Legal

Privacy Policy

Last updated: January 1, 2026

Orvlin, Inc. (“Orvlin”, “we”) respects your privacy. This policy explains what we collect and how we use it.

Information we collect

We collect account information (name, email, company), billing and usage data required to operate the service, and technical logs such as IP address and device information. We do not sell personal data.

How we use information

We use data to provide and secure the service, process payments, send transactional notifications, and improve Orvlin. Aggregated, anonymized data may be used for product analytics.

Data retention

Billing records are retained as required for financial and tax compliance (typically 7 years). Account data is deleted upon verified request within 30 days, subject to legal holds.

Subprocessors

We use vetted subprocessors for email delivery, infrastructure, and payments. A current list is available on request and disclosed for material changes.

Security

Data is encrypted in transit (TLS 1.2+) and at rest (AES-256). We maintain SOC 2 Type II controls and follow least-privilege access principles.

Your rights

Depending on your jurisdiction, you may access, correct, export, or delete your personal data, and object to certain processing. Contact privacy@orvlin.com to exercise these rights.

Contact

Questions about this policy? Email privacy@orvlin.com or write to Orvlin, Inc., 548 Market St, San Francisco, CA.

Questions about your data?

We’re happy to help.