Privacy Policy

1.1 Orbis AI, LLC ("ORBIS," "we," "us") respects your privacy. This Privacy Policy explains how we collect, use, store, and protect information when you use the ORBIS platform and visit orbis.restaurant.

1.2 By using ORBIS, you consent to the practices described in this Policy. If you do not agree, do not use the Services.

2.1 Account Information. Restaurant name, contact person name, email address, WhatsApp number, preferred language, and business address. Collected during onboarding.

2.2 Financial Documents. Supplier invoices (PDF, image, or text format) received in the Gmail inbox you authorize ORBIS to monitor. These are processed by The Invoice Watchdog (Agent 02) and The Margin Machine (Agent 01) to generate P&L reports and detect invoice discrepancies.

2.3 Gmail Access. We access your designated Gmail inbox via Google OAuth 2.0 solely to monitor incoming supplier invoices. We do not read personal emails, marketing messages, or any content unrelated to restaurant financial operations. We do not store Gmail credentials - access is maintained through OAuth tokens.

2.4 Review Data. Guest reviews from Google Business Profile, Yelp, and TripAdvisor, collected by The Review Guardian (Agent 03) for sentiment analysis and response generation.

2.5 Kitchen Compliance Data. Camera frames and IoT temperature sensor data processed by The Kitchen Inspector (Agent 04). Images are analyzed in real-time and stored only when violations are detected.

2.6 Staff Interactions. Questions asked by staff via WhatsApp to The Brain (Agent 05), including query text and response. No personal staff data is collected beyond the WhatsApp number used to send the query.

2.7 Scheduling Data. Shift schedules, labor hours, and related data processed by The Shift Guardian (Agent 06).

2.8 Reservation Data. Guest name, phone number, party size, date, and time collected by The Night Hostess (Agent 07) during phone or WhatsApp reservations.

2.9 Usage Data. Technical data about how you interact with ORBIS, including timestamps of Agent interactions, WhatsApp message delivery status, and system logs.

4.1 ORBIS uses third-party AI services (Anthropic Claude API) to process your data. Your data is sent to Claude API for analysis and is subject to Anthropic's data handling policies. ORBIS does not use your data to train AI models.

4.2 AI processing occurs in real-time and on-demand. Processed outputs (P&L reports, dispute emails, review responses, compliance reports) are stored in ORBIS's database and your Google Drive.

5.1 Storage. Your data is stored in Supabase (PostgreSQL) hosted infrastructure and Google Drive. All data is encrypted in transit (TLS) and at rest.

5.2 Access Controls. Access to client data is restricted to authorized ORBIS personnel on a need-to-know basis. Each client's data is logically separated in the database.

5.3 Retention. We retain your data for the duration of your subscription and for sixty (60) days following termination. After this period, data is permanently deleted unless you request earlier deletion or data export.

6.1 We do not sell, rent, or trade your personal or business information to third parties.

6.2 We may share data with:

• Service providers who assist in delivering the ORBIS platform (Anthropic, Google Cloud, Vonage, Supabase) - only to the extent necessary to provide the Services
• Law enforcement or regulatory authorities when required by law or legal process
• In connection with a merger, acquisition, or sale of ORBIS assets, subject to confidentiality obligations

6.3 We may use anonymized, aggregated data that cannot reasonably identify you for product improvement and industry benchmarking.

7.1 Access. You may request a copy of all data ORBIS holds about your restaurant at any time.

7.2 Correction. You may request correction of inaccurate data.

7.3 Deletion. You may request deletion of your data. We will comply within thirty (30) days, except where retention is required by law.

7.4 Export. Upon termination, you may request export of all your data in standard formats (CSV, PDF, JSON).

7.5 Revoke Access. You may revoke Gmail OAuth access at any time through your Google Account settings. This will disable invoice monitoring Agents.

7.6 To exercise any of these rights, contact us at temo@orbis.restaurant.

8.1 ORBIS is designed for business use and is not directed at individuals under the age of 18. We do not knowingly collect personal information from minors.

9.1 We may update this Privacy Policy from time to time. Changes will be posted at orbis.restaurant/privacy with an updated effective date. Continued use of ORBIS after changes constitutes acceptance.

10.1 For privacy-related inquiries: temo@orbis.restaurant

10.2 Orbis AI, LLC, 41 Wilson Avenue, 3G, Newark, NJ 07105