Orbello

1. Scope

This Privacy Policy explains how Orbello ("Orbello," "we," "our," or "us") collects, uses, stores, discloses, and deletes personal information when you use our mobile apps, web app, and related support channels (collectively, the "Service").

2. Information We Collect

A. Information you give us

• Account and profile information: name, username, email address, authentication provider, profile photo, and optional phone number or country information.
• Calendar and social content: events you create, event invite details, comments, availability signals, booking requests, connection settings, and related metadata needed to coordinate schedules.
• Support content: support messages, bug reports, and screenshots or attachments you choose to send us.

B. Information from permissions and connected services

• Contacts: if you grant contact access, we read contact names, phone numbers, email addresses, and related contact metadata to help you find people, invite connections, or save reference contacts. We may derive hashed identifiers from normalized phone numbers or email addresses for privacy-preserving contact matching.
• Calendar providers: if you connect a calendar provider, we import provider calendar data needed for sync features. Today this includes Google Calendar and Apple Calendar, and may include limited Outlook or Microsoft calendar support where offered. Depending on the provider and feature path, Orbello may also write events back to the connected calendar when you choose sync features that support it.
• Photos and camera: if you grant access, we read images you choose for profile photos, event-related media, or support screenshots.
• Notification and phone features: if you enable SMS notifications or phone verification, we process your phone number and delivery-related metadata needed to send or validate those messages.

C. Information collected automatically

• Usage and product analytics: we use Firebase Analytics and related internal analytics events to understand app usage, screen flows, feature engagement, and operational trends.
• Diagnostics and performance data: we use Datadog and Firebase services for crash, error, launch, performance, and reliability monitoring.
• Device and technical information: device type, app version, operating system, coarse network or request metadata, and similar service telemetry.

3. How We Use Information

• To create and secure accounts, sign users in, and support account recovery, deletion, and lifecycle controls.
• To provide calendar, invite, connection, notification, and support features.
• To sync data with connected calendar providers and manage conflicts, reminders, or availability calculations.
• To send transactional emails, push notifications, in-app notifications, and, when enabled, SMS messages.
• To troubleshoot bugs, respond to support requests, prevent abuse, investigate fraud or policy violations, and improve reliability.
• To comply with legal obligations and enforce our Terms.

4. How We Share Information

We do not describe our data practices as a sale of personal information. We share information only as needed to operate the Service, when you direct us to do so, or when the law requires it.

We may also disclose information for business transfers, audits, or legal process, including when necessary to protect users, the Service, or our rights.

5. Retention

We keep information for different periods depending on the feature, your settings, and operational or legal needs.

6. Account Deletion

You can request account deletion inside the app at Settings → Account → Delete Account. If you cannot access the app, you can also contact hello@orbello.app and ask for deletion support.

• Our current in-app flow requires recent authentication before deletion can proceed.
• The server-owned deletion workflow removes account-linked app data before the app shows success.
• After success, the account is signed out and the Firebase Auth account is deleted.
• Older recovery-window deletion workflows may still be honored for accounts that already entered that legacy process.
• We complete deletion or de-identification of any remaining personal account data within 30 days after a valid deletion request, except where the law allows or requires longer retention, or where this policy describes retained operational records such as anonymized support materials.

For a public summary suitable for app-store deletion links, see our Account Deletion page.

7. Your Choices and Rights

• Access and correction: you can review and update much of your profile, event, and settings information inside the app.
• Permission controls: you can revoke Contacts, Calendar, Photos, Camera, biometrics, or notification permissions in your device settings, but some features may stop working.
• Connected-service controls: you can disconnect calendar providers and manage linked accounts through the app or provider settings, depending on the feature.
• Data export: the app includes a JSON export flow for supported account data.
• Deletion and objection requests: you can use the app settings or contact us at hello@orbello.app.

Depending on where you live, you may also have rights under privacy laws such as access, correction, deletion, portability, objection, or withdrawal of consent. We will review and respond to requests as applicable law requires.

8. Security

We use technical and organizational measures designed to protect data in transit and at rest, including HTTPS/TLS, provider-managed encryption for backend storage, and device-native secure storage for certain local credentials. No system can be guaranteed completely secure, and you are responsible for protecting your device and account credentials.

Biometric authentication, when available, is handled through your device platform. Orbello does not receive your raw fingerprint or face template.

9. Children

The Service is not intended for children under 13, or under 16 where a higher local minimum age applies. If you believe a child provided personal information in violation of this policy, contact us and we will investigate.

10. Changes To This Policy

We may update this Privacy Policy from time to time. When we do, we will update the effective date on this page and may also provide in-app or email notice when the change is material.

11. Cookies and Similar Technologies

Cookies are small text files stored on your device. Orbello uses essential cookies and similar browser storage for security, authentication, session management, invite-link handling, and remembering your cookie choice.

If enabled, optional analytics and performance cookies help us understand visitor activity, page performance, and app reliability so we can improve the service.

You can change your choice later by clearing Orbello site data in your browser, then revisiting the site to see the cookie banner again. You can also block or delete cookies through your browser settings, though this may affect sign-in, invite links, and other app features.

12. reCAPTCHA

This site uses reCAPTCHA Enterprise to provide security, fraud prevention, and abuse detection. reCAPTCHA helps us distinguish between human users and automated traffic, protecting our service from spam, abuse, and malicious activity.

When you interact with our service, reCAPTCHA may collect information about your behavior, including your IP address, browser type, operating system, and other device or network information. This data is used solely for security purposes and is subject to Google's Privacy Policy and Terms of Service.

13. CCPA "Do Not Sell" Rights

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising.

Note: Orbello does not describe our data practices as a sale of personal information. We share information only as needed to operate the Service, when you direct us to do so, or when the law requires it. This section is provided to ensure transparency regarding your CCPA rights.

Your CCPA Rights

• Right to Opt-Out: You have the right to direct us not to sell or share your personal information.
• Right to Know: You have the right to request details about the categories and specific pieces of personal information we have collected about you.
• Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions.
• Right to Non-Discrimination: You cannot be discriminated against for exercising your CCPA rights.

How to Opt Out

To submit a request to opt out of the sale or sharing of your personal information, you may:

• Email: Send a request to privacy@orbello.app with the subject line "CCPA Opt-Out Request".
• Mail: Write to Savoirity LLC c/o Northwest Registered Agent LLC, 522 W RIVERSIDE AVE STE N SPOKANE, WA 99201-0581 United States, Attn: Privacy Officer.

We will honor your request within 15 days of receipt. If we need more information to verify your identity or process your request, we will contact you via the email address associated with your account or the email you provide in your request.

For opt-out requests submitted via email, we may ask you to verify your identity by confirming your account email address or providing additional information. If you submit a request through a different email address than the one associated with your account, we may need to confirm that email address is yours before processing the request.

Categories of Personal Information We May Share

We may share the following categories of personal information for business purposes:

• Account and profile information
• Calendar and social content
• Connection and invitation data
• Device and technical information
• Usage and analytics data

We do not sell or share sensitive personal information.

14. Contact