Privacy Policy
Last updated: April 2026
1. Information We Collect
Account Information: When you create an account, we collect your name, email address, and organization details. Authentication is managed through Clerk, our identity provider, which may also collect device and session information.
Profile Information: You may optionally provide a bio, job title, timezone, LinkedIn URL, and phone number on your profile page.
Mission Data: When you create or participate in missions, we collect mission specifications (payload type, orbit, mass, launch window, special requirements, launch region preference, budget range), comments, file uploads, and activity logs.
Messaging: Direct messages between users and mission conversation messages are stored on our servers.
Usage Data: We collect standard web analytics including page views, feature usage, and error logs to improve the Service.
2. How We Use Your Information
- To provide and operate the OrbitalMatch platform
- To facilitate collaboration between mission participants
- To match missions with compatible launch providers
- To send notifications (in-app, email) about mission activity, invitations, and messages
- To improve the Service based on usage patterns
- To communicate with you about your account and the Service
3. Third-Party Services
We use the following third-party services to operate OrbitalMatch:
| Service | Purpose | Data Shared |
|---|---|---|
| Clerk | Authentication & identity | Name, email, session data |
| Neon | Database hosting | All application data (encrypted at rest) |
| Vercel | Application hosting & CDN | Application code, static assets |
| Vercel Blob | File storage | Uploaded mission files |
| Resend | Transactional email | Recipient email, email content |
| Anthropic (Claude API) | Match+ provider analysis | Anonymized mission specs only (no PII) |
| The Space Devs API | Launch schedule data | No user data shared (read-only public API) |
4. Data Security
We implement industry-standard security measures including:
- HTTPS/TLS encryption for all data in transit
- Database encryption at rest via Neon
- Content Security Policy and HTTP security headers
- Rate limiting on sensitive API endpoints
- Session management via Clerk with MFA support
- Access controls ensuring users can only view data for missions they participate in
5. Data Retention
Account data is retained as long as your account is active. When you delete your account, your personal data is soft-deleted and your content in shared missions is anonymized. Mission data (comments, files, activity) may be retained to support other participants' access to shared missions.
6. Your Rights
You have the right to:
- Access your personal data (available on your Profile page)
- Correct inaccurate data (editable on your Profile page)
- Delete your account and associated personal data
- Export your data (contact support@orbitalmatch.com)
- Opt out of non-essential notifications (Notification Preferences on your Profile page)
7. Cookies
OrbitalMatch uses essential cookies for authentication (managed by Clerk) and localStorage for user preferences (timezone settings, dashboard view preferences, notification state). We do not use tracking cookies or third-party advertising cookies.
8. Children's Privacy
OrbitalMatch is a professional B2B platform and is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from minors.
9. International Data
OrbitalMatch is hosted in the United States. If you access the Service from outside the United States, your data may be transferred to and processed in the United States.
10. Changes to This Policy
We will notify registered users of material changes to this Privacy Policy via email or in-app notification. The “Last updated” date at the top indicates when changes were last made.
11. Contact
For privacy-related inquiries, contact us at privacy@orbitalmatch.com
For general support, contact support@orbitalmatch.com