Skip to main content
FloodlightFloodlight
Legal

Privacy Policy

Last updated: December 22, 2025

1. Introduction

Welcome to Floodlight. We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

Floodlight provides satellite-based climate intelligence and emissions monitoring services. We process data to help organizations understand their environmental impact and climate risks.

2. Information We Collect

2.1 Information You Provide

We collect information that you provide directly to us, including:

  • Contact Information: Name, email address, phone number, and company details when you fill out forms or contact us
  • Account Information: Username, password, and profile information if you create an account
  • Communication Data: Messages, feedback, and correspondence you send to us
  • Business Information: Company name, industry, role, and other professional details

2.2 Information Collected Automatically

When you access our website, we automatically collect certain information, including:

  • Usage Data: Pages visited, time spent, links clicked, and navigation patterns
  • Device Information: IP address, browser type, operating system, and device identifiers
  • Location Data: General geographic location based on IP address
  • Cookies and Tracking Technologies: See our Cookie Policy for details

2.3 Information from Third Parties

We may receive information about you from:

  • Analytics providers (Google Analytics, HubSpot)
  • Social media platforms
  • Business partners and affiliates
  • Public databases and satellite data sources

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Service Delivery: To provide, maintain, and improve our climate intelligence services
  • Communication: To respond to inquiries, send updates, and provide customer support
  • Marketing: To send promotional materials, newsletters, and relevant content (with your consent)
  • Analytics: To understand how users interact with our platform and improve user experience
  • Security: To detect, prevent, and address fraud, security issues, and technical problems
  • Legal Compliance: To comply with legal obligations and protect our rights
  • Research: To develop new products, features, and climate intelligence methodologies

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process personal data based on:

  • Consent: You have given explicit consent for specific processing activities
  • Contract: Processing is necessary to fulfill our contractual obligations to you
  • Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving our services
  • Legal Obligation: Processing is required to comply with legal requirements

5. Data Sharing and Disclosure

5.1 We Share Your Information With:

  • Service Providers: Cloud hosting (Google Cloud Platform), analytics (Google Analytics), CRM (HubSpot), and other vendors who help us operate our business
  • Business Partners: Organizations we collaborate with to provide services
  • Professional Advisors: Lawyers, accountants, and consultants
  • Regulatory Authorities: When required by law or to protect our rights

5.2 We Do Not:

  • Sell your personal data to third parties
  • Share your data for third-party marketing without your consent
  • Transfer data to countries without adequate protection mechanisms

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required by law. Specific retention periods include:

  • Account Data: Retained until account deletion or 3 years of inactivity
  • Contact Form Submissions: Retained for 7 years for business purposes
  • Analytics Data: Anonymized after 14 months
  • Marketing Consents: Retained until consent is withdrawn

7. Your Rights and Choices

7.1 GDPR Rights (EEA Residents)

If you are located in the EEA, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data (right to be forgotten)
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time

7.2 All Users

  • Opt-out of Marketing: Unsubscribe from promotional emails via the link in each message
  • Cookie Preferences: Manage cookies through our cookie banner or browser settings
  • Do Not Track: We honor Do Not Track signals where technically feasible

8. Security Measures

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption in transit (TLS/SSL) and at rest
  • Access controls and authentication mechanisms
  • Regular security assessments and penetration testing
  • Employee training on data protection
  • Secure cloud infrastructure (Google Cloud Platform)
  • Incident response procedures

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

9. International Data Transfers

Your information may be transferred to and processed in countries outside your country of residence, including the United States and other countries where our service providers operate. We ensure that such transfers comply with applicable data protection laws through:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by regulatory authorities
  • Data Processing Agreements with third-party processors

10. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected information from a child, please contact us immediately so we can delete it.

11. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. Continued use of our services after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

For users in the EEA, you also have the right to lodge a complaint with your local data protection authority.

14. Data Processing Agreement

If you are a business customer, please review our Data Processing Agreement for details on how we process data on your behalf in compliance with GDPR Article 28.

Back to Home