Privacy Policy
Effective Date: March 7, 2026
1. Introduction
Orbit Endeavors LLC ("Orbit," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you use the Orbit mobile application, website, and related services (collectively, the "Services").
This Privacy Policy is incorporated into and subject to our Terms of Service. By creating an account or using the Services, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with this Privacy Policy, please do not use the Services.
We encourage you to read this Privacy Policy in its entirety. If you have any questions, you may contact us at legal@orbitstayclose.com.
2. Information We Collect
We collect information in three ways: information you provide directly, information collected automatically when you use the Services, and information obtained from third-party sources.
2.1 Information You Provide Directly
- Account Information. When you create an account, we collect your name, email address, phone number, date of birth, profile photo (if you choose to upload one), and account credentials.
- Profile and Relationship Data. When you use the Services, you may provide information about your contacts and relationships, including the names, phone numbers, and email addresses of people you add to your Orbit, your preferred call schedule and frequency for each contact, nicknames or labels you assign to contacts, and relationship categories or groupings you create.
- Contact List Data. If you grant the Services permission to access your device's address book, we will collect the names and phone numbers from your contact list to help you identify existing Orbit users and facilitate connections. This access is entirely voluntary and requires your affirmative permission through your device's operating system. See Section 5 for details on how we handle contact list data.
- Communications. When you contact us for customer support or provide feedback, we collect the content of those communications, including your name, email address, and any information you choose to provide.
- Payment Information. If you purchase a Premium Subscription, payment is processed through the Apple App Store. We do not directly collect or store your credit card number, bank account information, or other financial payment credentials. Apple provides us with a transaction identifier and subscription status information.
2.2 Information Collected Automatically
- Device Information. We collect information about the device you use to access the Services, including device model, operating system and version, unique device identifiers, mobile network information (such as carrier and connection type, collected via the Amplitude SDK), and device language and time zone settings. Some device information, including country and region derived from your IP address, is collected automatically through integrated third-party analytics SDKs (Amplitude and Firebase) as described in Section 2.3.
- Usage Information. We collect information about how you interact with the Services, including features you use, pages and screens you visit, actions you take (such as scheduling or completing a call), frequency and duration of your use, and the date and time of your interactions.
- Call Metadata. When you use the video calling features of the Services, we collect metadata about your calls, including the date, time, and duration of each call, the participants in each call, and call connection status (e.g., completed, missed, failed). We do not record, store, or access the audio or video content of your calls.
- Log Data. Our servers automatically record certain information when you access the Services, including your IP address, browser type, referring/exit pages, crash reports and error logs, and API request logs.
- Push Notification Tokens. If you enable push notifications, we collect the device token necessary to deliver notifications to your device.
2.3 Information from Third-Party Sources
- Apple App Store. We receive subscription status and transaction information from Apple related to your Premium Subscription purchases.
- Agora (Video Calling Provider). Our third-party video calling infrastructure provider, Agora, Inc., may collect technical data necessary to facilitate video calls, including IP addresses, network quality metrics, device capabilities, and call quality statistics. Agora processes this data under its own privacy policy, available at https://www.agora.io/en/privacy-policy/. We receive aggregated call quality metrics from Agora but do not receive the content of your calls.
- Amplitude (Analytics). We use Amplitude, Inc. as our product analytics provider. The Amplitude SDK integrated into the Services automatically collects session activity (start, end, duration), app lifecycle events (installs, opens, updates, foreground/background), screen views and navigation patterns, network and connectivity information (carrier, connection type, WiFi vs. cellular), and user interaction patterns including frustration signals (such as repeated taps on unresponsive elements). Amplitude processes this data under its own privacy policy, available at amplitude.com/privacy.
- Google Firebase (Analytics and Infrastructure). We use Google Firebase for analytics and app infrastructure services. Firebase automatically collects device model, operating system version, app version, country and region derived from IP address, language settings, Firebase Installation IDs, and automatic events such as first app open and session start. Google processes Firebase data under its privacy policy, available at policies.google.com/privacy.
- Authentication Providers. If you choose to sign in using a third-party authentication service (such as Sign in with Apple), we receive limited profile information from that provider as authorized by you during the sign-in process, typically your name and email address.
3. How We Use Your Information
We use the information we collect for the following purposes:
3.1 Providing and Operating the Services
- Creating and maintaining your account;
- Scheduling, facilitating, and managing video calls between you and your contacts;
- Displaying your relationship interface and contact organization features;
- Delivering push notifications, call reminders, and scheduling prompts;
- Processing Premium Subscription transactions and managing your subscription status;
- Providing customer support and responding to your inquiries.
3.2 Improving and Developing the Services
- Analyzing usage patterns and trends to understand how users interact with the Services;
- Identifying and resolving bugs, errors, and performance issues;
- Developing new features, products, and services;
- Conducting research and analytics to improve user experience.
3.3 Safety and Security
- Detecting, investigating, and preventing fraud, abuse, and other harmful or unauthorized activities;
- Enforcing our Terms of Service and other policies;
- Protecting the rights, property, and safety of Orbit, our users, and others;
- Complying with legal obligations, including responding to lawful requests from law enforcement and government authorities.
3.4 Communications
- Sending you service-related messages, including account verification, security alerts, and technical notices;
- Sending you information about new features, updates, and changes to the Services;
- Responding to your comments, questions, and requests.
We will not use the audio or video content of your calls for any purpose, including advertising, analytics, or product improvement. Orbit does not record, store, or access the content of your calls.
4. Summary of Data Practices
The following table summarizes the categories of personal information we collect, examples of specific data points, and the primary purposes for which each category is used:
| Category | Examples | Primary Purpose |
|---|---|---|
| Identifiers | Name, email, phone number, device IDs | Account creation, authentication, communications |
| Account Data | Date of birth, profile photo, credentials | Account management, age verification |
| Relationship Data | Contact names, call schedules, labels, groupings | Core service functionality |
| Contact List | Names and phone numbers from device address book | User matching, connection facilitation |
| Device & Technical | Device model, OS, IP address, crash logs | Service operation, troubleshooting, security |
| Usage Data | Features used, session times, actions taken | Analytics, service improvement |
| Call Metadata | Call date/time, duration, participants, status | Call facilitation, scheduling features |
| Subscription Data | Transaction IDs, subscription status, plan type | Payment processing, feature access |
| Communications | Support emails, feedback content | Customer support, product improvement |
Important: We do not collect, store, or access the audio or video content of your calls. Call metadata (time, duration, participants) is collected; call content is not.
5. Contact List Data — Special Provisions
Because Orbit's core functionality involves managing relationships with your contacts, we want to be especially transparent about how we handle contact list data.
5.1 What We Collect
If you grant the Services permission to access your device's address book, we collect the names and phone numbers of your contacts. We do not collect email addresses, physical addresses, photos, notes, or other fields from your address book unless you separately provide them within the Services.
5.2 How We Use Contact Data
We use contact list data solely to: identify which of your contacts are existing Orbit users so you can connect with them; display your contacts' names within the Orbit interface; and facilitate invitations to non-users, if you choose to send them.
5.3 Non-User Contact Data
For contacts who are not existing Orbit users, we process their phone numbers in hashed form to determine whether they have registered accounts. If no match is found, we do not retain the raw phone number. Hashed values may be temporarily cached to reduce repeated lookups but are not used for any other purpose, including marketing or advertising.
5.4 Invitations
If you choose to invite a contact to join Orbit, the invitation will be sent from your device through your default messaging application. We do not send unsolicited communications to your contacts on your behalf. You represent that you have the right to send such invitations.
5.5 Revoking Access
You may revoke the Services' access to your device contacts at any time by changing the permissions in your device's operating system settings (Settings > Privacy & Security > Contacts on iOS). Revoking access will stop future syncing of your contact list. Previously imported contact data within the Services may be deleted by contacting us at support@orbitstayclose.com.
6. How We Share Your Information
We do not sell your personal information to third parties. We share your information only in the following limited circumstances:
6.1 With Other Users
Certain information is shared with other Orbit users as part of the Services' core functionality. For example, when you add a contact who is also an Orbit user, that user will be able to see your name, profile photo, and call scheduling preferences as they relate to your shared connection. You control who you connect with on Orbit.
6.2 With Service Providers
We share information with third-party service providers who perform services on our behalf, including:
- Agora, Inc. — provides our video calling infrastructure. Agora receives technical data necessary to facilitate calls (IP addresses, network quality metrics, device information). Agora processes this data under its own privacy policy.
- Cloud Hosting Providers — host our servers and databases. Data is stored on encrypted servers.
- Analytics Providers (Amplitude, Inc. and Google Firebase) — help us understand usage patterns and improve the Services. Amplitude collects session, lifecycle, screen view, network, and interaction data through its SDK. Firebase collects device information, app events, and IP-derived location data. These providers process data under their respective privacy policies (amplitude.com/privacy and policies.google.com/privacy).
- Push Notification Services (Apple Push Notification Service) — deliver notifications to your device.
We require all service providers to process your data only as directed by us and in compliance with this Privacy Policy and applicable law. Our service providers are contractually prohibited from using your personal information for their own purposes.
6.3 For Legal Reasons
We may disclose your information if we believe in good faith that disclosure is necessary to: comply with a legal obligation, court order, or governmental request; enforce our Terms of Service or other agreements; protect the rights, property, or safety of Orbit, our users, or the public; detect, prevent, or address fraud, security, or technical issues; or protect against legal liability.
6.4 Business Transfers
If Orbit is involved in a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of its assets, your personal information may be transferred as part of that transaction. We will notify you via email or a prominent notice within the Services of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
6.5 With Your Consent
We may share your information with third parties when you have given us explicit consent to do so.
7. Data Retention
We retain your personal information for as long as your account is active or as needed to provide you the Services. Specific retention periods vary by data type:
- Account Information: Retained for the duration of your account. Deleted within 30 days of account deletion, except as required by law.
- Relationship and Scheduling Data: Retained for the duration of your account. Deleted when you remove a contact from your Orbit or delete your account.
- Call Metadata: Retained for up to 12 months for service functionality (e.g., displaying call history) and then automatically deleted or anonymized.
- Usage and Analytics Data: Retained in aggregated or anonymized form for up to 24 months for product improvement purposes.
- Contact List Data (Non-Users): Hashed phone numbers cached temporarily for user matching. Raw phone numbers of non-users are not persistently stored.
- Support Communications: Retained for up to 24 months after resolution of your inquiry.
- Log Data: Retained for up to 90 days for security and troubleshooting purposes.
We may retain certain information for longer periods as required by law (e.g., tax, legal, or regulatory obligations) or as necessary to resolve disputes, enforce our agreements, and protect our legal rights. When we no longer need your personal information, we will securely delete or anonymize it.
8. Data Security
We implement commercially reasonable technical, administrative, and organizational security measures designed to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include:
- Encryption of data in transit using TLS/SSL protocols;
- Encryption of sensitive data at rest;
- Access controls limiting employee and contractor access to personal information on a need-to-know basis;
- Regular security assessments and vulnerability testing;
- Incident response procedures for potential data breaches.
No method of electronic transmission or storage is completely secure. While we strive to protect your personal information, we cannot guarantee its absolute security. If we become aware of a security breach that affects your personal information, we will notify you without unreasonable delay and in accordance with applicable law.
9. Your Rights and Choices
Regardless of where you reside, you have the following rights with respect to your personal information: (a) the right to request access to the personal information we hold about you; (b) the right to request correction of inaccurate personal information; (c) the right to request deletion of your personal information, including User Content and account data, whether or not you close your account; (d) the right to request a copy of your personal information in a commonly used, machine-readable format (data portability); and (e) the right to exercise any of these rights without discrimination. To exercise any of these rights, please contact us at legal@orbitstayclose.com. We will respond to your verified request within forty-five (45) days. Certain data may be retained after deletion as required by law, for legitimate business purposes (such as fraud prevention), or as described in Section 7 of this Privacy Policy. California residents may have additional rights as described in Section 10.
9.1 Account Information
You may access, update, or correct your account information at any time through the application settings. If you wish to delete your account, you may do so through the application settings or by contacting us at support@orbitstayclose.com. Upon account deletion, we will delete your personal information within 30 days, subject to the retention periods described in Section 7 and any legal obligations.
9.2 Contact List Permissions
You may revoke the Services' access to your device contacts at any time through your device's operating system settings. Revoking access will stop future syncing. To request deletion of previously imported contact data, please contact us at support@orbitstayclose.com.
9.3 Push Notifications
You may enable or disable push notifications at any time through your device settings (Settings > Notifications > Orbit on iOS). Disabling push notifications may affect certain features of the Services, such as call reminders.
9.4 Marketing Communications
If we send you marketing or promotional communications, you may opt out at any time by following the unsubscribe instructions in those messages or by contacting us at support@orbitstayclose.com. Please note that even if you opt out of marketing communications, we may still send you non-promotional, service-related messages (such as account verification, security alerts, or changes to the Services).
9.5 SMS Messages
If you have opted in to receive SMS messages from us, you may opt out at any time by replying STOP to any message. Message frequency may vary. Standard message and data rates may apply. Consent to receive SMS messages is not a condition of purchasing any goods or services.
10. Additional Rights for California Residents
If you are a California resident, you may have additional rights under the California Consumer Privacy Act ("CCPA"), as amended by the California Privacy Rights Act ("CPRA"). This section describes those rights and how to exercise them.
10.1 Your California Privacy Rights
Subject to certain exceptions, California residents have the right to:
- Know and Access. Request that we disclose what personal information we have collected about you, the categories of sources from which it was collected, the business or commercial purpose for collecting it, the categories of third parties with whom we share it, and the specific pieces of personal information we have collected.
- Delete. Request that we delete the personal information we have collected about you, subject to certain legal exceptions.
- Correct. Request that we correct inaccurate personal information that we maintain about you.
- Opt Out of Sale or Sharing. Direct us to stop selling or sharing your personal information. Note: We do not sell your personal information, and we do not share your personal information for cross-context behavioral advertising purposes.
- Non-Discrimination. We will not discriminate against you for exercising any of your CCPA/CPRA rights.
10.2 How to Exercise Your Rights
To exercise any of these rights, please contact us at legal@orbitstayclose.com with the subject line "California Privacy Request." We will verify your identity before processing your request by matching information you provide with the information we have on file. We will respond to your request within 45 days, or notify you if we need additional time (up to an additional 45 days).
10.3 Categories of Personal Information Collected
In the preceding 12 months, we have collected the following categories of personal information as defined by the CCPA: identifiers (name, email, phone number, IP address, device IDs); personal information under Cal. Civ. Code §1798.80(e) (name, phone number); internet or electronic network activity information (usage data, log data); geolocation data (general location derived from IP address); and inferences drawn from the above (e.g., scheduling preferences, relationship patterns).
10.4 We Do Not Sell Your Personal Information
Orbit does not sell the personal information of its users as defined by the CCPA. We do not exchange personal information for monetary consideration. We also do not share personal information for cross-context behavioral advertising purposes.
10.5 Global Privacy Control
We honor the Global Privacy Control ("GPC") browser signal as a valid opt-out request under the CCPA. If your browser sends a GPC signal, we will treat it as an opt-out of the sale or sharing of your personal information.
11. Children's Privacy
The Services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected personal information from a child under 13 without verification of parental consent, we will take steps to delete that information as quickly as possible.
If you are a parent or guardian and believe that your child under 13 has provided personal information to us, please contact us at legal@orbitstayclose.com so that we can take appropriate action.
Users between the ages of 13 and 18 may use the Services only with the consent and supervision of a parent or legal guardian, as described in our Terms of Service. For users between the ages of 13 and 16, we comply with applicable children's privacy laws, including the Children's Online Privacy Protection Act ("COPPA") and applicable state laws, and will obtain verifiable parental or guardian consent before collecting, using, or disclosing personal information from such users to the extent required by applicable law. Parents or guardians may at any time review their child's personal information, request its deletion, or revoke consent for further collection by contacting us at legal@orbitstayclose.com.
12. Third-Party Services and Links
The Services may contain links to third-party websites, applications, or services that are not owned or controlled by Orbit. This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party services you access.
Key Third-Party Service Providers:
- Agora, Inc. (video calling infrastructure) — Privacy policy: https://www.agora.io/en/privacy-policy/
- Apple Inc. (App Store, In-App Purchases, Push Notifications, CallKit) — Privacy policy: apple.com/privacy
- Amplitude, Inc. (product analytics) — Privacy policy: amplitude.com/privacy
- Google Firebase (analytics and app infrastructure) — Privacy policy: policies.google.com/privacy
12.1 Apple CallKit
The Services use Apple's CallKit framework, which integrates Orbit calls into your device's native phone interface. When CallKit is active, call metadata (caller name, call duration, and timestamp) may be displayed in your device's native Recents list and may be accessible to Siri. This is a system-level feature controlled by Apple's iOS operating system. Apple may collect and process this call metadata under its own privacy policy. You can manage CallKit behavior through your device's system settings.
13. International Data Transfers
Orbit is based in the United States, and the Services are hosted and operated in the United States. If you access the Services from outside the United States, please be aware that your personal information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those of your country of residence.
By using the Services, you consent to the transfer of your personal information to the United States. We will take reasonable steps to ensure that your personal information is treated securely and in accordance with this Privacy Policy regardless of where it is processed.
14. Do Not Track Signals
Some web browsers transmit a "Do Not Track" ("DNT") signal to websites. Because there is no accepted standard for how to respond to DNT signals, we do not currently respond to DNT signals. However, we do honor the Global Privacy Control signal as described in Section 10.5.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, the Services, or applicable law. If we make material changes, we will notify you by posting the updated Privacy Policy within the application, sending you an email notification, or by other reasonable means at least thirty (30) days before the changes take effect.
The "Effective Date" at the top of this Privacy Policy indicates when the most recent changes were made. Your continued use of the Services after the effective date of any updated Privacy Policy constitutes your acceptance of the changes. If you do not agree to the updated Privacy Policy, you must discontinue your use of the Services and delete your account.
16. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:
Orbit Endeavors LLC
Email (general): support@orbitstayclose.com
Email (privacy/legal): legal@orbitstayclose.com
Website: www.orbitstayclose.com
For California privacy rights requests, please email legal@orbitstayclose.com with the subject line "California Privacy Request."