Privacy Policy
Last updated: May 2, 2025
OrbitKit.dev ("OrbitKit", "we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website and make purchases from us. Please read this policy carefully. If you disagree with its terms, please discontinue use of our site.
1. Information We Collect
1.1 Information you provide directly
- Purchase information: When you purchase a product, we collect your name and email address to fulfil your order and deliver access links.
- Account registration: If you create an account, we collect your name, email address, and a securely hashed version of your password.
- Support communications: When you contact our support team, we retain your messages to respond and improve our service.
1.2 Information collected automatically
- Log data: Our servers automatically log standard HTTP request data including IP address, browser type, referring/exit pages, and timestamps.
- Session cookies: We use a session cookie to keep you logged in to your account. This cookie contains only an opaque token — no personal data.
- We do not use advertising cookies, cross-site tracking, or third-party analytics.
2. How We Use Your Information
We use the information we collect solely to:
- Fulfil your orders and send you download links or marketplace access instructions.
- Maintain and authenticate your account.
- Send transactional emails related to your purchases (download ready, access granted, order confirmation).
- Respond to your support requests.
- Detect and prevent fraudulent transactions.
- Comply with legal obligations.
We do not sell, rent, or share your personal information with third parties for marketing purposes.
3. Payment Processing
All payments are processed by Razorpay, a PCI-DSS Level 1 certified payment gateway. We never receive, store, or have access to your full card number, CVV, or bank account details. Razorpay's privacy policy governs how payment data is handled. You can review it at razorpay.com/privacy.
4. Data Storage & Security
- Your data is stored on servers within secure cloud infrastructure.
- Passwords are hashed using bcrypt with a strong cost factor — we cannot retrieve your plaintext password.
- Download and access tokens are time-limited and use cryptographically random values.
- All data transmission between your browser and our servers uses TLS (HTTPS) encryption.
- We take reasonable precautions, but no internet transmission is 100% secure. If you believe your account has been compromised, contact us immediately.
5. Email Communications
We send transactional emails (order confirmations, download links) using Resend. We do not send marketing or promotional emails unless you explicitly opt in. You can opt out of any marketing communications at any time by contacting us.
6. Third-Party Services
We use the following third-party services that may process your data:
| Service | Purpose | Data shared |
|---|---|---|
| Razorpay | Payment processing | Email, name, payment details |
| Resend | Transactional email | Email address, name |
| Amazon S3 | File storage | No personal data |
7. Your Rights
You have the following rights regarding your personal data:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate or incomplete data.
- Deletion: Request deletion of your personal data, subject to legal retention requirements.
- Portability: Request your data in a portable format.
- Object: Object to certain processing activities.
To exercise any of these rights, email us at privacy@orbitkit.dev. We will respond within 30 days.
8. Data Retention
We retain your personal data for as long as necessary to provide our services and comply with legal obligations. Order records are retained for a minimum of 3 years for accounting purposes. If you close your account, we will delete your personal profile data within 90 days, though anonymised transaction records may be retained longer.
9. Children's Privacy
Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such information, please contact us immediately.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date above. We encourage you to review this policy periodically. Your continued use of our service after any changes constitutes acceptance of the updated policy.
11. Contact Us
If you have any questions or concerns about this Privacy Policy, please contact us: