Privacy Policy

Last updated: May 26, 2026

1. Overview

EApps Development LLC ("we," "us," "PowerPilot") is committed to protecting your privacy. This Policy explains what information we collect, how we use it, and your rights regarding it.

PowerPilot is a small, independently operated service. We collect only what is necessary to operate the Service and do not sell your data.

2. Information We Collect

Account Information

  • Email address (used for login and communications)
  • Password (hashed, never stored in plain text — managed by Supabase Auth)

Tesla Connection Data

  • Tesla OAuth access and refresh tokens (encrypted with AES-256-GCM before storage)
  • Your energy site ID and site name
  • Live energy data fetched when evaluating automations (battery %, power flows) — this data is used in real-time and not permanently stored

Automation Data

  • Automation rules you create (trigger type, action type, configuration)
  • Automation run history (when a rule fired, its result, any error messages) — retained for 90 days

Billing Information

  • Stripe customer ID and subscription status
  • We do not store credit card numbers or payment details — all payment processing is handled by Stripe, Inc.

Usage Data

  • Server logs (IP address, request timestamps) — retained for 30 days for security and debugging
  • We do not use analytics trackers, cookies for advertising, or third-party marketing tools

3. How We Use Your Information

We use your information solely to:

  • Authenticate you and secure your account
  • Connect to your Tesla Powerwall and execute your automations
  • Display your automation history and dashboard data
  • Process subscription payments via Stripe
  • Send transactional emails (account confirmation, payment receipts, service notices)
  • Troubleshoot errors and maintain service reliability

We do not use your data for advertising, profiling, or any purpose other than operating the Service.

4. Tesla Data

PowerPilot accesses your Tesla account using Tesla's official Fleet API under your explicit authorization. We access only the energy site data necessary to evaluate and execute your automations.

We do not access your Tesla vehicle beyond what is required for automations you configure. We do not access vehicle location data.

Your Tesla tokens are encrypted at rest using AES-256-GCM with a key stored separately from the database. Tokens are only decrypted server-side during automation execution.

5. Data Sharing

We share your data only with the following service providers, strictly to operate the Service:

  • Supabase — database and authentication hosting (US servers)
  • Stripe, Inc. — payment processing
  • Tesla, Inc. — via the Fleet API, to execute commands on your Powerwall
  • Vercel — web hosting

We do not sell, rent, or share your personal data with any third parties for marketing or advertising purposes.

We may disclose data if required by law, court order, or to protect our legal rights.

6. Data Retention

  • Account data: Retained until you delete your account
  • Tesla tokens: Retained while your Tesla connection is active; deleted when you disconnect
  • Automation history: Automatically deleted after 90 days
  • Server logs: Retained for 30 days

7. Your Rights

You have the right to:

  • Access: Request a copy of the data we hold about you
  • Correction: Update inaccurate information through your account settings
  • Deletion: Request deletion of your account and all associated data
  • Portability: Request your automation data in a machine-readable format
  • Revoke Tesla access: Disconnect your Tesla account at any time in Settings

To exercise any of these rights, email us at support@powerpilot.app. We will respond within 30 days.

8. Security

We implement industry-standard security practices including:

  • HTTPS encryption for all data in transit
  • AES-256-GCM encryption for Tesla tokens at rest
  • Row-level security on all database tables
  • Hashed passwords via Supabase Auth (bcrypt)

No system is 100% secure. If you discover a security vulnerability, please contact us at support@powerpilot.app.

9. Children's Privacy

The Service is not directed to children under 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us personal information, we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy. We will notify you of material changes by email or in-app notice. Continued use of the Service after changes constitutes acceptance.

11. Contact

Questions about this Privacy Policy? Contact us:
EApps Development LLC
Tinley Park, Illinois
support@powerpilot.app