Privacy Policy

Last updated: June 15, 2026

This Privacy Policy explains how SolarDesk ("SolarDesk", "we", "us") collects, uses, stores, and protects information when you use our solar ERP platform. SolarDesk is designed so that, beyond basic account sign-in, access to your Google data only ever occurs when you choose to connect an optional integration. The sections below describe exactly what happens at each stage.

1. Account Registration & Sign-In

When you create an account or sign in using Google, SolarDesk collects only your email address and basic profile information (such as your name and profile photo, if available). This information is used solely to:

  • Authenticate your identity and manage your account login
  • Create and identify your user profile within your organization's workspace
  • Send service-related communications and the reports or simulations you explicitly request

Signing in with Google does not grant SolarDesk access to your Gmail messages or Google Calendar. Those are separate, optional integrations described below that are only enabled if you choose to connect them.

2. Gmail Connection (Optional)

This section applies only if you choose to connect your Gmail account from within SolarDesk. Connecting Gmail is entirely optional and is never required to use the core product. If you do not connect Gmail, none of the access described here takes place.

When you connect Gmail, SolarDesk requests the following Google scopes:

  • Read your email (gmail.readonly) — to sync incoming and sent messages with the matching CRM contacts in your workspace, so your team has a unified record of customer communication.
  • Send email on your behalf (gmail.send) — to send messages, proposals, and follow-ups you compose or trigger inside SolarDesk from your own connected address.

What we store: OAuth access and refresh tokens (encrypted) needed to maintain the connection, and the synced email content (such as message metadata and body) associated with the relevant CRM contacts in your organization's workspace.

How it is used: Gmail data is used exclusively to provide the email-sync and send features inside SolarDesk for your organization. It is not used for advertising, not sold, and not transferred to third parties except as required to provide the service.

Retention: Synced email content and OAuth tokens are retained while the Gmail connection is active. When you disconnect Gmail (see "Disconnecting & Data Deletion" below) or delete your account, the stored OAuth tokens are revoked/removed and the associated synced email content is deleted.

3. Google Calendar Connection (Optional)

This section applies only if you choose to connect your Google Calendar from within SolarDesk. Connecting Calendar is entirely optional and is never required to use the core product. If you do not connect Calendar, none of the access described here takes place.

When you connect Google Calendar, SolarDesk requests the following Google scopes:

  • Read your calendar events (calendar.readonly) — to compute your real-time availability for scheduling and booking pages so customers and teammates only see open time slots.
  • Manage your calendar events (calendar.events) — to create, update, and delete events for appointments, installations, and two-way calendar sync booked through SolarDesk.

What we store: OAuth access and refresh tokens (encrypted) needed to maintain the connection, and event data (such as event times, titles, attendees, and identifiers) needed to compute availability and keep your calendar in sync.

How it is used: Calendar data is used exclusively to provide scheduling, availability, and two-way calendar sync inside SolarDesk for your organization. It is not used for advertising, not sold, and not transferred to third parties except as required to provide the service.

Retention: Event data and OAuth tokens are retained while the Calendar connection is active. When you disconnect Calendar (see "Disconnecting & Data Deletion" below) or delete your account, the stored OAuth tokens are revoked/removed and the associated event data is deleted.

4. Google API Limited Use Disclosure

SolarDesk's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, data obtained from Gmail and Google Calendar is used only to provide and improve the user-facing features described above, is not transferred to others except as necessary to provide those features (or for security or legal reasons), is not used for advertising, and is not read by humans unless you give explicit consent, it is necessary for security or to comply with applicable law, or the data is aggregated and anonymized.

5. Data Sharing

We do not sell, trade, or rent your personal information, Gmail data, or Calendar data to third parties. Information is used within SolarDesk to provide the services you have requested and is shared only with service providers (such as our hosting and infrastructure vendors) acting on our behalf to operate the platform, or where required by law.

6. Data Security

We implement industry-standard security measures to protect your information. OAuth tokens are stored encrypted, access to data is restricted to authorized personnel and tenant-scoped within your organization, and all data is transmitted over encrypted connections.

7. Disconnecting & Data Deletion

You remain in control of any Google data you choose to share. You can:

  • Disconnect at any time from within SolarDesk (Settings → Integrations) to revoke SolarDesk's access to your Gmail and/or Google Calendar. Disconnecting removes the stored OAuth tokens and deletes the associated synced Google-derived data.
  • Revoke access through Google directly at myaccount.google.com/permissions.
  • Request deletion of your account and all associated data, including any Google-derived data, by contacting us at support@solardesk.io.

8. Data Retention

Your email address and account information are retained for as long as your account is active. Google-derived data (Gmail content, Calendar events, and OAuth tokens) is retained only while the corresponding integration is connected, as described above. You may request deletion of your account and associated data at any time by contacting us.

9. Your Rights

You have the right to:

  • Access the personal data we hold about you
  • Request correction or deletion of your data
  • Disconnect any optional integration and revoke consent for data processing at any time

10. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with a revised "Last updated" date. Continued use of the service after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy or how your data is handled, please contact us at support@solardesk.io.