Welcome to the Orbis browser software (hereinafter referred to as “This Software”) and related web browsing, information retrieval services (hereinafter referred to as “This Service”). This Privacy Policy (hereinafter referred to as “This Policy”) is designed to explain to you how we collect, use, store, protect, and disclose your personal data, as well as the relevant rights you enjoy as a data subject. Please carefully read and fully understand the full terms of this Policy before accessing, registering, or using this Software and these Services. Your access, registration, or use of this Software and these Services is considered as having read, understood, and agreed to accept this Policy.
Contact: If you have any questions, complaints or suggestions regarding this Policy or matters related to the processing of personal data, please contact us via the following email address: lloaganhaarris@gmail.com
1. Definition and scope
1.1 Core Definitions
- 1.1.1 Personal Data: Means any information related to an identified or identifiable natural person, subject to international data protection regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), including but not limited to your account information, browsing history, device information, cookie data, etc.
- 1.1.2 Data Controller: Means a person, corporation, or other organization that determines the purpose and manner of processing personal data. The controller of this Software and the personal data related to this Service is the operating entity of this Software (hereinafter referred to simply as “we”).
- 1.1.3 Cookie: This Software refers to a small text file that is stored locally on your device for functionality optimization, personalized services, and other purposes, helping to identify your device and record usage preferences.
- 1.1.4 Browser Fingerprint: A unique identifier generated by collecting browser configuration information about your device, such as font lists, plugin types, system versions, and so on, for device identification, security verification, and other scenarios.
- 1.1.5 Anonymized Data: Means information that, after irreversible processing, cannot be identified as a specific natural person and cannot be re-identified in a reasonable manner. Such information does not belong to personal data and is not subject to this Policy.
1.2 Applicability Scope
1.2.1 This Policy applies to all activities where we collect, use, store, protect and disclose your personal data through this Software and Services (including but not limited to the mobile, desktop, web and other versions).
1.2.2 This Policy does not apply to third-party websites, third-party services (such as third-party logins, payments, advertising services) and third-party plug-ins. The processing behavior of your personal data resulting from your use of such third-party services is carried out by the third-party in accordance with their own privacy policy, and we take no responsibility for it.
2. Scope and Purpose of Collecting Personal Data
2.1 Collecting Core Functional Related Data
- 2.1.1 Basic browsing functionality data: For basic browsing services such as web page loading and cache optimization, we may collect and store information on your device locally, such as browsing history (including web address visits, page resources), cached files, list of recently closed tabs, and download history. This information is stored locally only by default and is not actively uploaded to our servers.
- 2.1.2 Account and Cloud Sync Data: If you register and log in to your Orbis account to use the cloud sync feature, we will collect your username, email address, account password (encrypted storage) and content that needs to be synced (such as favorites, bookmarks, browser settings, saved website passwords). The purpose of the collection is to enable multi-device data syncing to ensure your account experience.
- 2.1.3 Device and Environmental Data: To ensure service stability and identify abnormal device conditions, we collect information such as your device model, operating system version, IP address, network type, system logs, browser kernel version, etc. The purpose of the collection is to optimize service suitability, troubleshoot technical issues, and prevent cybersecurity risks.
2.2 Enhancement-Related Data Collection
- 2.2.1 Cookies and Tracking Technology Data: To provide personalized recommendations, ad optimization, and other enhanced services, we may collect information about your browsing preferences, click behavior, and other information through cookies, local storage, and other technologies. You can manually manage, disable, or delete cookies through the interface of this Software Settings.
- 2.2.2 Security Protection Data: To block malicious web addresses and prevent cyber fraud, we collect the web addresses you visit (after filtering personal identification information) and submit them to the Cloud Security Engine for detection. The purpose of the collection is to identify malicious web pages and secure your browsing.
- 2.2.3 Location Information: If you use localized services such as local information, weather queries, etc., we will collect your approximate location information (based on IP address) or precise location information (based on device location functionality) after obtaining your explicit consent. The purpose of the collection is to deliver service content that meets your regional needs.
2.3 Collecting Sensitive Personal Data
2.3.1 Sensitive Personal Data includes but is not limited to your biometric information, financial information, health information, etc. We will not actively collect your sensitive Personal Data unless with your explicit consent and for the purpose of performing certain necessary functions. If collected, we will take additional encryption protection measures.
3. Usage Rules for Personal Data
3.1 Usage Principles
3.1.1 We will only use your personal data within the scope of the collection purposes stated in this Policy, following the “data minimization” principle, and not exceeding the scope of the necessary use of the data.
3.1.2 If we need to use personal data for other purposes not specified in this Policy, we will obtain your explicit consent in advance.
3.2 Specific Use Cases
- 3.2.1 Provides and optimizes this service, including the implementation and iteration of core functions such as basic browsing, data synchronization, and security protection.
- 3.2.2 Ensure account security, identify and prevent account theft, fraud, and other risks, and alert early to unusual login behavior.
- 3.2.3 Push personalized content, including information recommendations based on browsing preferences and feature optimization recommendations that align with usage habits.
- 3.2.4 Implement service quality assessment and improvement to optimize product performance and improve user experience by analyzing anonymized usage data.
3.3 Legitimate basis for data usage
3.3.1 Based on Your Consent: For the use of enhancement-related data such as cookie data, location information, etc., based on your explicit consent.
3.3.2 For fulfilling contractual obligations: To achieve core functions such as account services, data synchronization, etc., based on fulfilling service contractual obligations with you.
3.3.3 Based on Legitimate Interests: To ensure service security, optimize service quality, etc., based on our legitimate interests, and such interests do not supersede your basic rights.
3.3.4 Compliance with laws and regulations: To comply with applicable international conventions, legal and regulatory requirements in the country or region of residence.
4. Storage and protection of personal data
4.1 Storage Period
- 4.1.1 We will store your personal data for the minimum period necessary to fulfill the processing purposes of this Policy agreement. After the storage period is exceeded, we will securely delete your personal data or anonymize it for processing.
- 4.1.2 Specific Storage Term Agreements: Account data is stored for the lifetime of your account and deleted within 90 days after signing out of the account; Local browsing data is retained for a period under your control; Security Detection related data is retained for no more than 30 days; with legal and regulatory exceptions.
4.2 Location of Storage
4.2.1 We store your personal data on servers that comply with international data protection standards, located in the same legal data center where you use this service, and ensure that the storage of the data complies with local law and regulatory requirements. If the data needs to be transferred to other countries or regions, we will ensure that the relevant compliance requirements for cross-border data transfer are met, and take security measures such as encrypted transfer.
4.3 Security Measures
- 4.3.1 Technical Protection: Use of technical measures such as transmission encryption (HTTPS), storage encryption (AES-256), access permissions control, and regular security scanning to prevent unauthorized access, disclosure, tampering, or damage to personal data.
- 4.3.2 Management Standards: Establish strict personal data processing processes, limit data access permissions, only authorize necessary personnel to access relevant data when performing their job responsibilities, and require them to comply with strict confidentiality obligations; conduct regular training on employee data protection.
- 4.3.3 Emergency Response: Establish an emergency plan for data security incidents. If a security incident such as a personal data leak occurs, we will immediately take corrective measures and promptly notify you and the relevant regulatory bodies as required by relevant laws and regulations.
5. Sharing, transfer and disclosure of personal data
5.1 Data Sharing
5.1.1 We will not share your personal data with any third party unless otherwise required by law and regulation or with your explicit consent.
5.1.2 To provide necessary technical support, security testing, and other services, we may share necessary personal data with third-party service providers (such as cloud service providers, security testing agencies), but we will sign strict confidentiality agreements with third parties, require them to use the data only within the agreed limits, and monitor their data processing behavior.
5.2 Data Transfer
5.2.1 We will not transfer your personal data to any third party without your explicit consent.
5.2.2 If the transfer of personal data is necessary due to business mergers, acquisitions, bankruptcy liquidations, etc., we will notify you in advance and ensure that the beneficiary continues to comply with the relevant provisions of this Policy, ensuring that your personal data rights are not compromised.
5.3 Data Disclosure
5.3.1 We only disclose your personal data in the following circumstances: (1) to comply with applicable laws and regulations, judicial rulings or administrative orders; (2) to protect our legitimate interests and yours or other third parties; and (3) to respond to public safety, public interest-related emergencies.
6. Rights of Data Subjects
6.1 Core Rights Content
- 6.1.1 Access rights: You have the right to request us to provide information related to the processing of your personal data, including the types of personal data, sources, purposes of processing, methods of processing, recipients of sharing, etc.
- 6.1.2 Correction Right: You have the right to request us to correct or supplement your inaccurate or incomplete personal data.
- 6.1.3 Right to delete (right to be forgotten): In certain circumstances (e.g., processing purposes have been achieved, you withdraw your consent, service termination, etc.), you have the right to request us to delete your personal data.
- 6.1.4 Data Portability Rights: You have the right to request that we provide your personal data in a structured, commonly used and machine-readable format, and the right to transfer such data to other data controllers.
- 6.1.5 Revocation of Consent: You have the right to revoke your consent to the processing of personal data at any time. The revocation of consent can be completed through the convenient options in the settings interface of this Software or by contacting our Customer Service email address, without affecting the legitimate data processing conducted based on consent prior to the revocation.
- 6.1.6 Limiting processing rights: In certain circumstances (e.g., if you object to the accuracy of the data, there is a dispute about the legality of the data processing behavior, etc.), you have the right to request us to limit the processing of your personal data.
6.2 Ways of exercising your rights
6.2.1 You can submit requests to exercise your rights to us through the relevant functional modules within this Software (such as “Account Settings - Privacy Management”) or through the contact email provided in this Policy. We will respond within the legal and regulatory limits and notify you of the processing results.
6.2.2 If you are not satisfied with the results of our response, you have the right to lodge a complaint with the relevant data protection regulator in your locality.
7. Data Protection for Minors
7.1.1 We do not actively collect personal data from minors under the age of 18 or the minimum age of use stipulated in the country/region of residence. If a minor uses this Service and submits personal data without parental or legal guardian‘s permission, their parents or legal guardians have the right to contact us to request the deletion of the relevant data.
7.1.2 For minors who have parental or legal guardian‘s permission to use this Service, we will take additional security measures to strictly limit the scope of the collection and use of personal data, and only process the relevant data within the necessary scope to ensure the security of the minors‘ personal data.
8. Special Agreement on Cookies and Related Tracking Technologies
8.1 Types and Uses of Cookies
- 8.1.1 Required Cookies: These cookies are used to ensure the proper operation of basic functions of this Software (such as maintaining login status, optimizing page loading), and cannot be disabled. Disabling them may result in the inability to use some core functions.
- 8.1.2 Functional Cookies: Used to enable personalization settings, data synchronization, and other enhanced features (such as favorite folder memory, browsing preference history), you can freely choose whether to enable them.
- 8.1.3 Analytics and Advertising Cookies: Used for service quality analysis, ad accuracy push, you can freely choose whether to enable or not.
8.2 How to Manage Cookies
8.2.1 You can view, enable, disable or delete various types of cookies through the “Settings-Privacy and Security-Cookie Management” interface of this Software. Some browser functionality may be affected by disabling cookies.
8.2.2 When you first use this Software, we will notify you through a pop-up window about the use of cookies and how to manage them, obtaining your explicit consent before enabling unnecessary cookies.
9. Notes on Third-Party Services
9.1.1 This Software may contain links to third-party websites or integrate third-party functions (such as third-party login, payments, advertising, map services), and third-party services may collect your personal data through this Software.
9.1.2 The processing of personal data by third-party services is not our concern and we take no responsibility for it. We recommend that you carefully read the third-party privacy policy before using third-party services to understand their data processing rules.
10. Policy Updates and Notifications
10.1 Policy Updates
10.1.1 We have the right to update this Policy in accordance with changes in laws and regulations, business development needs, technological upgrades, etc. The updated Policy will be published in prominent locations in this Software, including but not limited to in-Software pop-ups, bulletin board posts, etc.
10.1.2 In the event of significant changes to this Policy (such as significant adjustments to the purpose, scope, and manner of processing personal data), we will notify you in a more significant manner (such as by sending you separate email notifications) that your continued use of this Service signifies your consent to the updated Policy.
10.2 Notification Methods
10.2.1 The various notifications we send to you related to this Policy can be delivered through in-software messages, email, notices, etc., and notifications are considered delivered from the date of issuance.
11. Dispute Resolution and Applicable Law
11.1 Applicable Law
11.1.1 The establishment, execution, interpretation and dispute resolution of this Policy are governed by the principles of international civil business law and by the laws and regulations in force in the country where you are using the Services (without conflict).
11.2 Dispute Resolution
11.2.1 Any disputes arising from or related to this Policy should first be resolved through friendly negotiation; if negotiation fails, either party has the right to file a lawsuit in the courts with jurisdiction where the entity operating this Software resides.
12. Other Terms
12.1 Divisibility
12.1.1 If any provision of this Policy is deemed to be invalid, unenforceable, or void of legal force, this does not affect the validity, enforceability, and legal force of the other provisions.