This Privacy Policy explains how Glint Solar ("Glint", "we", "us") collects, uses, and protects your personal data when you use our solar forecast service at glintsolar.app. We are committed to protecting your privacy and handling your data in accordance with the General Data Protection Regulation (GDPR).
1. Who we are
Glint Solar is an independent software service. If you have any questions about this policy or how we handle your data, you can contact us at hello@glintsolar.app.
2. What data we collect
We collect only the data necessary to provide the Glint service. This includes:
- Email address — used to create and identify your account, and to send you a verification email when you sign up.
- Password — stored as a secure hash using industry-standard bcrypt encryption. We never store or have access to your actual password.
- Solcast API key and Resource IDs — stored securely on our server so we can retrieve your solar forecast data from Solcast on your behalf.
- Location name — a label you choose for your property (for example, "Cork, Ireland"). This is for display purposes only.
- Forecast cache — we temporarily store your solar forecast data on our server to avoid unnecessary API calls. This data is refreshed daily and deleted when you close your account.
We do not collect your name, address, phone number, payment information, or any other personal data beyond what is listed above.
3. Why we collect your data
We collect and process your data on the following legal bases under GDPR:
- Contract performance — your email address and Solcast credentials are necessary to provide the service you have signed up for.
- Consent — by creating an account and agreeing to this Privacy Policy, you consent to us storing and processing your data as described here.
- Legitimate interests — we cache your forecast data to improve performance and reduce unnecessary API usage.
4. How we use your data
Your data is used solely to operate the Glint service. Specifically:
- Your email address is used to verify your account and allow you to log in.
- Your Solcast credentials are used exclusively to retrieve your personal solar forecast from the Solcast API on your behalf.
- Your cached forecast data is used to display your solar information in the app without consuming your daily Solcast API allowance on every page load.
We do not use your data for marketing, profiling, advertising, or any purpose other than providing the Glint service.
5. Who we share your data with
We do not sell, rent, or share your personal data with any third parties, with one exception:
- Solcast — your Solcast API key and Resource IDs are sent to the Solcast API (solcast.com.au) on your behalf to retrieve your solar forecast. Solcast's own privacy policy governs how they handle this data.
Your data is hosted on servers operated by Hostinger. Data is stored within the EU. Hostinger's privacy policy is available at their website.
6. How long we keep your data
- Account data (email, password hash, Solcast credentials) — retained for as long as your account exists. Deleted immediately and permanently when you close your account.
- Forecast cache — refreshed daily and deleted when your account is closed.
- Verification tokens — deleted immediately once your email is verified.
7. Your rights under GDPR
As a data subject under GDPR, you have the following rights:
- Right of access — you can request a copy of the personal data we hold about you.
- Right to rectification — you can update your Solcast credentials and location name at any time from within the app settings.
- Right to erasure — you can permanently delete your account and all associated data at any time from within the app settings. Deletion is immediate and irreversible.
- Right to data portability — you can request your data in a portable format by contacting us.
- Right to object — you can object to our processing of your data at any time by contacting us or deleting your account.
- Right to lodge a complaint — if you are unhappy with how we handle your data, you have the right to lodge a complaint with your national data protection authority. In Ireland this is the Data Protection Commission at dataprotection.ie.
To exercise any of these rights, contact us at hello@glintsolar.app.
8. Cookies and sessions
Glint uses a single session cookie to keep you logged in while you use the app. This cookie is strictly necessary for the service to function and does not track you across other websites. It is deleted when you log out or clear your browser data.
We do not use advertising cookies, analytics cookies, or any third-party tracking tools.
9. Security
We take reasonable technical measures to protect your data, including:
- All data is transmitted over HTTPS (encrypted in transit).
- Passwords are hashed using bcrypt and never stored in plain text.
- Solcast credentials are stored server-side and never exposed to the browser after initial entry.
- Access to the database is restricted to the application server only.
10. Children
Glint is not directed at children under the age of 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
11. Changes to this policy
We may update this Privacy Policy from time to time. If we make significant changes, we will notify you by email or by a prominent notice within the app. The date at the top of this page shows when the policy was last updated. Continued use of Glint after any changes constitutes your acceptance of the updated policy.
12. Contact us
If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us at hello@glintsolar.app. We aim to respond to all enquiries within 5 working days.