Privacy Policy
Last updated: March 2026
1. Who we are
Orqira is operated by Orqira. We provide a hosted automation control plane that helps software teams orchestrate AI-assisted project work. This policy explains what personal data we collect, how we use it, and who we share it with.
Questions? Email us at privacy@orqira.ai.
2. What data we collect
- Account data — your name and email address when you register.
- Billing data — payment method details are collected and stored by Stripe. We receive only a token, last-four digits, and billing status from Stripe. We never store raw card numbers.
- Usage logs — when you use Orqira, we record actions such as workspace creation, project runs started or stopped, and seat lease activity.
- Audit events — security-relevant events including login attempts, session creation, device authorisations, and billing changes are logged for operational safety.
- Session data — short-lived session tokens are stored server-side via Upstash to maintain your authenticated state across the web app and desktop client.
3. How we use your data
- Authentication — to verify your identity and maintain your session on the web and desktop.
- Billing — to process seat subscription payments and manage your customer portal access via Stripe.
- Product operation — to deliver orchestration runs, enforce active-seat limits, and provide access to workspace resources.
- Support — to diagnose reported issues using logs and audit events.
- Service communications — to send transactional emails (account confirmation, billing receipts, password reset) via Resend.
We do not sell your data. We do not use your data for advertising.
4. Data retention
- Session data — active session tokens expire after a short idle period. Tokens are invalidated on sign-out or device deauthorisation.
- Audit logs — retained for a minimum of 90 days for operational security purposes.
- Account data — retained for the life of your account. On account deletion, personal data is removed within 30 days except where retention is required for billing records.
5. Third-party processors
We share data with the following sub-processors to operate the service:
| Processor | Purpose | Data shared |
|---|---|---|
| Stripe | Payment processing and billing management | Email, name, payment method |
| Resend | Transactional email delivery | Email address, name |
| Vercel | Web application hosting and CDN | Request data, IP address |
| Neon | Hosted PostgreSQL database | All application data |
| Upstash | Session caching (Redis) | Session tokens, user ID |
6. Cookies and local storage
We use essential cookies and browser local storage only for authentication and session management. We do not use tracking cookies, advertising cookies, or third-party analytics cookies.
7. Your rights
Depending on your jurisdiction, you may have the right to access, correct, or delete personal data we hold about you. Contact privacy@orqira.ai. We will respond within 30 days.
8. Changes to this policy
We may update this policy as the product evolves. Material changes will be communicated by email or via an in-app notice before they take effect.