Orbit
Log inGet started free

Privacy Policy

Last updated: June 5, 2026

This Privacy Policy explains how Orbit ("Orbit", "we", "us", or "our") collects, uses, shares, and protects information when you use the Orbit personal CRM at inorbit.one and app.inorbit.one (the "Service").

Orbit is a personal CRM that helps one person keep their relationships warm. We take privacy seriously: we do not sell your personal information, and we access connected accounts only to provide the features you ask for.

1. Information we collect

We collect the following categories of information:

Account information

When you create an account, we collect your name, email address, and a password (stored only as a secure hash). If you sign in with Google, we receive your basic profile and email from Google.

Relationship data you add

Contacts, notes, tasks, deals, calendar events, journal entries, files, and any other content you create or import into Orbit. You control this data and may export or delete it at any time.

Data from accounts you connect

  • Gmail: with your permission, message metadata and content needed to show your conversation history on a contact and to send or schedule email on your behalf.
  • Google Calendar: events, so Orbit can show your schedule and two-way sync events you create in Orbit.
  • LinkedIn (via the Orbit Chrome extension): only the profile details you choose to save (name, title, photo) when you click to save a contact. The extension reads a profile page only when you trigger it.

Payment information

Orbit is free today. If we introduce paid plans, payments will be processed by a third-party payment provider, and we will not store full card numbers on our servers.

Usage and device data

Basic, privacy-respecting information such as log data, device and browser type, and product events used to operate, secure, and improve the Service.

2. How we use information

  • Provide, maintain, and operate the Service and its features.
  • Sync your email, calendar, and saved contacts so your relationships stay current.
  • Send email and reminders on your behalf when you ask us to.
  • Secure the Service, prevent abuse, and troubleshoot problems.
  • Communicate with you about your account, security, and important changes.
  • Comply with legal obligations.

3. Google user data and Limited Use

Orbit connects to Google services (Gmail and Google Calendar) through Google APIs, and only with your explicit consent granted during the Google sign-in and connection flow.

Orbit's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use Google user data to provide and improve user-facing features that are visible and prominent in Orbit (showing your email and calendar history on contacts, sending and scheduling email you compose, and syncing events).
  • We do not transfer or sell Google user data to third parties for advertising, marketing, or other purposes.
  • We do not use Google user data to train generalized or third-party artificial intelligence or machine learning models.
  • Humans do not read your Google user data unless you give explicit consent for specific messages, it is necessary for security purposes (such as investigating abuse), to comply with applicable law, or the data is aggregated and anonymized for internal operations.
  • You can revoke Orbit's access to your Google account at any time in your Google Account permissions or by disconnecting the integration in Orbit settings.

4. How we share information

We do not sell your personal information. We share information only in these limited cases:

  • Service providers who help us run Orbit, including our database and hosting providers (such as Supabase and Vercel), email delivery, and, where you use them, calling and media features. They process data only on our instructions.
  • Google and other accounts you connect, to the extent needed to deliver the feature you requested (for example, sending an email from your Gmail).
  • Legal and safety reasons, when required by law or to protect the rights, safety, and security of users or the public.
  • Business transfers, if Orbit is involved in a merger, acquisition, or sale of assets, in which case we will notify you and honor this Policy.
  • With your consent, for anything else.

5. Data retention

We keep your information for as long as your account is active or as needed to provide the Service. When you delete content or your account, we delete the associated personal data within a reasonable period, except where we must retain it to comply with legal obligations, resolve disputes, or enforce our agreements.

6. Security

We use industry-standard safeguards, including encryption in transit, scoped access to connected accounts, row-level access controls, and least-privilege practices. No method of transmission or storage is completely secure, so we cannot guarantee absolute security, but we work hard to protect your data.

7. Your rights and choices

Depending on where you live, you may have rights to access, correct, export, or delete your personal data, and to object to or restrict certain processing. Orbit gives you direct control:

  • Access and edit your data at any time inside the app.
  • Export your data from the app.
  • Delete individual records or your entire account, which removes your associated personal data.
  • Disconnect Gmail, Calendar, or the LinkedIn extension at any time.

US state privacy rights (including California)

We do not sell or share personal information as those terms are defined under US state privacy laws, and we do not use sensitive information for purposes beyond providing the Service. You may exercise applicable rights by contacting us.

EEA and UK rights (GDPR)

If you are in the EEA or UK, our legal bases for processing are performing our contract with you, your consent (for connected accounts), our legitimate interests in operating and securing the Service, and compliance with law. You may also lodge a complaint with your local supervisory authority.

8. Cookies and similar technologies

We use essential cookies and local storage to keep you signed in and to operate the Service. We use minimal, privacy-respecting analytics to understand product usage. We do not use third-party advertising cookies.

9. International data transfers

Orbit is operated from the United States and may process data in other countries where our service providers operate. Where required, we rely on appropriate safeguards for international transfers.

10. Children

Orbit is not intended for anyone under 16, and we do not knowingly collect personal information from children. If you believe a child has provided us information, please contact us and we will delete it.

11. Changes to this Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the date above and, where appropriate, notify you. Your continued use of the Service after changes take effect means you accept the updated Policy.

12. Contact us

If you have questions about this Policy or your data, contact us at privacy@inorbit.one.