Trust & Security
Security and privacy, explained plainly.
An overview of the controls and practices behind Orbit. This page is maintained by Orbit (a product of Innovide LLC) to answer common security and privacy questions — it is editable content, not an independent certification.
Access & authentication
- Accounts sign in with email/password or Google single sign-on.
- Optional SAML SSO and role-based access are available for teams.
- Data is scoped per organization, and members only see the workspaces they belong to.
Hosting & platform
- The application is built and hosted on the Lovable platform with a managed cloud backend.
- Traffic is served over encrypted HTTPS connections.
- Database access is governed by row-level security policies that enforce per-organization isolation.
Data we collect & how it's used
- We store the websites and competitors you choose to monitor, the scan results we generate, and your account profile.
- This data is used to produce your reports, comparisons, and historical intelligence — not sold to third parties.
Subprocessors & integrations
- We use trusted third-party services to run the product, including our cloud backend and AI providers that generate insights.
- Website performance is measured using public web performance APIs.
- Integrations such as alerting connect only when you enable them.
Cookies & analytics
- We use cookies and local storage to keep you signed in and to remember your preferences.
- Any product analytics are used to understand usage and improve the service.
Retention & deletion
- Scan history is retained so you can track changes over time.
- You can remove monitored sites and competitors from your account at any time.
- Contact us to request deletion of your account data.
Privacy requests
- You can request access to, correction of, or deletion of your personal data.
- Reach out using the contact details below and we'll respond.
Reporting a vulnerability
- If you believe you've found a security issue, please report it to us privately so we can investigate.
- We appreciate responsible disclosure and will work with you on a resolution.
Security & privacy contact
Have a question or concern?
For security reports, privacy requests, or any question about how your data is handled, reach the team at security@innovide.io.
Security is a shared responsibility: the Lovable platform provides hosting and infrastructure capabilities, Orbit configures and operates the application, and customers are responsible for safeguarding their own account credentials. This page describes current practices and is updated as the product evolves.