Privacy Policy

Last updated: June 11, 2026

This Privacy Policy describes how HubbleMind Labs Private Limited ("HubbleMind", "we", "us", or "our"), the company behind the Skylor platform ("Skylor", "Platform", "Service"), collects, uses, stores, and protects your personal information when you visit our website, sign up for an account, or use our services.

By using Skylor, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use our Service.

1. Information We Collect

We collect the following categories of information:

Account Information: When you request access or create an account, we collect your email address, team size, and any other information you voluntarily provide (such as company name or role).

Usage Data: We automatically collect information about how you interact with the Platform, including pages visited, features used, timestamps, browser type, device information, and IP address.

Business Data: Information you enter into the Platform during normal use, including leads, contacts, tasks, invoices, payment records, notes, and file attachments. This data belongs to you and your organization.

Connected Account Data: If you choose to connect your own Google or Microsoft mailbox (an optional feature), we store the OAuth access and refresh tokens issued by that provider, encrypted at rest, solely to send email on your behalf. We do not collect, read, or store the contents of your inbox. See Section 4 for full details.

Communication Data: If you contact us via email or support channels, we retain those communications to respond to your inquiries and improve our service.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • To provide, operate, and maintain the Skylor platform
  • To process and review workspace access requests
  • To communicate with you about your account, updates, and support requests
  • To improve the Platform's features, performance, and user experience
  • To monitor usage patterns and detect abuse, fraud, or security threats
  • To comply with legal obligations and enforce our Terms of Service
  • To send you product updates and announcements (you may opt out at any time)

We do not sell your personal information to third parties. We do not use your business data (leads, invoices, tasks) for any purpose other than providing the Service to you.

3. Data Storage and Security

Your data is stored on servers located in India. We implement industry-standard technical and organizational security measures to protect your data against unauthorized access, alteration, disclosure, or destruction. These measures include encrypted data transmission (TLS/SSL), access controls, regular security audits, and secure backup procedures.

While we strive to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

4. Connected Accounts & Third-Party Services

4.1 Connecting Your Own Email Account (Google & Microsoft)

Skylor lets you optionally connect your own Google (Gmail / Google Workspace) or Microsoft (Outlook / Microsoft 365) mailbox so that outbound emails Skylor sends on your behalf — such as invoices, estimates, support-ticket replies, and notifications — are delivered from your own address. This connection is entirely optional. If you do not connect a mailbox, Skylor sends email through its own secure delivery service instead.

When you connect a mailbox, you authenticate directly with Google or Microsoft using OAuth 2.0. Skylor never sees or stores your email password. We request only the minimum scope required to send email on your behalf:

  • Google: https://www.googleapis.com/auth/gmail.sendsend-only access. This scope does not permit reading, searching, modifying, or deleting any message in your mailbox.
  • Microsoft: Mail.Send (with offline_access to keep the connection active) — send-only access, with no permission to read your mailbox.

We store the OAuth tokens issued by Google/Microsoft securely (encrypted at rest) solely to send email at your request. We do not read, store, copy, or analyze the contents of your inbox, and no HubbleMind employee accesses your messages. You can disconnect a mailbox at any time from Skylor's email settings, and you can independently revoke Skylor's access from your Google Account or Microsoft Account security settings.

4.2 Limited Use of Google User Data

Skylor's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including its Limited Use requirements. Specifically, data obtained through Google APIs is used only to provide or improve the email-sending feature you explicitly enabled; is never sold; is never used for advertising; and is never transferred to others except as necessary to provide the feature, to comply with applicable law, or as part of a merger or acquisition with appropriate notice. We do not allow humans to read this data unless we have your affirmative consent for specific messages, it is necessary for security purposes (such as investigating abuse), it is required to comply with applicable law, or the data has been aggregated and anonymized. The same standard applies to data received through Microsoft Graph.

4.3 Other Service Providers

We may share limited information with trusted third-party service providers who assist us in operating the Platform:

  • Email Delivery: When you have not connected your own mailbox, we use a third-party email service to send transactional emails (account verification, workspace invitations, notifications) on Skylor's behalf.
  • Payments: Subscription billing is processed by our payment provider; we do not store full card details on our servers.
  • Analytics: We use analytics tools to understand how the Platform is used and to improve our service.
  • Advertising: We use Meta (Facebook) Pixel to measure the effectiveness of our advertising campaigns. This may involve sharing limited data such as page views and conversion events with Meta Platforms, Inc.
  • Security: We use Cloudflare services, including Turnstile (invisible CAPTCHA), to protect against spam and abuse.
  • Hosting: Our infrastructure is hosted with reputable cloud service providers with data centers in India.

These providers are contractually obligated to protect your data and use it only for the purposes we specify. We do not share your business data (leads, invoices, tasks) with any third party.

5. Cookies and Tracking Technologies

Skylor uses cookies and similar technologies for the following purposes:

  • Essential Cookies: Required for the Platform to function (session management, CSRF protection, authentication).
  • Analytics Cookies: Help us understand usage patterns and improve the Platform.
  • Advertising Cookies: Used by Meta Pixel to track conversions from our advertising campaigns. You can opt out of interest-based advertising through your browser settings or by visiting the Meta privacy settings.

You can control cookies through your browser settings. Disabling essential cookies may affect the functionality of the Platform.

6. Your Rights

You have the following rights regarding your personal information:

  • Access: You may request a copy of the personal data we hold about you.
  • Correction: You may request that we correct inaccurate or incomplete personal data.
  • Deletion: You may request deletion of your personal data, subject to legal retention requirements.
  • Data Export: Workspace administrators can export their organization's data at any time through the Platform's built-in data export feature.
  • Opt-Out: You may unsubscribe from marketing communications at any time by following the unsubscribe link in our emails.

To exercise any of these rights, please contact us at hello@skylor.tech. We will respond to your request within 30 days.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. If you request account deletion, we will delete your personal data within 30 days, except where retention is required by law or for legitimate business purposes (such as resolving disputes or enforcing our agreements).

Business data within a workspace is retained as long as the workspace is active. Upon workspace deletion (either by the administrator or after subscription expiration), data is scheduled for permanent deletion after a 30-day grace period.

8. Children's Privacy

Skylor is a business platform and is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of significant changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of the Platform after such changes constitutes your acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

HubbleMind Labs Private Limited
Email: hello@skylor.tech
Website: www.hubblemind.com