Privacy Policy

1. Overview

This Privacy Policy explains how Orbits collects, uses, and stores information when you use the product, visit the website, import client materials, generate AI-assisted artifacts, connect integrations, or interact with shared reports, snapshots, and public links. We aim to collect the minimum information needed to operate the service and improve it responsibly.

Orbits is operated from Ontario, Canada. We comply with applicable Canadian privacy laws, including PIPEDA.

2. Information We Collect

Depending on how you use Orbits, we may collect account information such as your name, email address, and authentication identifiers, along with product usage data, connected integration metadata, workspace and project settings, report and artifact metadata, monitor configuration, alert destinations, billing state, credit usage, and service-generated analytics or logs.

You may upload, paste, import, or generate client-related materials such as screenshots, CSV files, spreadsheets, PDFs, images, notes, briefs, dashboard exports, campaign performance data, reports, summaries, proposals, site previews, and shared links. These materials may include personal information, client business information, customer data, or other confidential information depending on what you choose to provide.

If you connect third-party tools such as Slack, Stripe, GitHub, analytics tools, advertising platforms, webhook sources, or uptime sources, Orbits may receive the data necessary to provide the connected feature, such as release activity, workflow results, monitor checks, billing events, imported metrics, notification routing details, or integration status.

3. How We Use Information

We use collected information to operate Orbits, authenticate users, create and manage accounts, import and parse files, generate and render artifacts, reports, summaries, dashboards, previews, and briefs, preserve project context, send alerts or reports, improve product reliability, prevent abuse, diagnose incidents, enforce plan limits, support billing and subscription management, and respond to support requests.

Orbits may process your content with AI systems and other automated tools to parse uploads, extract structured data, generate summaries, draft reports, create recommendations, and power related product features. AI-generated outputs may be based on the content you provide, connected integrations, saved project context, and your selected settings.

If you upload or connect information about your clients, their customers, or other third parties, you are responsible for ensuring you have the rights, permissions, and notices needed to provide that information to Orbits and use it with the service.

4. Shared Reports, Snapshots, and Public Links

Orbits may allow account holders to create shareable reports, snapshots, client portals, previews, or public links. Depending on the settings selected by the account holder, these links may be accessible to anyone with the link until they expire, are revoked, or are otherwise restricted. Shared content may include client materials, generated artifacts, charts, tables, images, summaries, business information, or integration-derived information selected by the account holder.

We may track limited usage data for shared links, such as view counts, opened state, revoked state, and related technical logs, in order to operate and secure the feature.

5. Cookies, Local Storage, and Session Data

Orbits may use cookies, browser storage, and authentication/session tokens to keep you signed in, preserve anonymous work before sign-in, remember account context, and support product functionality. We may also use analytics, support, security, region detection, and abuse-prevention tools to understand product usage, improve the experience, and protect the service.

6. Third-Party Services

Orbits relies on third-party infrastructure and service providers, including hosting, database storage, file storage, authentication, payments, AI model providers, analytics, email delivery, support tools, security services, and connected integrations. Those providers may process information on our behalf or provide data to Orbits when you enable an integration. Their services remain governed by their own terms and privacy policies.

Information may be processed or stored outside your province, state, or country, including in the United States or other jurisdictions where Orbits or its service providers operate. Information processed in another jurisdiction may be accessible to courts, law enforcement, regulators, or national security authorities in that jurisdiction.

7. Data Retention

We retain data for as long as needed to operate the service, comply with legal obligations, resolve disputes, enforce agreements, and support product functionality. If you delete content, disconnect integrations, revoke links, or close an account, some data may remain in backups, logs, audit records, billing records, or security systems for a limited period where needed for legal, security, fraud-prevention, accounting, or operational reasons. Some operational event data may be retained in aggregated or de-identified form for analytics and system performance even after raw records expire.

8. Image Tool Uploads

If you use upload-based image tools, Orbits may process uploaded images and generated visual outputs temporarily to provide the requested result, perform abuse prevention, enforce upload rules, and make the result available through a temporary link. The product may show a specific deletion window for those uploads and outputs.

We do not use upload-based image tool inputs to create a permanent user gallery unless that feature is explicitly offered and selected. We may retain limited technical logs, moderation results, rate-limit events, or abuse-prevention metadata where needed to operate and protect the service.

9. Security

We use reasonable technical and organizational measures to protect information processed by Orbits. However, no system is perfectly secure, and we cannot guarantee absolute security of transmitted or stored data.

10. Your Choices

You may choose whether to connect third-party services, create public snapshots, or use paid features. You may also request account-related assistance by contacting us. Some product data can be removed or disconnected from within the product, while other requests may require manual support.

Depending on where you live, you may have rights to access, correct, export, delete, or object to certain processing of your personal information. You can contact us to make a privacy request. We may need to verify your identity and may retain certain records where required or permitted by law.

11. Children

Orbits is not intended for children. We do not knowingly collect personal information from children under 13, or under the age required by applicable law. If you believe a child has provided personal information to Orbits, contact us so we can take appropriate steps.

12. Changes to This Policy

We may update this Privacy Policy as Orbits evolves. If we make material changes, we may update the date above and, where appropriate, provide additional notice in the product or by email.

13. Contact

Questions about this Privacy Policy can be sent to hello@heyorbits.com.