General Information

Websites use OrbitsApp service to improve engagement on their website. When they integrate our services, these sites share information with OrbitsApp.

This Privacy Policy is meant to help you understand what information we collect, why we collect it, and how you can update, manage, export, and delete your information.

Information we gather and hold

OrbitsApp stores data on 2 kinds of parties:
  • Our customers (ie. the operators using the OrbitsApp services)
  • Our customers end-users (ie. the users of our customers)
  • We do not share, or resell, any kind of user data (whether data described in point 1 or 2 above). The data is not used for advertising (both 1 and 2) or analytics (on 2). Our business model is solely based on paid subscriptions (ie. the user is not the product).

    Information held on our users

    OrbitsApp collects account information for each user (we refer to them as customers in this article), including:
  • User name and email
  • User payment details (the credit card number is stored by Stripe)

  • We don't log user activity, except for system logs including IP, user agents and time of connection. They are solely used for debugging and lawful purpose and retained maximum 1 year.

    Information held on our users' end-users

    Information held on our users' end-users include:
  • End-user email address (if provided by end-user, thus involving a consent)
  • End-user activity date and time

  • The information held on our customers' end-users is solely the responsibility of our users (ie. the individual websites using OrbitsApp). It is the responsibility of our customers to manage the data they hold in their personal OrbitsApp accounts. It is our responsibility to secure access to this data (ie. only website operators can access it and have a right to rectification).

    Individuals’ rights

    OrbitsApp customers rights regarding to GDPR are considered and enforced, including:
    • Right to be informed: we clearly inform our users about the use that will be made of their data
    • Right of access: our users can access all their data, without restriction, from the OrbitsApp apps
    • Right of rectification: it's as simple as contacting us, we'll process all your rectification queries
    • Right of erasure: it's as simple as contacting us, we'll process all your erasure queries
    • Right to restrict processing: we don't process the data of our customers (and our customers end-users)
    • Right to data portability: our users may contact us anytime if they wish to get an export of their data (this may take time, however, as the data is fragmented amongst multiple isolated data-stores)
    • Right to object: we handle all requests on this matter from our users and users' end-users (contact us)
    • Right not to be subject to automated decision-making including profiling: we don't do that (and never will)

    OrbitsApp replies to all access requests (positively or negatively) under 1 month.


    • A cookie is a small amount of data, which often includes an anonymous unique identifier, that is sent to your browser from a web site’s computers and stored on your computer’s hard drive.
    • Cookies are required to use the OrbitsApp services.
    • Cookies have a default expiration time of 6 months, which is renewed if and when the user comes back to the website and loads OrbitsApp widget.
    • The user IP address is not permanently stored in the server-side and is not bound to the cookie.

    Processing personal data

    OrbitsApp stores user data involving a consent (ie. a conversation both parties entered by will, and exchanged eg. emails).

    It is the OrbitsApp customers responsibility to ensure user data is lawfully collected if they use OrbitsApp email subscription widget. For instance, if the emails that get collected from the OrbitsApp widget gets re-used for marketing campaign purposes either on OrbitsApp or an external system, the OrbitsApp customer has to ask for user consent upon collecting this email.

    Data Processors

    OrbitsApp uses third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to run OrbitsApp services. Although OrbitsApp owns the code, databases, and all rights to the OrbitsApp application, you retain all rights to your data.

    OrbitsApp data processor providers GDPR compliancy:


    OrbitsApp may periodically update this policy. We will notify you about significant changes in the way we treat personal information by sending a notice to the primary email address specified in your OrbitsApp account or by placing a prominent notice on our site. Such notice will be given at least 3 days in advance of the date the new policy will be applied.


    Any questions about this Privacy Policy should be addressed to