Orbitry
Privacy & Data Protection

Privacy Policy

We take your privacy seriously. This policy explains what data we collect, how we use it, and the controls you have over your information.

Effective: April 27, 2025Last updated: April 27, 2025

Plain English Summary: We collect information you give us directly (like your email and satellite configurations) and some usage data. We use it to run Satellite and improve the product. We do not sell your personal data. You can delete your account and data at any time.

1. Overview

Satellite Technologies, Inc. (“Satellite”, “we”, “us”, or “our”) operates the Satellite platform at Satellite.io and related services. This Privacy Policy describes how we collect, use, store, share, and protect your personal information when you use our platform.

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, Satellite acts as the data controller for your personal data under the General Data Protection Regulation (GDPR) and applicable local privacy laws.

2. Information We Collect

2.1 Information You Provide Directly

  • Account information: name, email address, password (stored hashed), profile photo
  • Billing information: payment card details (processed by Stripe — we do not store raw card data), billing address
  • Satellite configurations: topics, keywords, sources, alert preferences you configure
  • Communications: messages you send to our support team, feedback, survey responses
  • Profile data: job title, company name, bio (optional)

2.2 Information We Collect Automatically

  • Usage data: features used, pages visited, Satellites created and run, search queries
  • Device data: IP address, browser type and version, operating system, screen resolution
  • Log data: server logs, error reports, timestamps of access
  • Cookies and tracking: session cookies, analytics cookies, preference cookies (see Section 6)

2.3 Information from Third Parties

  • OAuth providers (Google, GitHub) when you sign in using those services
  • Payment processors (Stripe) for billing verification
  • Analytics partners for aggregated usage insights

3. How We Use Your Information

PurposeLegal Basis (GDPR)
Providing and operating the Satellite platformContract performance
Running your Satellites and delivering insightsContract performance
Processing payments and managing subscriptionsContract performance / Legal obligation
Sending transactional emails (alerts, reports, receipts)Contract performance
Sending product updates and marketing emailsLegitimate interest / Consent
Improving our AI models and product featuresLegitimate interest
Preventing fraud and ensuring securityLegitimate interest / Legal obligation
Complying with legal obligationsLegal obligation

4. Data Sharing & Disclosure

We do not sell your personal data. We share your information only in the following limited circumstances:

  • Service providers: Trusted third-party vendors who help us operate the platform (e.g., Supabase for database hosting, Stripe for payments, Resend for email delivery, Vercel for infrastructure). These providers are contractually bound to protect your data.
  • Legal compliance: When required by law, court order, or governmental authority.
  • Business transfers: In connection with a merger, acquisition, or sale of all or a portion of our assets. We will notify you before your data is transferred.
  • With your consent: When you explicitly authorize sharing for specific purposes.
  • Aggregate data: Non-personally identifiable, aggregated statistics about platform usage that cannot identify individual users.

5. Satellite Monitoring & Collected Data

When you create and run Satellites, Satellite collects and processes publicly available information from the internet on your behalf. Important considerations:

  • Crawled data is processed to extract signals relevant to your configured topics
  • Raw crawled content is retained only as long as necessary to generate insights
  • Processed insights and reports are stored in your account and retained per our data retention policy
  • Satellite does not intentionally collect or store personal data about third parties via Satellite monitoring
  • You are responsible for ensuring your Satellite configurations comply with applicable data protection laws

Your responsibility: If your Satellite monitors content that may include personal data about individuals (e.g., news articles mentioning people), you must have a lawful basis under applicable law for processing such information. Satellite cannot be held responsible for your use of collected signals.

6. Cookies & Tracking Technologies

We use the following types of cookies:

  • Essential cookies: Required for authentication, security, and core platform functionality. Cannot be disabled.
  • Analytics cookies: Help us understand how users interact with the platform (e.g., PostHog, Vercel Analytics). These collect anonymized usage data.
  • Preference cookies: Remember your settings such as theme and notification preferences.

You can control non-essential cookies through your browser settings. Note that disabling certain cookies may affect platform functionality.

7. Data Retention

We retain your data for as long as necessary to provide the Service and fulfill the purposes outlined in this Policy:

  • Account data: Retained for the lifetime of your account, plus 30 days after deletion to allow for recovery
  • Satellite insights and reports: Retained for the duration of your subscription plus 90 days
  • Billing records: Retained for 7 years as required by financial regulations
  • Server logs: Retained for 90 days for security and debugging purposes
  • Marketing communications: Until you unsubscribe or request deletion

After the applicable retention period, your data is securely deleted or anonymized.

8. Data Security

We implement comprehensive security measures to protect your personal information:

  • All data transmitted between your browser and our servers is encrypted using TLS 1.2+
  • Passwords are hashed using bcrypt with appropriate salt rounds — we never store plaintext passwords
  • Database encryption at rest using AES-256
  • Role-based access controls ensuring our team members can only access data necessary for their role
  • Regular security audits and penetration testing
  • Multi-factor authentication available and encouraged for all accounts

In the event of a data breach affecting your rights, we will notify you and applicable regulators within 72 hours of becoming aware of the breach, as required by GDPR.

9. Your Rights & Choices

Depending on your location, you may have the following rights regarding your personal data:

📋 Right of Access

Request a copy of all personal data we hold about you.

✏️ Right to Rectification

Correct inaccurate or incomplete personal data.

🗑️ Right to Erasure

Request deletion of your personal data (“right to be forgotten”).

⏸️ Right to Restriction

Restrict processing of your data in certain circumstances.

📦 Data Portability

Receive your data in a machine-readable format.

🚫 Right to Object

Object to processing based on legitimate interest or for marketing.

To exercise any of these rights, contact us at privacy@satellite.io. We will respond within 30 days. You may also lodge a complaint with your local data protection authority.

Opt-out of marketing: You can unsubscribe from marketing emails at any time using the link in any email or by contacting us. We will continue to send transactional emails related to your account.

10. International Data Transfers

Satellite is based in the United States. If you access our Service from outside the US, your data may be transferred to and processed in the United States, which may have different data protection laws than your country.

For transfers from the EEA, UK, or Switzerland to the US, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission as the legal mechanism for transfer. We also implement additional safeguards where required by applicable law.

11. Children’s Privacy

Satellite is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately at privacy@satellite.io and we will delete such information.

12. Third-Party Links & Services

The Satellite platform may contain links to third-party websites, integrations, or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing your information.

Our platform integrates with the following key third-party services:

  • Supabase: Database and authentication infrastructure
  • Stripe: Payment processing
  • Vercel: Hosting and edge infrastructure
  • Resend / SendGrid: Email delivery
  • OpenRouter / OpenAI: AI processing for signal analysis
  • Tavily: Web search and discovery

13. Changes to This Policy

We may update this Privacy Policy periodically. When we make material changes, we will notify you via email or a prominent notice on our platform at least 14 days before changes take effect. The updated policy will be posted on this page with a revised “Last Updated” date.

Your continued use of Satellite after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

14. Contact & Data Protection Officer

For privacy-related questions, requests, or concerns, please reach out to us:

We are committed to working with you to resolve any privacy concerns. You also have the right to lodge a complaint with your local data protection supervisory authority.