HH Solar Manager
Documentation

Privacy Policy

Last updated: 08 May 2026

This policy explains how HH Solar Manager handles personal, energy, and device-related data when you use our website and Android app.

1. Who we are

HH Solar Manager ("we", "us", "our") provides a solar monitoring and battery charging optimization service. This privacy policy applies to our web app and Android app, including the mobile API at /api/*.

2. Data we collect

  • Account data: email address, password hash, user ID, display name, plan, and account activity timestamps.
  • Profile data: address fields, city, postcode, and timezone.
  • Integration data: Home Assistant URL and token, selected sensor/entity names, and Octopus tariff details.
  • Solar and charging data: battery state of charge, solar input, household load, rate data, and charging override status/history.
  • Billing data: Stripe customer/subscription IDs and plan status. Card numbers are processed by Stripe and are not stored by us.
  • Technical/session data: authentication cookies for the website, JWT tokens for Android API access, and standard server request metadata.

3. Why we use your data

  • To create and manage your account and authenticate sign-in.
  • To connect to your Home Assistant/Octopus integrations and display solar insights.
  • To provide charging recommendations and optional manual charging overrides.
  • To deliver paid subscription features and manage billing state.
  • To provide support, security monitoring, and service reliability.

4. Data sharing

We do not sell personal data. We only share data with providers needed to run the service:

  • Stripe for subscription and payment processing.
  • Home Assistant when we query your configured entities on your behalf.
  • Octopus Energy APIs when tariff/rate retrieval is configured.
  • Email provider (SMTP) when transactional email is enabled.
  • Infrastructure/reverse proxy providers that process normal web traffic metadata.

5. Cookies and local storage

We use cookies required for website authentication and security, and local storage for cookie-consent state. If you disable essential cookies, parts of the website may not function correctly.

6. Data retention

  • Account and usage data are retained while your account is active.
  • Free-tier accounts inactive for 90 days may be deleted automatically with associated settings and solar history.
  • Billing records may be retained longer where required for accounting, fraud prevention, or legal compliance.

7. Security

We use access controls and authentication protections to help secure data. You are responsible for protecting your account credentials and any Home Assistant or API tokens connected to your account.

8. Android app specific notes

  • The Android app authenticates using JWT bearer tokens issued by our API.
  • We do not intentionally collect precise location, contacts, photos, microphone audio, or SMS/call logs.
  • The app reads your account, profile, settings, and solar telemetry through authenticated API calls.

9. Your choices and rights

  • You can update profile and settings information from the web app.
  • You can cancel your subscription from billing settings.
  • You can request account deletion and data access/correction by contacting us.

10. Contact us

For privacy questions or requests, please contact us. You can also review our Android data safety summary in docs/google-play-data-safety-listing.md.

Home Terms Contact Sitemap
An unhandled error has occurred. Reload 🗙

Rejoining the server...

Rejoin failed... trying again in seconds.

Failed to rejoin.
Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session.
Please retry or reload the page.