Privacy Policy

This Privacy Policy explains how Orbital Softworks Pte. Ltd. (“Orbital Softworks”, “we”, “us”, or “our”) collects, uses, stores, and protects your information when you use Qlarity.

1. Information we collect

We may collect the following categories of information:

• account information, such as your email address and basic profile details,
• reflection and wiring inputs you submit into Qlarity,
• generated outputs, reports, saved reflection history, and report snapshot metadata,
• subscription and billing status information from our payment provider,
• support and bug report information you choose to submit,
• product analytics information, such as page path, product action, setup stage reached, domain or pricing intent, validation or error state, browser session identifiers, anonymous browser identifiers, and account user ID when signed in, and
• limited technical information needed to operate, secure, and improve the platform.

2. How we use your information

We use information you provide to:

• create and maintain your account,
• generate your reports and reflection outputs,
• save your progress, history, and preferences,
• manage subscriptions and access entitlements,
• respond to bug reports and support requests,
• handle account lifecycle and privacy operations,
• understand product usage, setup progression, points of friction, pricing intent, and feature usefulness,
• improve product reliability and security, and
• communicate service-related updates where necessary.

3. How your data is handled

Qlarity is designed to use your submitted information to generate structured outputs for your own use inside the product. We do not treat your personal reflection data as something to sell onward to third parties.

Generated reports and saved reflection outputs are private user artifacts. They are accessed through app-controlled routes and ownership checks rather than public storage links.

Qlarity separates direct identifiers, sensitive user-submitted reflection data, generated personal artifacts, operational metadata, and analytics metadata in its implementation rules. Some of these data classes remain connected inside Qlarity where that connection is needed to provide the service, enforce ownership, support account lifecycle operations, or generate user-requested outputs.

4. AI providers and generated outputs

Qlarity uses AI model providers to generate and support some outputs, including Inner Map, Life Compass insights, Summary, and report-related content. This may involve sending relevant user-provided inputs, profile context, reflection answers, wiring information, and saved Qlarity artifacts to an AI provider when needed for the requested generation task.

Qlarity currently uses OpenAI for AI-assisted generation. Qlarity may use additional or alternative AI model providers in the future.

Qlarity aims to minimize what is sent to AI providers. Qlarity does not intentionally send full payment card details, raw billing identifiers, authentication identifiers, service credentials, or unrelated support records to AI providers for ordinary generation tasks.

AI-generated outputs may be inaccurate, incomplete, or unsuitable for your circumstances. They should not be treated as medical, mental health, legal, financial, professional, or crisis support.

5. Payments and billing providers

Paid subscriptions are processed through Stripe. We do not store your full payment card details on Qlarity servers. Billing providers may process your payment information according to their own terms and privacy practices.

If an account is finalized for anonymization, Qlarity may cancel the associated Stripe subscription where subscription information is available.

6. Authentication, hosting, storage, and service providers

Qlarity uses third-party infrastructure and service providers to support authentication, database storage, object storage, application hosting and rendering, analytics, AI-assisted generation, billing, and transactional email delivery. Those providers process data only as needed to operate and support the service.

Qlarity uses Supabase for authentication, database, and storage infrastructure; Vercel for application hosting, rendering, and analytics; OpenAI or other AI model providers for AI-assisted generation; Stripe for subscription billing; and Resend for transactional email delivery.

Qlarity stores application data using Supabase and hosts/renders the application using Vercel. These providers may process and store data in regions determined by their infrastructure, configuration, and service terms. If an account is finalized for anonymization, Qlarity deletes the associated Supabase Auth user where the authentication record is available.

7. Cookies, browser storage, and analytics

Qlarity uses cookies and similar browser storage technologies to operate the service, maintain authentication sessions, protect accounts, remember temporary product state, and understand how visitors and users move through the product.

Some storage is necessary for Qlarity to function, such as authentication and session cookies used for login and protected app access.

Qlarity may also use analytics-related browser storage, such as sessionStorage or localStorage, to understand product usage, returning anonymous visits, setup progression, feature interest, and points of friction. For example, Qlarity may use a temporary browser session identifier to understand how far a visitor progressed through setup, and may use a longer-lived anonymous browser identifier to recognize returning visits from the same browser.

Qlarity may collect product analytics events such as page path, event name, product action, setup stage reached, validation or error state, pricing or domain intent, browser session identifier, anonymous browser identifier, hashed email identifier after a user provides an email address, and account user ID when signed in.

Qlarity does not use analytics to sell personal data, build advertising profiles, or secretly fingerprint users. Qlarity does not attempt to identify the same person across different devices unless the user provides the same email address, signs into the same account, or otherwise uses an account-linked flow.

8. Data retention

We retain your account data, saved reports, and reflection history for as long as needed to provide the service, comply with legal obligations, resolve disputes, enforce our terms, and operate the platform safely.

Saved Qlarity Report PDFs and report snapshot records are retained while your account remains active. During final account anonymization, Qlarity removes report snapshot records and removes associated report PDF storage objects where storage cleanup can be completed.

Bug reports are operational support records. If your account is anonymized, bug reports linked to your account are retained only as operational records and are detached from your user identity and email address.

9. Account deletion and anonymization

You may request account deletion from your account settings. When you request deletion, Qlarity marks the account as deletion requested and pauses protected app access immediately.

Qlarity provides a 7-day cancellation window. During that window, you may cancel the deletion request from the account-unavailable page while signed in.

If the request is not canceled, final anonymization is handled as an operational step. Final anonymization removes or detaches product data, clears identifying account fields, deletes the authentication user where available, removes Qlarity Report storage objects where available, and keeps only an anonymized user tombstone and lifecycle audit records.

Some information may remain where needed for legal, security, billing, dispute, audit, or operational support reasons.

10. Data security

We use reasonable technical and organizational safeguards to protect your information. These include server-side ownership checks, account-status enforcement, private report access through app-controlled routes, time-limited signed report URLs, minimized analytics metadata, and operational rules that avoid placing raw reflection answers, generated prose, full reports, unnecessary identifiers, or service credentials into analytics, logs, or admin alerts.

However, no system can guarantee absolute security, and you use the service with that understanding.

11. Your choices

You can choose what information you provide to Qlarity, though some features depend on having enough information to function properly.

You may request account deletion from account settings. If the request was accidental, you may cancel it during the 7-day cancellation window shown on the account-unavailable page.

If you stop using the service without requesting deletion, some retained data may remain for operational, legal, or security reasons.

12. Children’s privacy

Qlarity is not intended for children without appropriate parental or guardian oversight where required by law.

13. Policy changes

We may update this Privacy Policy from time to time. When we do, we will update the “Last updated” date on this page. Continued use of Qlarity after changes take effect means you accept the revised policy.

14. Related terms

Your use of Qlarity is also subject to our Terms of Service.

Read them here: Terms of Service

15. Contact

If you have questions about this Privacy Policy or want to make a privacy or data protection request, use the privacy request form.