Privacy Policy

Last updated: February 4, 2026

RolloutIQ Inc ("we," "our," or "us") operates Orbit, a GTD-style personal productivity application available at www.orbitea.ai. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

1. Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Name (if provided)
  • Profile picture (if you sign up with Google)
  • Password (securely hashed, if not using social login)

Usage Data

We automatically collect certain information when you use Orbit:

  • Device type and browser information
  • IP address
  • Pages visited and features used
  • Time and date of your visits
  • Referring website or application

Integration Data

When you connect third-party services, we may collect:

  • Gmail: Email metadata (sender, subject, date) and content for analysis. We use read-only access.
  • Google Calendar: Calendar events including titles, times, participants, and descriptions.
  • Fireflies.ai: Meeting transcripts, summaries, and extracted action items.
  • Attio: Contact and company information from your CRM.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve Orbit's functionality
  • Process and analyze your emails, meetings, and calendar events to surface actionable items
  • Build your personal knowledge base with AI-powered search and Q&A
  • Send you service-related notifications and updates
  • Respond to your comments, questions, and support requests
  • Monitor and analyze usage patterns to improve user experience
  • Detect, prevent, and address technical issues and security threats

3. Information Sharing

We do not sell your personal information. We may share your information in the following circumstances:

Third-Party Service Providers

We use third-party services to help operate Orbit:

  • Anthropic (Claude): For AI-powered analysis of your content
  • Cloud hosting providers: For data storage and application hosting
  • Analytics services: For usage analytics and error tracking

Legal Requirements

We may disclose your information if required by law, such as in response to a subpoena, court order, or other legal process, or to protect our rights, privacy, safety, or property.

4. Data Security

We implement appropriate technical and organizational security measures to protect your information, including:

  • Encryption of data in transit (TLS/HTTPS) and at rest
  • Secure password hashing using industry-standard algorithms
  • Regular security assessments and updates
  • Access controls limiting employee access to personal data
  • OAuth 2.0 for secure third-party integrations (no password storage)

5. Your Rights

Depending on your location, you may have certain rights regarding your personal information:

Access and Portability

You can access and export your data at any time through your account settings.

Correction

You can update your account information directly in the application.

Deletion

You can request deletion of your account and associated data by contacting us. We will process deletion requests within 30 days, subject to any legal retention requirements.

GDPR Rights (EEA Users)

If you are in the European Economic Area, you have additional rights including the right to object to processing, restrict processing, and lodge a complaint with a supervisory authority.

CCPA Rights (California Users)

California residents have the right to know what personal information is collected, request deletion, and opt-out of the sale of personal information (we do not sell personal information).

6. Cookies and Tracking

We use cookies and similar tracking technologies to:

  • Essential cookies: Required for authentication and security
  • Functional cookies: Remember your preferences and settings
  • Analytics cookies: Understand how you use Orbit to improve our service

You can control cookies through your browser settings. Disabling essential cookies may affect Orbit's functionality.

7. Third-Party Integrations

When you connect third-party services to Orbit:

  • We access only the data necessary for Orbit's features
  • You can disconnect integrations at any time from your settings
  • Disconnecting an integration stops future data sync but existing data remains until you delete it
  • Each third-party service has its own privacy policy governing their data practices

8. Data Retention

We retain your information for as long as your account is active or as needed to provide you services. Specifically:

  • Account data: Retained until account deletion
  • Task and project data: Retained until deleted by you or account deletion
  • Integration data: Synced data retained until you disconnect the integration or delete your account
  • Deleted items: Items in Trash are permanently deleted after 30 days
  • Backups: May be retained for up to 90 days for disaster recovery

9. Children's Privacy

Orbit is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we learn we have collected personal information from a child under 13, we will delete that information promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at:

RolloutIQ Inc

Email: privacy@orbitea.ai