Casally

Privacy Policy

Last updated: March 5, 2026

This Privacy Policy describes how Casally ("we", "our", or "us") collects, uses, and protects your information when you use the Casally application and related services.

1. Information We Collect

We collect the following types of information to provide and improve our services:

• Account Information — Email address, display name, and account preferences you provide during registration.
• Energy & Device Data — Solar production, battery status, grid usage, and device metrics collected from your connected Tesla Energy products and utility meters.
• Utility Billing Data — Historical bills, usage intervals, rate schedules, and meter information obtained through your authorized utility provider connection.
• Device Tokens — Push notification tokens for sending alerts to your mobile device.
• Usage Analytics — How you interact with the app to help us improve functionality.

We do not collect or store your credit card information, payment credentials, Tesla password, or utility provider password.

2. How We Use Your Information

Your information is used to:

• Operate and maintain your energy dashboard and device controls.
• Provide energy consumption insights, cost analysis, and optimization recommendations.
• Send push notifications for pricing alerts, usage alerts, and device status changes (based on your preferences).
• Sync your utility billing and interval data for historical analysis.
• Improve our services through aggregated, anonymized analytics.

3. Third-Party Integrations

Casally connects to third-party services to access your energy data. Each integration requires your explicit authorization:

• Tesla Fleet API — We use Tesla's official OAuth 2.0 flow to access your vehicles and energy devices. You authorize access directly through Tesla's website. We receive access tokens but never see your Tesla password. You can revoke access at any time from your Tesla account settings.
  Tesla's privacy policy: tesla.com/legal/privacy
• UtilityAPI — We use UtilityAPI to retrieve your utility meter data (bills, usage intervals). You authorize access through your utility provider's secure portal hosted by UtilityAPI. We never see your utility login credentials.
  UtilityAPI's privacy policy: utilityapi.com/privacy
• Firebase Authentication — Account authentication is handled by Google Firebase.
  Firebase privacy: firebase.google.com/support/privacy

4. Data Sharing

We do not sell your personal data to third parties. Your information may be shared only in these limited circumstances:

• Service providers — With trusted partners who help us operate our services (e.g., cloud hosting, push notification delivery), under strict contractual data protection obligations.
• Legal requirements — When required by law, regulation, or valid legal process.
• Safety — To prevent fraud or protect the safety of our users.

5. Data Security

We implement industry-standard security measures to protect your data:

• All data is transmitted over encrypted connections (HTTPS/TLS).
• OAuth tokens are stored securely and refreshed automatically.
• API access is authenticated via Firebase JWT tokens.
• Internal service endpoints are protected by API keys.

6. Data Retention & Deletion

Your personal data is retained for as long as your account is active. You may request deletion of your account and associated data at any time by contacting us. Upon deletion:

• Your account, device integrations, and personal data will be removed.
• Anonymized, aggregated data may be retained for service improvement.
• Third-party access tokens (Tesla, UtilityAPI) will be revoked.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Delete your personal data.
• Export your data in a portable format.
• Withdraw consent for data processing at any time.
• Object to processing based on legitimate interests.

These rights apply under GDPR (EU/EEA), CCPA/CPRA (California), and similar privacy regulations.

8. Notifications & Communication

Push notifications are sent based on your preferences and can be fully customized or disabled at any time in your account settings. We do not send marketing push notifications.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes through the app or by email. Continued use of the service after changes constitutes acceptance of the updated policy.

10. Contact Us