Legal
Privacy Policy
Last updated: April 2026
1. What we collect
When you use Orchestrator, we collect the following categories of information:
- Account information — email address, name, and subscription details
- Operating context — the problems, goals, and business context you share with Orchestrator to build your OS
- Usage data — how you interact with the product, which features you use, session duration
- Payment information — processed by Stripe; we never store raw card data
- Communications — messages you send to Orchestrator through connected channels
- Device and browser information — operating system, browser type, IP address for security and analytics
We collect only what's necessary to run your business OS. We don't sell your data. Your operating context stays in your account.
2. Credential vault
Orchestrator may allow you to store credentials for third-party tools — API keys, login tokens, and service passwords — so the service can operate inside those tools on your behalf.
Credential storage uses encrypted storage and transport controls. Credentials are not intentionally logged in plaintext, exposed in product responses, or sold. Stored credentials are used only for the connected work you authorize.
- Access to credentials is scoped to the connected system or account area that needs them
- You can revoke, update, or delete any stored credential at any time from your settings
- Deleting a credential removes Orchestrator's ability to use it going forward
3. How we use your data
Your data is used to:
- Build and maintain your operating systems
- Prepare, route, record, and run approved operational work on your behalf
- Improve Orchestrator's ability to understand and serve your specific business context over time
- Send you product updates, weekly OS reports, and HITL notifications
- Process your subscription and communicate billing information
- Respond to support requests
We do not sell your operating context or use it to build third-party advertising profiles. Your business context stays in your account.
4. Third parties
We work with a small set of service providers:
- Stripe — payment processing
- Supabase — database and authentication infrastructure
- Anthropic, OpenAI — model providers used to process operating context under the controls available in each provider account
- Twilio / messaging providers — for connected communication channels
- Resend — transactional email delivery
We do not sell, rent, or share your personal data with advertisers or data brokers. Ever.
5. Data retention
We retain your account data for as long as your subscription is active. If you cancel, your data may be retained for a short period to allow for reactivation, support, legal, and billing needs, then deleted on request where required.
- Operating context — retained while your account is active, then deleted on request where required
- Credentials — deleted immediately upon your request or account closure
- Payment records — retained for 7 years as required by financial regulations
- Usage logs — retained for security, debugging, and service operations, then removed under our retention process
6. Your rights
You have the right to:
- Access all data we hold about you
- Correct any inaccurate information
- Delete your account and all associated data
- Export your operating context where export is technically available
- Withdraw consent for any processing we conduct based on consent
- Object to processing for marketing purposes
To exercise any of these rights, contact us at the address below. We will respond within 30 days.
7. Security
We take security seriously — especially where Orchestrator handles credentials and operates inside connected tools.
- Data is protected in transit with TLS
- Stored data uses encryption-backed infrastructure controls
- Credential vault access is logged and auditable
- We review security before material infrastructure and product changes
- We notify affected customers of security incidents as required by law and our incident process