Privacy

Last updated: 2026-04-23.

What we store

Orbital runs on Google Firestore. Per guild we keep exactly the rows needed to make the features work:

• Knowledge base entries — the text mods paste via /kb add and the web dashboard, plus their locale and the Discord user id of the mod who saved them.
• Tags — canned responses written by mods, plus an invocation counter.
• Tickets — subject, author id, status, comments, created / closed timestamps, channel id, panel message id.
• Audit events — one row per mod action (ticket open, KB add, verify pass / fail, automod keyword hit, raid spike, etc.) with actor + target ids. No message content unless a mod pasted it themselves.
• Guild settings — the role ids and channel ids mods pick in /ticket setup, /log setup, /welcome setup, /verify setup, plus the language default.
• Role menus + automod config — the buttons, keyword list, raid threshold.
• Quota counters — how many AI calls the guild has made this month and this day.

We never store non-mod message content. The one exception is automod keyword hits: when a message matches a configured keyword we log the first 200 chars alongside the audit event so mods can review what was removed.

What we share

Orbital calls two third parties on your behalf. Both are transactional — the data leaves our infrastructure only for the duration of the call.

• Google Vertex AI (Gemini 2.5 Flash), for /kb ask, /digest run, /verify challenge generation, and ticket AI triage. Each call sends the user's question plus the relevant KB entries; Google's retention terms apply to that call. We do not use your data to train models.
• Stripe, only if you subscribe. We send the guild id and your tier so Stripe can bill the right account. Card details never touch our servers — they go straight to Stripe Checkout.

We do not sell, rent, or otherwise hand data to advertisers, data brokers, or any third party outside those two.

Retention + deletion

Data lives as long as the guild has Orbital installed. You can delete any of it at any time:

• /kb remove deletes a knowledge entry.
• /tag delete deletes a tag.
• /role-menu delete removes a role menu.
• /automod remove-keyword clears a blocked word.
• Kicking Orbital from your server stops new writes; use the dashboard or email support@orbital.app to request a full purge of every row tagged with your guild id.

Your rights

If you're in the EU, UK, California, or anywhere with a comparable privacy law, you have the right to access, export, correct, and delete your data. Email support@orbital.appand we'll reply within 30 days.

Security

All data is encrypted in transit (TLS) and at rest (Google Cloud default). Discord OAuth tokens live only in signed browser cookies on the web dashboard; we never persist an access token to our DB. The bot uses a single bot token held in our server environment.

Contact

Questions, data requests, security reports: support@orbital.app.