Privacy Policy

Introduction

orbitrals Ltd ("we", "us", or "our") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, share, and protect information about you when you use our subscription commerce services, visit our website at orbitrals.world, or interact with us in other ways. We are the data controller for the personal data we process about you.

Data Controller Information

The data controller responsible for your personal data is orbitrals Ltd, a company registered in Ireland with registration number 739206. Our registered address is Patrick Street 18, Galway, H45 4221, Connacht, Ireland. If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at privacy@orbitrals.world or call us at +353 913249186.

Data We Collect

We collect various types of information to provide and improve our subscription commerce services. The data we collect includes information you provide directly to us, information we collect automatically when you use our services, and information we receive from third parties.

Information You Provide

• Account information: name, email address, phone number, and password
• Subscription preferences and product interests
• Delivery address and billing information
• Payment information (processed securely by our payment processors)
• Communication preferences and marketing consent
• Customer service enquiries and feedback
• Survey responses and product reviews

Information We Collect Automatically

• Website usage data and browsing behaviour
• Device information (IP address, browser type, operating system)
• Cookies and similar tracking technologies
• Transaction history and subscription activity
• Location data (country and region for delivery purposes)

How We Use Your Information

We use the personal data we collect for various purposes based on different legal grounds under GDPR. How we use your information depends on how you interact with our services and the preferences you have expressed.

Service Provision (Contract Performance)

• Processing and fulfilling your subscription orders
• Managing your account and subscription preferences
• Processing payments and managing billing
• Providing customer support and responding to enquiries
• Delivering products to your specified address

Business Operations (Legitimate Interests)

• Improving our products and services
• Personalising your subscription experience
• Analysing usage patterns and customer preferences
• Preventing fraud and ensuring security
• Conducting business analytics and reporting

Marketing (Consent)

• Sending promotional emails and newsletters
• Providing product recommendations
• Informing you about new services and special offers
• Conducting market research and surveys

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds: (1) Contract performance - to provide our subscription services; (2) Legitimate interests - for business operations, analytics, and security; (3) Consent - for marketing communications and non-essential cookies; (4) Legal obligation - to comply with applicable laws and regulations. You have the right to withdraw consent at any time where we rely on consent as the legal basis for processing.

Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your information with trusted partners and service providers who help us operate our business, always under strict contractual obligations to protect your data.

Service Providers

• Payment processors for secure transaction handling
• Shipping and logistics partners for product delivery
• Cloud hosting providers for data storage and processing
• Email service providers for communications
• Analytics providers for website and service improvement
• Customer support platforms for enquiry management

Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or to protect our rights, property, or safety, or that of our customers or the public.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected and to comply with legal obligations. Account information and subscription data are retained for the duration of your active subscription plus seven years for legal and accounting purposes. Marketing data is retained until you withdraw consent or for three years from last interaction. Website analytics data is retained for 26 months. Payment data is retained according to financial regulations, typically seven years. We regularly review and delete data that is no longer needed in accordance with our data retention schedule.

Your Rights

Under GDPR and applicable data protection laws, you have several rights regarding your personal data. You can exercise these rights by contacting us at privacy@orbitrals.world.

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Correct inaccurate or incomplete personal data
• Right to Erasure: Request deletion of your personal data in certain circumstances
• Right to Restrict Processing: Limit how we use your personal data
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for marketing purposes
• Right to Withdraw Consent: Withdraw consent where processing is based on consent
• Right to Lodge a Complaint: File a complaint with the Irish Data Protection Commission or your local supervisory authority

International Data Transfers

We primarily process your data within the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or adequacy decisions. All our service providers are contractually obligated to provide adequate protection for your personal data.

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. This includes encryption of data in transit and at rest, regular security assessments, access controls, and staff training on data protection. However, no internet transmission or electronic storage is completely secure, so we cannot guarantee absolute security.

Cookies and Tracking

We use cookies and similar technologies to enhance your experience on our website. For detailed information about our use of cookies, including how to manage your cookie preferences, please see our Cookie Policy. You can control cookies through your browser settings, but disabling certain cookies may affect website functionality.

Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly. If you believe we have collected information from a child under 16, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by email or through our website. The updated policy will be effective from the date specified in the notice. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us using the following methods:

We aim to respond to all privacy-related enquiries within 30 days. For urgent matters, please call us directly during business hours. You also have the right to lodge a complaint with the Irish Data Protection Commission at www.dataprotection.ie if you believe we have not handled your personal data appropriately.