xAI Grok) to generate personalized outreach messages, analyze leads, and provide sales coaching. When using AI features:

• Lead data and your AI configuration settings are sent to xAI for processing
• AI-generated content is stored in your account
• We do not use your data to train AI models
• AI may use web search to gather publicly available information about prospects

5. Third-Party Services

We share data with the following third-party services as necessary to operate the platform:

6. Data Security

Encryption

• OAuth tokens (Gmail, Outlook, Google Calendar, HubSpot) are encrypted with AES-256-GCM before storage
• All data in transit is encrypted via TLS
• Database connections use TLS encryption

Authentication

Starlight uses passwordless authentication exclusively (Google OAuth and magic links). No passwords are stored in our system.

Access Controls

• Your data is isolated to your company account
• Team members can only access data within their shared company
• You can terminate all active sessions from Settings at any time

7. Data Retention

• Account data is retained for as long as your account is active
• Deleting your account permanently removes all associated data
• Blacklisted email addresses are retained to prevent future outreach to opted-out contacts
• Billing records are retained as required by law

8. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate personal data
• Delete your personal data (account deletion)
• Export your data in a portable format
• Object to processing of your personal data
• Revoke third-party integration access at any time

To exercise these rights, contact us at spencer@joinstarlight.com.

9. Cookies

Starlight uses essential cookies for authentication and session management. We do not use advertising or tracking cookies.

10. Children's Privacy

The Service is not intended for users under 18 years of age. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes via email or in-app notification. The "Last updated" date at the top of this page indicates when the policy was last revised.

12. Contact

For privacy-related questions or requests, contact us at spencer@joinstarlight.com.