OrbitsOrbitsSign in

Privacy Policy

Last updated: May 22, 2026

Who we are

Orbits ("we", "us") operates the website at www.yourorbits.com and provides a unified feed of events from people you follow across Google Calendar, Microsoft Outlook, Eventbrite, and similar services. Contact: privacy@yourorbits.com.

Information we collect

  • Account data: email address, display name, username, and profile photo you provide.
  • Connected service data: calendar events, event titles, times, locations, and attendee status from services you connect (Google Calendar, Microsoft Outlook, Eventbrite).
  • Social graph: who you follow and who follows you on Orbits.
  • Usage data: basic logs (IP, user agent, request paths) needed to operate and secure the service.

How we use Google user data

When you connect your Google account, Orbits requests read-only access to your Google Calendar (calendar.readonly) plus basic profile info (userinfo.email, userinfo.profile, openid). We use this data to:

  • Display your upcoming events in your own feed.
  • Share events with followers you have approved, subject to the per-event, per-platform, and per-follower visibility controls you set inside Orbits.

Limited Use disclosure. Orbits' use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data to serve ads, do not sell it, do not use it for credit or lending purposes, and do not allow humans to read it except (a) with your explicit consent, (b) for security purposes (e.g. investigating abuse), (c) to comply with applicable law, or (d) where the data is aggregated and used for internal operations in compliance with the policy.

How we share data

We share event data only with the Orbits followers you have explicitly approved, and only to the extent your visibility settings allow. We use the following subprocessors to operate the service:

  • Supabase (database, authentication, file storage)
  • Cloudflare (hosting and edge runtime)
  • Google, Microsoft, and Eventbrite (only to read the data you authorized)

We do not sell personal data and we do not share it with advertisers.

Data retention

We retain calendar and event data only while your connection to that service is active. Disconnecting a service or deleting your Orbits account removes the stored data for that source within 30 days, except where retention is required by law.

Your choices

  • Disconnect any integration at any time from Settings → Connections.
  • Revoke Orbits' Google access directly at myaccount.google.com/permissions.
  • Delete your account from Settings, which removes your profile, follow graph, and stored event data.
  • Email privacy@yourorbits.com for any data access or deletion request.

Security

OAuth tokens and event data are encrypted in transit (TLS) and at rest, and are scoped per-user via row-level security in our database.

Changes

We'll update the "Last updated" date above whenever this policy changes. Material changes will also be announced in-app.