Last updated: July 19, 2026
This policy explains how SkyLight Chat and Halla handle personal data when businesses use our messaging, automation, and voice services. Depending on the activity, SkyLight Chat may act as a service provider or processor for a customer, while that customer remains responsible for deciding why and how its end-user data is processed. Separate contract or data-processing terms may also apply.
We may process business account and contact details, workspace settings, billing records, support requests, conversation content, channel identifiers, files submitted to a knowledge base, and technical logs needed to operate and secure the service. If a customer enables Halla, the service may also process call metadata, recordings, and transcripts according to that customer's configuration and instructions.
We process data to provide contracted services, connect approved communication channels, deliver messages and calls, operate AI-assisted workflows, maintain security, troubleshoot incidents, provide customer support, manage billing, and meet applicable legal obligations. Customers are responsible for obtaining any consent or other legal basis required for their campaigns, recordings, uploads, and end-user communications.
SkyLight Chat may use contracted hosting, communications, analytics, payment, and AI service providers where needed to deliver selected features. Hosting region and data-residency options can depend on the customer's plan, configuration, connected channels, and third-party providers. Customers with a specific residency or cross-border-transfer requirement should confirm the available configuration in their order form or data-processing agreement before sending regulated data.
Customers control the information and instructions they submit to automated workflows. AI output can be incomplete or incorrect and should be reviewed before use in sensitive decisions. Customers using call recording, outbound messaging, or marketing features must provide required notices, honor opt-outs, and follow applicable law and the policies of connected providers such as Meta and telecom operators.
We use administrative and technical safeguards intended to protect customer data, including access controls, encryption in transit, logging, backups, and separation of customer workspaces where supported by the service architecture. No internet service can guarantee absolute security. Customers should use strong authentication, limit user permissions, review access, and promptly report suspected incidents.
Retention depends on the type of data, customer configuration, contract terms, security needs, backup cycles, and legal record-keeping requirements. Customers can request account or data deletion through support. Some information may remain for a limited period in backups or where retention is required to resolve disputes, prevent abuse, or comply with law.
Subject to applicable law, individuals may request access, correction, deletion, or restriction of personal data, or object to certain processing. Because SkyLight Chat often processes end-user data on behalf of a business customer, we may direct a request to that customer for verification and response. We will support verified requests as required by the applicable agreement and law.
We may update this policy when our services, providers, or legal obligations change. Material changes will be communicated through an appropriate channel. For privacy questions or verified rights requests, email privacy@skylightchat.com or submit a support ticket from the customer dashboard.