Privacy Policy

Plain English Summary

  • We are non-vampiric by design: no ads, no trackers for targeting, no data sales.
  • The app is local-first. Your People, Moments and Events live on your device unless you choose to sync, export or share.
  • The website collects only what is needed to run (basic logs), handle invites/RSVPs, waitlist and feedback, and keep things secure.
  • You can export (Markdown, vCard/CSV, ICS) and delete your data at any time.
  • We honour privacy laws where you live (Australia APPs, EU/UK GDPR, and USA CPRA baseline).

1. Scope

This Policy covers:

  • The Orbit app (iOS/iPadOS; TestFlight builds included)
  • The website at orbit.social and invite/RSVP pages
  • Support channels (email, contact and feedback forms)

It does not cover third-party services you choose to use (e.g., iCloud Files, email or calendar apps).

2. What We Collect & Why

A. In the app (local-first by default)

By default, your data remains on your device:

  • People you add (names, relationship roles, tags, ring placement)
  • Moments (notes, lists, checkboxes, tags, mentions)
  • Events you create (title, time, place, notes) and any attendees you add

B. RSVP via link

When someone follows your invite link to RSVP:

  • They may provide: name (optional), RSVP choice (Going/Maybe/Can't), optional note
  • We may log: event token, time, IP address and user-agent for fraud/abuse prevention

C. Website & forms

  • Server logs: IP address, user-agent and requested path for security and debugging
  • Waitlist/TestFlight: email and optional note to send you an invite
  • Contact/Feedback: the details you submit and our reply
  • No third-party ad trackers

D. Website Analytics (Privacy-First)

We use self-hosted analytics to understand how visitors use our website. This helps us improve the site while respecting your privacy.

What we collect:

  • Pages visited and time spent (to understand which content is helpful)
  • Referral source (how you found us, e.g., "google.com" or "twitter.com")
  • Browser and device type (e.g., "Chrome on macOS" or "Safari on iPhone" — for responsive design)
  • Country (approximate location from server headers, e.g., "United States" — for understanding our reach)

What we DON'T collect:

  • No IP addresses stored (we never log or store your IP address)
  • No personal information (no names, emails, or user accounts tracked)
  • No cookies (we use sessionStorage which is cleared when you close your browser)
  • No cross-site tracking (no fingerprinting or tracking across other websites)
  • No third-party services (all data stays on our servers, never shared with Google, Facebook, or anyone else)

Your control:

  • Do Not Track: Enable "Do Not Track" in your browser to opt out completely
  • Automatic expiry: Session IDs are temporary hashes that change every 24 hours
  • GDPR compliant: No consent banner needed (legitimate interest, no PII collected)
  • Data retention: Analytics data is aggregated after 90 days and deleted after 1 year

Our analytics system is inspired by Umami, an open-source, privacy-focused alternative to Google Analytics. The tracking script is under 2KB and has minimal performance impact.

3. Cookies & Similar Tech

  • Essential only on orbit.social (e.g., CSRF token, load balancer session)
  • Analytics: We use sessionStorage (not cookies) for privacy-preserving analytics. Data is cleared when you close your browser.
  • No advertising cookies. No cross-site tracking pixels.

4. Data You Choose to Share

Orbit lets you export or share data (e.g., share an invite link, export Markdown/vCard/ICS). When you do, copies may be stored by the recipients or their providers. That is under their control.

5. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your data
  • Export your data
  • Object to processing
  • Withdraw consent at any time

6. Contact Us

For privacy questions or to exercise your rights, contact us at:

hello@orbit.social

Last updated: October 2025