Orbitel Labs Pvt Ltd Privacy Policy

Last Updated: Oct 21st , 2025
Version: 1.2

Introduction

At Orbitel Labs, we value your trust and are fully committed to protecting your privacy. This Privacy Policy describes how we collect, use, store, and protect personal information when you visit our website or use our AI and voice-based SaaS products. Our commitment is built on the principles of transparency, accountability, and data protection by design.

Orbitel.ai operates as a responsible data custodian. We process information in compliance with the Digital Personal Data Protection Act, 2023 (India), the General Data Protection Regulation (GDPR – EU), and other applicable privacy and cybersecurity laws worldwide. Whether you interact with us from India, the European Union, or elsewhere, we ensure that your data is handled lawfully and securely.

By using our website or services, you acknowledge and agree to the terms of this Privacy Policy.

Our Commitment to Privacy

Privacy is not just a regulatory requirement for us — it’s a core value. As a security-focused AI company, Orbitel builds every product and service with privacy engineering principles embedded in its architecture. We implement encryption, access controls, and anonymization techniques to protect personal and business information at every stage of processing.

We also believe in giving individuals full visibility into how their data is used. This document is written in clear, accessible language to help you understand our practices — no fine print or confusing legalese.

Information We Collect

When you interact with Orbitel.ai, we may collect different types of information to deliver our services effectively and securely.

You may voluntarily provide us with information such as your name, company name, job title, business email, and contact details when you request a demo, subscribe to updates, or fill out a form on our website. If you contact us for support or partnership opportunities, we collect and retain those communications to respond effectively.

We also collect certain data automatically through analytics tools and cookies. This includes your IP address, device identifiers, browser version, and interaction metrics (such as time spent on our pages or navigation paths). These insights help us understand how visitors use our website, improve functionality, and maintain security.

Additionally, we may receive limited business contact details from trusted partners, marketing affiliates, or publicly available sources. We never collect sensitive personal data unless explicitly provided and necessary for contractual or legal purposes.

How We Use Your Information

We use the data we collect to improve our products, secure our systems, and communicate with you meaningfully. This includes processing your data to provide requested demos, fulfill contractual obligations, send relevant product updates, or notify you of security enhancements.

We may analyze aggregated or anonymized data to identify usage patterns, detect potential cyber threats, and improve the performance of our AI-driven voice solutions. Marketing emails are sent only with your explicit consent, and you can opt out at any time.

We also use personal data for administrative and compliance functions — for instance, maintaining audit trails, meeting regulatory obligations, or responding to lawful requests from authorities. Under no circumstances do we sell, rent, or trade personal data for commercial gain.

5Data Protection Principles

Orbitel.ai follows the “CIA” triad of security — Confidentiality, Integrity, and Availability. Every piece of data entrusted to us is encrypted both in transit and at rest, stored in secure cloud environments with continuous monitoring, and accessible only through role-based access controls (RBAC).

Our internal teams undergo regular security awareness training, and our infrastructure is periodically tested through vulnerability assessments and penetration testing (VAPT). The Information Security Management System (ISMS) at Orbitel is aligned with ISO/IEC 27001:2022, ensuring our practices meet international benchmarks.

Legal Basis for Processing

Depending on your location, we rely on one or more legal bases to process personal information. These include your consent, the performance of a contract, compliance with legal obligations, or legitimate interest in improving services and protecting users. For example, when you sign up for a product demo, we process your data to fulfill that request. When we analyze website performance or detect fraudulent activity, we do so under legitimate interest to safeguard our ecosystem.

Data Sharing and Third Parties

Orbitel.ai does not engage in unauthorized sharing or commercialization of personal data. However, certain limited data may be shared with third parties who act as trusted subprocessors, such as cloud hosting providers, email delivery services, CRM systems, analytics platforms, and compliance auditors. These entities operate under strict contractual agreements, ensuring data confidentiality and compliance with applicable regulations.

In exceptional circumstances, we may disclose personal information if required by law, court order, or regulatory authority, or if necessary to prevent fraud, security threats, or other unlawful activities. All such disclosures are made with careful review and appropriate safeguards.

Marketing and Communications

We believe communication should be informative, not intrusive. When you subscribe to our newsletters or events, we may send occasional updates about product improvements, security research, webinars, or case studies relevant to your interests. You may unsubscribe at any time by using the link in our emails or contacting us directly.

We also maintain a strict anti-spam policy – we never send unsolicited marketing messages or sell contact lists. All communications originate from verified Orbitel domains.

International Data Transfers

As a global SaaS company, Orbitel.ai may process data on secure servers located in India, the EU, or the United States. Wherever your data travels, it is protected with industry-standard encryption and cross-border contractual clauses approved by regulators (such as Standard Contractual Clauses under GDPR).

We also ensure that any third-party provider handling personal data on our behalf meets equivalent or higher security and privacy standards, including compliance with the Digital Personal Data Protection Act, 2023.

Data Retention and Deletion

Orbitel retains personal information only for as long as it is required to fulfill the purpose for which it was collected – or longer if legally mandated. Once data is no longer needed, it is either securely deleted, anonymized for analytical use, or archived following our internal Data Retention and Disposal Policy.

For users who request deletion of their data, we ensure complete erasure from all active systems and backups within the legally permitted timeframe.

Data Breach and Incident Response

Orbitel maintains a proactive Incident Response and Breach Notification Procedure. In the unlikely event of a data breach, we immediately activate our response team to contain and assess the incident, notify affected individuals (where required), and coordinate with regulatory authorities such as CERT-IN within prescribed timelines. Our goal is not only to resolve incidents swiftly but also to strengthen our defenses against recurrence.

Cookies and Website Tracking

We use cookies, web beacons, and analytics scripts to enhance user experience, understand visitor behavior, and optimize website performance. Some cookies are essential for basic functionality (e.g., session management), while others help us personalize your experience or measure the success of our campaigns.

You can modify your browser settings to control or disable cookies, but certain parts of the website may not function properly without them. For more details, please refer to our Cookie Policy, available on our website footer.

Children’s Privacy

Orbitel’s products and services are intended for use by professionals and businesses, not individuals under 18 years of age. We do not knowingly collect personal data from minors. If a parent or guardian believes that a child has provided us information, they may contact privacy@orbitel.ai, and we will promptly delete the data.

Your Rights and Choices

Depending on applicable laws, you may have rights to access, correct, update, or delete your personal data. You may also object to processing, withdraw consent, or request data portability.

To exercise these rights, please email privacy@orbitel.ai with the subject line “Data Request”. We verify each request to ensure authenticity and respond within the legally mandated timeframes – typically within 30 days.

We believe in empowering users to control their information, not just protect it.

Business Continuity and Data Protection

Orbitel operates under a robust Business Continuity and Disaster Recovery Plan (BCP/DRP). Data backups are encrypted and stored redundantly across multiple regions to prevent loss during unexpected disruptions. Our systems are monitored 24×7 by trained professionals and automated alerting tools, ensuring that both uptime and data integrity are maintained at all times.

Links to Other Websites

Our website may include links to external websites or third-party content. Orbitel is not responsible for the privacy practices, content, or security of those external sites. We encourage users to read the privacy policies of any third-party website before sharing personal information.

Updates to This Policy

We may update this Privacy Policy periodically to reflect changes in technology, law, or business practices. The revised version will be posted on this page with an updated “Last Modified” date. If significant changes are made, we will notify you via email or a prominent banner on our homepage.

Your continued use of our website after such changes indicates your acceptance of the revised policy.

Contact Us

If you have any questions, feedback, or concerns regarding this Privacy Policy or our data handling practices, please contact us at:

Data Protection Officer (DPO)
Orbitel.ai
Email: privacy@orbitel.ai
Address: 8th Floor, Brigade Metropolis Summit A, Mahadevpura, Bangalore – 560048
Website: https://orbitel.ai

We encourage responsible disclosure and will respond to privacy or security queries promptly and transparently.

Grievance Redressal (India – DPDP Compliance)

In accordance with Section 13 of the Digital Personal Data Protection Act, 2023, Indian users may reach out to our Grievance Officer for concerns related to personal data processing.
We will acknowledge your request within 7 working days and strive to resolve it within 30 days.

Email:privacy@orbitel.ai

Governing Law and Jurisdiction

This Privacy Policy is governed by the laws of India, without regard to conflict of law principles. All disputes arising out of or relating to this policy shall fall under the exclusive jurisdiction of the courts located in Bangalore.

Closing Note

At Orbitel.ai, we believe that privacy is the foundation of digital trust. Our vision is to build AI-driven technology that empowers organizations while protecting individuals. Every decision we make – from how we design products to how we store data – is driven by one guiding principle: your right to privacy.

Thank you for trusting us with your information. We remain committed to protecting it with the utmost care and transparency.