Legal

Privacy Policy

Last updated: June 2026

This policy explains how Palladium Innovations (“we”, “our”, “Orbilex”) collects, uses, and protects information when you use the Orbilex platform. If you have questions, email legal@orbilex.io.

1. Information we collect

Account data. When you create an Orbilex account we collect your name, email address, and company name. This is required to provide the service.

Usage data. We log actions you take within the platform (provisioning events, billing operations, ticket updates) in an immutable audit trail. This data is stored on infrastructure you control and is never accessed by us without explicit support consent.

Payment data. We do not store card numbers or bank account details. Payment processing is handled by your chosen gateway (Stripe, Paystack, Flutterwave, or PayPal) under their respective privacy policies.

Technical data. We collect IP addresses, browser type, and access timestamps in server logs for security and abuse-prevention purposes. Logs are retained for 90 days.

2. How we use your information

We use the information we collect to:

  • Operate and maintain the Orbilex platform
  • Send transactional emails (password resets, license renewal reminders, invoice receipts)
  • Respond to support requests
  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations

We do not sell, rent, or share your personal data with third parties for marketing purposes.

3. Data storage and transfer

Orbilex is a self-hosted platform. Your data resides on infrastructure you provision and control. We do not store client or end-user data on Palladium Innovations servers unless you are using a managed hosting arrangement explicitly agreed in writing.

If you use our cloud-hosted option, data is stored in the EU (Frankfurt) region by default. You may request a different region at the time of account creation.

4. Data retention

Account data is retained for the duration of your subscription and for 30 days after cancellation, during which you may export your data. After 30 days, account data is permanently deleted. Audit logs follow the retention policy you configure in the platform (default: 12 months).

5. Your rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or export personal data we hold about you. To exercise these rights, email legal@orbilex.io and we will respond within 30 days.

EU and UK residents have additional rights under GDPR and UK GDPR, including the right to lodge a complaint with a supervisory authority.

6. Security

We implement industry-standard technical and organisational measures including TLS in transit, AES-256 at rest, ECDSA-signed licensing, and role-based access controls. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security.

To report a security vulnerability, see our Security Policy.

7. Cookies

We use strictly necessary cookies to maintain session state. We do not use advertising or tracking cookies. For details, see our Cookie Policy.

8. Changes to this policy

We may update this policy from time to time. We will notify you by email and by posting a prominent notice in the platform at least 14 days before material changes take effect. Continued use of the platform after that date constitutes acceptance of the updated policy.

9. Contact

Palladium Innovations
For privacy matters: legal@orbilex.io

Terms of Service·Security Policy·Cookie Policy