Privacy is designed into the product surface, not buried after signup.

Li9ht collects account data needed to identify a workspace, authenticate a session, and deliver product support. That usually means email address, profile attributes, session metadata, billing records, and service-specific configuration entered by the customer.

Product telemetry is collected to operate the platform, investigate failures, measure abuse, and improve reliability. We aim to keep telemetry proportional to the product surface in use and not turn every customer action into a marketing data feed.

We use customer data to authenticate accounts, provide product features, protect the platform, route support, and fulfill contractual obligations. We also use limited service telemetry to debug incidents, understand system performance, and enforce abuse controls.

Li9ht should not require customers to trade away trust for basic product functionality. When a workflow exists only for marketing, it should stay optional. When it exists for product integrity or support delivery, it should be explained clearly and scoped tightly.

Li9ht uses service providers for infrastructure, payment processing, customer support operations, analytics, and security tooling. Those providers should only receive the data needed to perform their role.

We may disclose information when required by law, to respond to valid legal process, or to protect Li9ht, our customers, or the public from fraud, abuse, or direct harm.

We retain data for as long as it is needed to operate the service, satisfy legal obligations, resolve disputes, and enforce agreements. Different records have different retention windows because product telemetry, security events, and billing data do not all serve the same purpose.

Where deletion or export workflows are available, we expect them to be handled through authenticated support or customer-success channels with appropriate verification.