Privacy Policy

Orbit is intended for people aged 16 and older. If you’re younger than 16, please don’t use the service. If we learn we’ve collected information from someone under 16, we’ll delete it.

When you create an account and use Orbit, we collect:

• Account info: email address, password (hashed, never stored as plain text), and the username + display name you choose.
• Profile info you provide: photo, bio, pronouns, hometown, current location, school(s), work info, topics you’re curious about, things you’re open to. All of this is optional except the name.
• Content you post: “currentlies” (what you’re into right now), asks (requests for help), link-ups (events), thoughts, and reactions/comments on other people’s posts.
• Connections + messages: who you’re connected to, who’s in your portals (communities), and the direct messages you send within Orbit.
• Contacts (only if you grant permission): when you use the “alley-oop” feature to recommend a friend, we use your device’s contacts list to find them. We don’t upload your whole address book — we look up specific people you select.
• Device + usage data: anonymized analytics about which screens you visit and which features you use, via PostHog. No keystroke or location tracking beyond what’s explicit in the app.
• Crash logs: if the app crashes, we get a stack trace so we can fix it. No personal content is included.

• To run the service — show you your feed, deliver your messages, surface relevant people in your orbit.
• To send you transactional emails (welcome, password reset, important account notices). We don’t send marketing email.
• To understand how Orbit is used in aggregate, so we can make it better. Analytics is opt-out at the device level (iOS Settings → Privacy).
• To enforce our Terms of Service — investigate reports, prevent abuse, remove harmful content.

We don’t sell your data. We don’t share it with advertisers. There are no ads in Orbit.

Orbit runs on a small set of trusted infrastructure providers. We share data with them only as needed to operate the service:

• Supabase — hosts our database, authentication, and uploaded files (photos). Data is stored on Supabase’s AWS infrastructure.
• PostHog — product analytics (which screens visited, which features used). Pseudonymized — tied to a user ID, not your name or email.
• Resend — sends our transactional emails (welcome, account notices). Only your email address and the message content.
• Open-Meteo — geocoding for the city autocomplete. Just the text you typed; no user identifier sent.
• Other Orbit users — your profile, posts, and connection graph are visible to the people you’ve connected with or who share a portal with you. Direct messages are visible only to you and the recipient.

We’ll only disclose your information to law enforcement if we’re legally required to (subpoena, court order, applicable law). We’ll push back where we have legal grounds to.

We keep your account data as long as your account is active. If you delete your account (Settings → Danger Zone → Delete Account), we wipe your profile, posts, connections, messages, and reactions immediately. Backups are retained for up to 30 days for disaster recovery and then expire.

Anonymous analytics events may persist in PostHog beyond account deletion (they’re tied to a user ID, not your identity). Email us to request analytics deletion if you want that wiped too.

You have the right to:

• See what we have on you — email us and we’ll send you an export.
• Correct anything inaccurate — edit your profile directly, or email us.
• Delete your account — Settings → Danger Zone → Delete Account, or email us.
• Object to processing — email us; we’ll talk it through.
• Withdraw consent for optional features (contacts access, analytics) at any time in your device settings.

If you’re in the EU/UK, you also have the right to lodge a complaint with your local data protection authority.

Passwords are hashed with industry-standard algorithms. All traffic is encrypted in transit (HTTPS). Our database has row-level security policies that restrict who can read what — for example, your direct messages are only readable by you and the recipient, enforced at the database layer. We rate-limit auth attempts to prevent brute force. We’re a small team and we treat security as a continuous practice, not a checkbox.

Our infrastructure providers (Supabase, PostHog, Resend) operate primarily in the United States and the EU. If you’re using Orbit from outside those regions, your data is transferred to and processed in those regions. Where required, we rely on standard contractual clauses or equivalent safeguards.

When we make material changes, we’ll update the “Effective” date at the top and notify signed-in users in-app or by email. Small wording fixes don’t trigger a notice.

Mavrick Enterprises LLC
New York, NY
mavrickllcnyc@gmail.com