Privacy Policy
Last updated: January 1, 2026
Orvlin, Inc. (“Orvlin”, “we”) respects your privacy. This policy explains what we collect and how we use it.
Information we collect
We collect account information (name, email, company), billing and usage data required to operate the service, and technical logs such as IP address and device information. We do not sell personal data.
How we use information
We use data to provide and secure the service, process payments, send transactional notifications, and improve Orvlin. Aggregated, anonymized data may be used for product analytics.
Data retention
Billing records are retained as required for financial and tax compliance (typically 7 years). Account data is deleted upon verified request within 30 days, subject to legal holds.
Subprocessors
We use vetted subprocessors for email delivery, infrastructure, and payments. A current list is available on request and disclosed for material changes.
Security
Data is encrypted in transit (TLS 1.2+) and at rest (AES-256). We maintain SOC 2 Type II controls and follow least-privilege access principles.
Your rights
Depending on your jurisdiction, you may access, correct, export, or delete your personal data, and object to certain processing. Contact privacy@orvlin.com to exercise these rights.
Contact
Questions about this policy? Email privacy@orvlin.com or write to Orvlin, Inc., 548 Market St, San Francisco, CA.