Privacy Policy

Last updated: February 19, 2026

Overview

Orbit (“the Extension”) is a browser extension that provides AI-powered growth coaching for X (Twitter). This privacy policy explains what data we collect, how we use it, and how we protect it.

Data We Collect

Account Information

  • Firebase Authentication ID: Used to identify your account and secure API requests.
  • X/Twitter Profile: Username, display name, profile image, follower/following counts, and tweet count — collected when you connect your X account via OAuth.

Usage Data

  • Growth metrics: Reply counts, engagement rates, and growth scores computed from your public X/Twitter activity.
  • Coaching data: AI-generated missions, signals, and insights based on your public posting activity.
  • User preferences: Niche, tone, persona settings, and growth stage stored locally in your browser.

Content Data

  • Tweet content: The Extension reads publicly visible tweets on x.com to generate reply suggestions and compose drafts. Tweet content is sent to our backend API for AI processing and is not permanently stored.

How We Use Your Data

  • To provide personalized growth coaching and actionable missions.
  • To generate AI-powered reply suggestions and tweet drafts.
  • To compute growth scores and track your progress over time.
  • To authenticate your identity and secure API requests.

Data Storage

  • Local storage: User preferences and cached coaching data are stored locally in your browser using Chrome's storage API.
  • Server storage: Account information and growth metrics are stored in our backend database (AWS DynamoDB) and associated with your Firebase user ID.
  • AI processing: Tweet content is sent to our backend for AI processing via Amazon Bedrock. Content is processed in real-time and not retained after generating responses.

Data Sharing

We do not sell, trade, or transfer your personal data to third parties. Your data is only shared with:

  • Amazon Web Services (AWS): Our backend infrastructure provider, for hosting and AI model inference.
  • Firebase (Google): For authentication services.
  • X/Twitter API: To fetch your public profile and tweet data with your authorization.

Data Retention

  • Account data is retained while your account is active.
  • Coaching cache data expires automatically (within 20 hours).
  • You can delete your account and all associated data by contacting us.

Security

  • All communication between the Extension and our backend is encrypted via HTTPS/TLS.
  • Authentication is handled via Firebase with secure token verification.
  • Backend infrastructure runs on AWS with IAM role-based access controls.

Your Rights

  • You can disconnect your X account at any time from within the Extension.
  • You can uninstall the Extension to remove all locally stored data.
  • You can request deletion of your server-side data by contacting us.

Changes to This Policy

We may update this privacy policy from time to time. Changes will be reflected in the “Last updated” date above.

Contact

For questions or data deletion requests, contact: hello@useorbit.sh