Privacy Policy

1. Introduction

RubyOrbit ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered customer support platform and related services.

By using RubyOrbit's services, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this policy, please do not access or use our services.

2. Information We Collect

2.1 Information You Provide Directly

Account Information: Name, email address, company name, phone number
Payment Information: Billing address, payment method details (processed securely via third-party payment processors)
Widget Configuration: Custom settings, branding preferences, knowledge base content
Communications: Support tickets, feedback, survey responses

2.2 Information Collected Automatically

Usage Data: Features used, interaction patterns, performance metrics
Device Information: Browser type, operating system, IP address, device identifiers
Chat Data: Conversations between end-users and your AI assistant (processed on your behalf)
Analytics Data: Page views, click-through rates, conversion metrics

2.3 Information from Third Parties

Integration Data: Information from connected services (CRM, helpdesk, analytics platforms)
Social Media: Public profile information when you connect social accounts
Business Information: Company data from public sources for verification

3. How We Use Your Information

We use the collected information for the following purposes:

Provide, maintain, and improve our services
Process transactions and send transaction notifications
Train and improve our AI models (using anonymized data only)
Send administrative information, updates, and security alerts
Respond to customer service requests and support needs
Monitor and analyze usage patterns and trends
Detect, prevent, and address technical issues and fraud
Comply with legal obligations and enforce our terms of service
Send marketing communications (with your consent)

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share information in the following circumstances:

4.1 Service Providers

We share data with trusted third-party service providers who assist us in operating our platform:

Cloud hosting providers (AWS, Google Cloud)
Payment processors (Stripe, PayPal)
Analytics services (Google Analytics, Mixpanel)
Communication tools (SendGrid, Twilio)

4.2 Legal Requirements

We may disclose information if required by law or in response to valid legal requests from public authorities.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

4.4 Consent

We may share information with your explicit consent or at your direction.

5. Data Retention and Deletion

5.1 Retention Periods

Account Data: Retained for the duration of your account plus 90 days after closure
Chat Logs: 6 months by default (configurable based on your plan)
Analytics Data: 24 months
Payment Records: 7 years for tax and accounting purposes
Marketing Data: Until consent is withdrawn

5.2 Deletion Procedures

You can request deletion of your personal data at any time by:

Using the account deletion option in your dashboard
Contacting our Data Protection Officer at privacy@rubyorbit.com
Submitting a deletion request through our privacy portal

We will process deletion requests within 30 days, subject to legal retention requirements.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

Access: Request a copy of your personal data
Rectification: Correct inaccurate or incomplete data
Erasure: Request deletion of your data
Portability: Receive your data in a structured, machine-readable format
Restriction: Limit processing of your data
Objection: Object to certain processing activities
Automated Decision-Making: Not be subject to solely automated decisions

7. GDPR Compliance (European Users)

For users in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR):

7.1 Legal Basis for Processing

Contract: Processing necessary to perform our services
Legitimate Interests: Improving services, fraud prevention, network security
Consent: Marketing communications and optional features
Legal Obligation: Compliance with applicable laws

7.2 Data Protection Officer

Our Data Protection Officer can be contacted at: dpo@rubyorbit.com

7.3 International Transfers

We use Standard Contractual Clauses approved by the European Commission for transfers outside the EEA.

8. CCPA Compliance (California Users)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

8.1 Categories of Information Collected

Identifiers (name, email, IP address)
Commercial information (purchase history, preferences)
Internet activity (browsing history, interactions)
Professional information (company, job title)

8.2 Your CCPA Rights

Right to know what information is collected
Right to delete personal information
Right to opt-out of sale (we do not sell personal information)
Right to non-discrimination for exercising privacy rights

8.3 Exercising Your Rights

California residents can submit requests via:

Email: privacy@rubyorbit.com
Toll-free: 1-888-PRIVACY
Online form: rubyorbit.com/privacy-request

9. Data Security

We implement industry-standard security measures to protect your information:

Encryption: 256-bit AES encryption for data at rest, TLS 1.3 for data in transit
Access Controls: Role-based access, multi-factor authentication, regular access reviews
Infrastructure: SOC 2 Type II certified data centers, regular security audits
Monitoring: 24/7 security monitoring, intrusion detection systems
Incident Response: Dedicated security team, documented response procedures
Regular Updates: Security patches, vulnerability assessments, penetration testing

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

Maintain your session and authentication status
Remember your preferences and settings
Analyze usage patterns and improve services
Provide targeted content and features

10.1 Types of Cookies

Essential: Required for platform functionality
Performance: Help us understand usage patterns
Functional: Remember your preferences
Marketing: Used for advertising (with consent)

10.2 Managing Cookies

You can control cookies through your browser settings or our cookie preference center.

11. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 16, we will take steps to delete such information.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

Posting the new policy on this page
Updating the "Last Updated" date
Sending email notification for material changes
Requiring acknowledgment for significant updates

Version History

Dec 26, 2024 Version 2.1 - Added AI model training clarifications

Oct 15, 2024 Version 2.0 - CCPA compliance updates

Jun 1, 2024 Version 1.5 - Enhanced GDPR provisions

Jan 1, 2024 Version 1.0 - Initial policy publication

13. Contact Information

Data Protection Officer

For privacy-related questions or to exercise your rights, please contact:

Email: privacy@rubyorbit.com
Phone: +1 (888) 555-1234
Mail: RubyOrbit Privacy Team
123 Innovation Drive
San Francisco, CA 94107
United States

EU Representative:
RubyOrbit EU Data Protection
456 Tech Hub, London EC2A 4BX
United Kingdom
Email: eu-privacy@rubyorbit.com

Table of Contents