Orbit

Orbit — Privacy Policy

Version: 2026-06-27 Last updated: 2026-06-27

1. Who we are

Orbit ("we", "us") is operated by David Enachescu-Goldenberg, operating as Orbit. The app is available at onorbit.app. For any privacy question or to exercise your rights, contact us at hello@onorbit.app.

2. The data we collect

We collect only what the app needs to work. We do not sell your data, we do not show ads, and we do not embed third-party advertising or tracking SDKs.

Data When Why
Account: email, username, display name, optional avatar image At signup / profile setup Create and operate your account
Date of birth At signup Used only to verify you are 16+. It is NOT stored — we keep only a timestamp that age was confirmed (min_age_confirmed_at).
Location Only while you are actively sharing an intent (foreground) To find nearby matches ("serendipity"). Never collected in the background; never continuous tracking.
Push notification token Only if you enable notifications To deliver match / coordination alerts
Content you create: intents, burner-chat messages, pings, group memberships As you use the app To provide the core social features
Product analytics events (in-app actions) As you use the app First-party measurement to understand and improve the product

3. Age requirement

Orbit is intended for users aged 16 and over. 16 is the age of digital consent under GDPR Art. 8 as applied in Germany (BDSG). We ask your date of birth at signup solely to confirm you meet this threshold and block sign-ups that do not. We do not store the date of birth itself.

4. Legal bases (GDPR Art. 6)

  • Performance of a contract — operating your account and the core features you ask for.
  • Consent — push notifications, and location access at the point you choose to share.
  • Legitimate interests — first-party product analytics, safety and abuse prevention (blocking, reporting), and keeping the service secure and reliable.

5. Retention

  • Burner chats are ephemeral and expire automatically after their lifetime ends.
  • Blocking a user immediately closes and purges the burner conversation you shared.
  • Operational logs (including the notification log) and product analytics events are retained for a limited period and then deleted or aggregated.

6. Your rights

Under the GDPR you can: access your data, export it, delete your account and data, correct inaccurate data, object to certain processing, and lodge a complaint with a supervisory authority. Account deletion and data export are available directly in the app (Profile → Privacy & data). You can also reach us at hello@onorbit.app.

7. Processors and third parties

We use the following processors to run Orbit:

  • Supabase — database, authentication, file storage, and serverless functions.
  • Expo — delivery of push notifications.

These providers process data on our behalf under our instructions.

8. Security

We protect your data with row-level access controls (each user can reach only their own private data), encrypted transport, and least-privilege access for our systems.

9. Changes to this policy

If we make material changes we will update the version date above and, where required, ask you to re-accept before continuing to use Orbit.

10. Contact

Questions or requests: hello@onorbit.app.

Orbit

Real plans with people nearby.

Legal

  • Privacy policy
  • Terms of service
  • How we handle data

Contact

  • hello@onorbit.app

© 2026 David Enachescu-Goldenberg, operating as Orbit. For students 16 and up.