Privacy Policy

Effective: [DATE] · Operated by [COMPANY / YOU] · Contact: [privacy@yourdomain.com]

⚠ Draft — plain-English and accurate to how Orb works today, but have a lawyer review before you publish.

Orb collects nothing it doesn't strictly need to work. No analytics, no trackers, no ads, no profiling. We make money one way — subscriptions — so you are never the product.

The only things we store

That's the whole list. We don't have your phone number, your contacts, your location, or a shadow profile of you.

Google / Apple sign-in = login only

When you use "Continue with Google" (or Apple), we ask for one thing: your email address. Google's own consent screen shows you exactly that. We never receive or store your Google/Gmail contents, contacts, Drive, calendar, or anything else — and we couldn't read them if we wanted to, because we don't request the access. Sign-in hands us a verified email and nothing more.

What we never do

Don't take our word for it — verify

Privacy you can check beats privacy we promise:

Security

Encrypted in transit (HTTPS/WSS) and at rest, with access controls on every room. Messages are not end-to-end encrypted — our servers process them to deliver, store, and search them (the same model as Slack). Don't send secrets you wouldn't put in a work chat.

Your choices

Export or delete your data, or delete your account entirely, at [privacy@yourdomain.com]. Deleting your account removes your email, name, and messages.

Children

Orb isn't for anyone under 13 (or 16 where required).

Changes

If this policy changes, we'll update this page and the effective date.

Terms of Service →