LeadSun Plus Privacy Policy

Last Updated: February 17, 2026

1. Introduction

LeadSun Plus ("App," "Service," "we," "us," or "our") is a mobile field data collection application designed for solar lighting installation and maintenance teams. This Privacy Policy explains how we collect, use, store, share, and protect information when you use our mobile application and related services.

By using LeadSun Plus, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this Policy, please do not use our Service.

2. Information We Collect

We collect several types of information to provide and improve our Service.

2.1 Information You Provide Directly

Account Information:

Email address (for authentication and account identification)
Full name
Password (stored as bcrypt hash, never in plain text)
User role (Owner/Manager, Field Member, or Customer)

Project Data:

Project names, descriptions, locations (address and GPS coordinates)
Project configuration preferences (default panel type, light type, installation date settings)
Archived status

Pole Data:

Pole names and identifiers, locations (precise GPS coordinates)
GPS accuracy measurements, Installation dates
Panel type selections, Light type selections
Pole status (active/soft-deleted), Notes

Maintenance Data:

Maintenance comments/notes, date and time
User email of who created the entry

Media Content:

Photographs of poles captured through the app camera
Photographs of maintenance activities
Photos selected from device photo library

2.2 Information Collected Automatically

Location Data:

Precise GPS coordinates when placing pole markers
Device location when using "Locate Me" feature and for navigation
GPS accuracy readings
Address text when using location search (sent to Google Places API)

Location data is collected ONLY when you actively use location-based features and have granted permission. We do NOT collect location data in the background.

Network Status: Checked locally for offline functionality. Not transmitted to servers.

Audit Logs: Entity type/ID, action performed, user ID/email, details, timestamp.

2.3 Information We Do NOT Collect

Background location data, Device identifiers
Contacts, Calendar, Microphone/audio
Browsing history, Data from other apps
Advertising identifiers (IDFA/GAID)

3. How We Use Your Information

3.1 Core Service Functionality

Create/manage accounts, authenticate users
Store/sync project and pole data across devices
Display poles on maps, enable navigation
Maintain maintenance records, enable team collaboration
Provide offline functionality with data sync
Send transactional emails (invitations, password resets)

3.2 Service Improvement

Analyze performance, fix bugs, improve UX

3.3 Security and Compliance

Prevent unauthorized access, maintain audit trails, enforce RBAC

4. How We Store Your Data

4.1 Cloud Storage

PostgreSQL database hosted on Neon's cloud infrastructure. Application hosted on Replit (Google Cloud Platform).

4.2 Photo Storage

Photos stored in cloud object storage (Replit Object Storage) or server file system.

4.3 Local Device Storage

AsyncStorage: Offline sync queue, preferences, cached data
Expo SecureStore: Authentication tokens (mobile)
File System Cache: Photos cached locally for offline viewing

4.4 Data Security Measures

HTTPS/TLS Encryption for all communication
Password Hashing with bcrypt
Role-Based Access Control (RBAC) - Owner/Manager, Field Member, Customer
Session-Based Authentication with 24-hour expiry
Invitation-Only Registration
Database encryption at rest (Neon)

5. How We Share Your Data

5.1 Within Your Organization

Data shared according to role-based permissions:

Owner/Manager: All projects, poles, maintenance, user management
Field Member: All projects, poles, maintenance; no user management
Customer: Assigned projects/poles only; maintenance hidden

5.2 Service Providers

Provider	Purpose	Data Shared
Neon	Database Hosting	All app data (encrypted)
Replit/GCP	Application Hosting	Application runtime
Google Maps	Map display & navigation	Location coordinates
Google Places API	Address autocomplete	Search text
Resend	Transactional Emails	Email addresses

We do NOT use analytics, error tracking, push notification services, or advertising networks.

5.3 Data Sharing Restrictions

We do NOT share data with advertisers, data brokers, or unrelated parties.

5.4 Legal Requirements

We may disclose your information if required by law.

5.5 Business Transfers

Data may transfer in the event of mergers or acquisitions.

6. Data Retention

Active accounts: Retained while account is active
Soft-deleted poles: Retained for restoration from Trash Bin
Audit logs: Retained for accountability
Account deletion: Personal information removed upon request

7. Your Rights and Choices

Access and export data (CSV format for Owner/Manager)
Update/correct account information in Settings
Delete account through in-app feature
Control device permissions (Location, Camera, Photo Library)
Opt out of non-essential communications

8. Offline Mode and Data Sync

Offline capabilities:

View cached data, create/edit poles, add maintenance, take photos

Not available offline:

Sync with server, access uncached data, upload photos

Sync: Automatic when connectivity returns, last-write-wins conflict resolution.

9. Children's Privacy

LeadSun Plus is not intended for children under 18. We do not knowingly collect information from children.

10. International Data Transfers

Data is stored in the United States (Neon, Replit). By using our Service, users consent to international data transfers.

11. Security

We implement multiple security measures including encryption in transit and at rest, password hashing, role-based access control, session management, invitation-only registration, and audit logging.

12. Changes to This Privacy Policy

When we update this Privacy Policy, we will post the updated date and notify users through the app or email.

13. California Privacy Rights (CCPA)

California residents have the Right to Know, Right to Delete, and Right to Non-Discrimination. We do not sell personal information.

14. European Union Rights (GDPR)

EU residents have the following rights: Right of Access, Rectification, Erasure, Restriction, Data Portability, Object, and Withdraw Consent.

Legal Basis: Contract performance, Legitimate interests, Legal obligations, Consent.

15. Contact Us

LeadSun Plus

Email: marat@leadsun.co.il

LeadSun, Lahav 46, Karmiel, Israel

16. Consent

By using LeadSun Plus, you acknowledge that you have read and understood this Privacy Policy.

Quick Reference: Data We Collect

Data Type	Purpose	Stored Where	Your Control
Email/Name/Password	Authentication	Cloud (encrypted)	Update in Settings
GPS Coordinates	Pole placement, navigation	Cloud & local cache	Permission control
Photos	Documentation	Cloud + local cache	Delete anytime
Project/Pole Data	Core functionality	Cloud & local cache	Edit/delete in app
Maintenance Records	History tracking	Cloud	Edit/delete in app
Audit Logs	Accountability	Cloud	View only
Address Search Text	Location autocomplete	Sent to Google	Not stored by us

Last Updated: February 17, 2026.