The whole data path
You connect a Starlink account by giving us read-only service-provider API credentials. Once a day we call the Starlink API with those credentials and read usage totals, then apply them to your pools. That is the entire path. There is no agent on your network, nothing installed at your sites, and no route by which we could observe the traffic itself.
From each daily poll we keep the usage totals needed to render your dashboard:
- account, service line, and terminal identifiers;
- data volume per service line per day;
- pool state — what's included, what's used, and your quota thresholds.
- the contents of your traffic — not sites, not destinations, not payloads;
- terminal GPS on any customer-facing screen;
- anything write-shaped — we cannot change a plan, suspend a terminal, or order.
Your Starlink credentials
To poll usage we hold the Starlink service-provider API credentials you give us. They are used for one thing — reading usage for the account you connected — and are never shown back to you or to anyone else after you save them.
You can disconnect an account at any time, which stops the polling and removes the stored credentials. If you rotate the credentials in your Starlink account, ours stop working immediately.
Credential encryption at rest — being implemented before launch
How long we keep it
Scheduled polling
Unlike an upload-based tool, this one does reach out on a schedule: once a day, we call the Starlink API with the credentials you provided and read usage for the accounts you connected. That is the only automated data path, it only ever reads, and it only covers accounts you explicitly connected.
Disconnect an account and the polling stops for it immediately.
No machine-learning training
We do not train machine-learning models on your data — not now, not later, and not for "improving service quality." We may compute aggregate, non-identifying platform statistics for capacity planning, but never your per-account content.
Who processes your data
We do not sell or share your data, and there are no advertising or data-enrichment partners. Your data is processed and stored in hosting region / data-residency — to confirm.
Analytics & tracking
Our product analytics is first-party and metadata-only — it is off by default and, when enabled, records only page paths and event names (never form contents or usage data) and honours your browser's "Do Not Track" setting. We self-host our fonts, so visiting a page doesn't leak your visit to a font provider.
Security
Everything is served over HTTPS/TLS. Passwords are hashed server-side with BCrypt. We apply a strict Content-Security-Policy, HSTS, and anti-framing and anti-sniffing headers, and bot protection on sign-up. Your browser never holds an API credential — privileged calls are made server-side.
Questions
For the full picture, see our Privacy Policy or contact us at privacy contact email — to confirm.
This is a plain-language description provided for transparency and is not legal advice.