Privacy Policy

InOrbit — Last updated: February 8, 2026

Micah Giszack ("we," "us," or "our"), based in the United States, built InOrbit as a commercial application. This Privacy Policy explains how we collect, use, and protect your information when you use InOrbit ("the App").

By using the App, you agree to the practices described in this policy. If you do not agree, please do not use the App.

1. Privacy by Design

InOrbit is designed to minimize data exposure. Your conversations and content are processed automatically by our infrastructure provider (Railway) to enable the AI chat experience. We do not read, review, or moderate your messages. There is no admin dashboard or content moderation tooling built into InOrbit. We may access message metadata (such as timestamps and message counts) for debugging or abuse prevention, but we do not access message content.

2. Data on Your Device

Your message content is stored on your device and sent only to OpenRouter for AI responses — it is never sent to or stored on our server, and is never viewed or accessed by any person. We may access limited server-side metadata (such as timestamps and message counts) for debugging or abuse prevention.

If you are signed into iCloud, your Worlds, messages, participants, and settings are automatically synced across your devices via Apple's CloudKit private database. This sync is managed entirely by Apple and encrypted end-to-end — we have no access to your iCloud data.

Data Type	Details	Stored Where
Messages	Text you send in conversations ("Worlds") and AI-generated replies	On your device (sent directly to OpenRouter for AI responses)
Conversation Settings	World names, participant configurations, AI Contacts, and preferences	On your device
Participant Photos	Avatar images you select for AI participants from your photo library	On your device only — never uploaded to our servers
iCloud Sync	Worlds, messages, participants, contacts, and settings	Synced to Apple's iCloud servers (encrypted by Apple, accessible only with your Apple ID)

3. Data on Our Server

Our backend, hosted on Railway, stores a minimal set of data to support account authentication and optional background features:

Data Type	Details	Purpose
Anonymous Identifier	An opaque, anonymous token generated by Sign in with Apple — not your Apple ID, name, or email	Account authentication
Device Token	Apple Push Notification service (APNs) token	Delivering push notifications
API Key Metadata	If you use the API key provisioned at sign-up: the key itself (stored for re-delivery if you reinstall the app) and usage metadata (spend amount, model usage) visible to us via OpenRouter	Key provisioning and abuse prevention
Message Metadata	Timestamps, message counts, and World activity state — not message content	Rate limiting, debugging, and abuse prevention

We do not collect or store:

Your name or email address (Sign in with Apple may transmit an email during authentication, but we discard it and do not store it)
Location data
Your phone contacts or address book information (InOrbit's "Contacts" feature stores AI character profiles on your device and in iCloud — not your real-world contacts)
Browsing history or tracking identifiers
Financial or payment information

4. How Your Data Is Used

Authenticate your account using an anonymous token from Sign in with Apple.
Generate AI responses — your device sends conversation context directly to OpenRouter's API (see Section 5). Messages are not routed through our server for foreground chat.
Deliver push notifications — when enabled, notification payloads sent through Apple's Push Notification service may include the World name and sender name.
Enforce rate limits and manage server resources.
Sync across your devices — when signed into iCloud, Apple's CloudKit automatically syncs your Worlds and messages to your other devices.

We do not use your data for advertising, profiling, or selling to third parties. We do not review, moderate, or monitor your content.

5. Third-Party Services

InOrbit relies on the following third-party services to function. We require that each third-party service provider handling user data provides the same or equal protection of that data as described in this Privacy Policy.

OpenRouter (openrouter.ai) — Your device sends conversation content directly to AI language models (e.g., Claude, Gemma, Llama, Mistral) via OpenRouter's API to generate responses. This data does not pass through our server. If you use the API key provisioned at sign-up, we can see usage metadata (such as spend amount and which models were used) but not your message content. OpenRouter's privacy policy governs their handling of this data.
Apple Push Notification service (APNs) — Delivers push notifications to your device. Notification payloads may include the World name and sender name in addition to your device token.
Railway (railway.app) — Hosts our backend infrastructure. Server-side data is stored on Railway in accordance with their privacy policy.
Apple iCloud (CloudKit) — When you are signed into iCloud, your Worlds, messages, and settings are synced across your devices via Apple's CloudKit private database. This data is encrypted by Apple and only accessible with your Apple ID. We have no access to your CloudKit data. Apple's privacy policy governs their handling of iCloud data: apple.com/privacy.

6. Data Storage and Security

Server-side data is stored on infrastructure provided by Railway and processed by automated systems. On-device data is stored locally using Apple's SwiftData framework. We implement the following safeguards:

Encrypted connections (HTTPS/TLS) for all data in transit
Authentication via Apple's signed identity tokens
Provisioned API keys stored on the server for re-delivery on reinstall; custom API keys stored only in your device's Keychain
Foreground messages sent device-to-OpenRouter, bypassing our server
iCloud data encrypted end-to-end by Apple's infrastructure

No method of electronic transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Data Retention and Deletion

We retain server-side data for as long as your account is active. On-device data (messages, Worlds, settings, photos) can be deleted at any time using the "Delete All Worlds" option in the App's settings.

You can delete your account and all server-side data directly in the App under Settings > Account Deletion > Delete Account, or via the web at micah.chat/inorbit/delete-account. You will be asked to verify your identity with Apple before deletion proceeds. Upon deletion:

Your anonymous profile, device tokens, and API key metadata are permanently removed from our server.
All local data on your device is also cleared.
Deletion is irreversible.
Data already transmitted to third-party AI providers (Section 5) is subject to their respective retention policies.
iCloud data (synced Worlds, messages, and settings) is removed when you delete your account or turn off iCloud for InOrbit. Propagation across Apple's servers may take up to 30 days.

You may also contact us at micah@micah.chat to request account deletion.

8. Children's Privacy

InOrbit is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal data, please contact us at micah@micah.chat and we will promptly delete it.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

Access the personal data we hold about you.
Delete your account and server-side data in-app (Settings > Account Deletion), and your on-device data via the App's settings.
Withdraw consent by discontinuing use of the App.

To exercise any of these rights, contact us at micah@micah.chat.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of the App after changes constitutes acceptance of the revised policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy, please contact:

Micah Giszack
micah@micah.chat