Privacy Policy

This document governs the collection, processing, and protection of personal data
by Data Orbis AI and constitutes a legally binding agreement upon access to our services.

📅 Effective Date: April 13, 2026📅 Last Updated: April 13, 2026🌎 Governing Law: Brazil (LGPD)

Table of Contents

  1. Scope and Acceptance
  2. Legal Framework
  3. Data Controller
  4. Data We Collect
  5. Legal Basis for Processing
  6. Purposes of Processing
  7. AI and Automated Processing
  8. Data Retention (Minimum Necessary)
  9. Data Sharing and Third Parties
  10. Your Rights as a Data Subject
  11. Cookies and Tracking
  12. International Data Transfers
  13. Data Security
  14. Disclaimer of Warranties
  15. Limitation of Liability (Zero)
  16. Indemnification
  17. Consulting Client Liability
  18. Children's Privacy
  19. Marketing Communications
  20. Third-Party Links
  21. Force Majeure
  22. Changes to This Policy
  23. Dispute Resolution and Arbitration
  24. Governing Law and Jurisdiction
  25. Severability and Entire Agreement
  26. Supervisory Authorities
  27. Contact

1 Scope and Acceptance

This Privacy Policy ("Policy") is a legally binding document governing the collection, use, storage, disclosure, and deletion of personal data by Data Orbis AI ("Data Orbis AI," "we," "us," "our") in connection with its website, digital platforms, and AI and Data Consulting services.

⚠ Binding AgreementBy accessing our website, submitting any form, engaging our services, or communicating with us in any capacity, you unconditionally and irrevocably accept this Policy in its entirety. If you do not agree with any provision of this Policy, you must immediately cease all use of our website and services and refrain from any further engagement with Data Orbis AI.

This Policy applies to:

  • All visitors to our website and digital properties, regardless of location
  • Prospective, current, and former clients and their authorized representatives
  • Individuals whose data is processed within the scope of a consulting engagement
  • Job applicants, freelancers, contractors, and business partners
  • Any third party who communicates with Data Orbis AI by any means
📋 Consulting Engagement NoticeWhere Data Orbis AI processes personal data as a data processor on behalf of a client organization under a signed Statement of Work, Engagement Letter, or Data Processing Agreement (DPA), that contractual documentation governs that specific processing. This Policy supplements, but does not supersede, those contractual terms. The client organization, as data controller, bears primary legal responsibility for the lawfulness of that data processing.

2 Legal Framework

Data Orbis AI operates in compliance with applicable data protection legislation. Our primary compliance frameworks include:

  • LGPD — Lei Geral de Proteção de Dados, Federal Law No. 13,709/2018 (Brazil) — primary governing law
  • Marco Civil da Internet — Federal Law No. 12,965/2014 (Brazil)
  • GDPR — General Data Protection Regulation (EU) 2016/679, applied where EU data subjects are involved
  • CCPA/CPRA — California Consumer Privacy Act and Privacy Rights Act, applied where California residents are involved
  • Any other applicable national or regional data protection legislation in jurisdictions from which our services are accessed

Compliance with this Policy does not constitute legal advice, and nothing herein creates an attorney-client relationship. References to legal frameworks are informational only and may change without notice as laws are amended or new regulations are enacted.

3 Data Controller

Data Orbis AI is the data controller for personal data collected through its website and general business activities. For consulting engagements where we act as a data processor, the client is the data controller.

FieldDetails
Company NameData Orbis AI
CountryBrazil
Privacy Emailhello@orbisdata.ai
Response TimeUp to 15 business days from verified receipt

4 Data We Collect

We apply strict data minimization. We collect only what is adequate, relevant, and objectively necessary for defined purposes.

Data You Provide Directly

  • Identity and contact details: name, professional email, phone number, company name, job title
  • Communication content: messages, inquiries, feedback submitted through forms or email
  • Business and contractual data: proposal requests, signed agreements, payment details processed by third-party payment providers (we do not store raw payment card data)
  • Credentials: username and password, stored in hashed and salted form

Data Collected Automatically

  • Technical identifiers: IP address, browser type, operating system, device type
  • Usage data: pages visited, session duration, click paths, referral source
  • Access logs: as mandated by Brazil's Marco Civil da Internet (Article 15), retained for the statutory minimum period only

Sensitive Personal Data

✅ Our Policy on Sensitive DataData Orbis AI does not intentionally collect, solicit, or process sensitive personal data as defined under LGPD Article 11 (including health, biometric, racial, ethnic, religious, political, or sexual orientation data). If you voluntarily disclose such data, you explicitly consent to its processing solely for the purpose of responding to your inquiry. Data Orbis AI expressly disclaims any liability arising from sensitive data voluntarily submitted by a data subject.

5 Legal Basis for Processing

Every data processing activity conducted by Data Orbis AI is grounded in one or more valid legal bases under LGPD Article 7 and, where applicable, GDPR Article 6.

Processing ActivityLegal Basis
Delivering consulting servicesContract performance
Responding to inquiries and proposalsLegitimate interest / Contract
Marketing communicationsExplicit prior consent only
Website analytics and optimizationLegitimate interest
Fraud prevention and information securityLegitimate interest / Legal obligation
Payment processingContract performance
Legal and regulatory complianceLegal obligation
AI methodology improvement (anonymized data only)Legitimate interest
Recruiting and talent evaluationLegitimate interest / Consent

Where consent is the legal basis, you may withdraw it at any time without retroactive effect. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

6 Purposes of Processing

Personal data is processed exclusively for the following defined and documented purposes:

  • Operating, maintaining, and improving our website, tools, and consulting services
  • Preparing, delivering, managing, and closing client consulting engagements
  • Responding to business inquiries, RFPs, and service requests
  • Processing invoices, payments, and maintaining financial records as required by law
  • Sending marketing and thought leadership content (exclusively on an opt-in, consent basis)
  • Conducting benchmarking and research using strictly anonymized or aggregated data
  • Ensuring cybersecurity, access control, fraud detection, and business continuity
  • Complying with legal obligations and responding to lawful governmental requests
  • Recruiting and onboarding personnel, contractors, and partners

Data Orbis AI will not use personal data for any purpose incompatible with those stated above without prior notification and, where required by law, explicit written consent.

7 AI and Automated Processing

As an AI and Data Consulting firm, Data Orbis AI maintains the following binding commitments regarding artificial intelligence and automated processing:

  • No training on client personal data: Data Orbis AI does not use personal data provided by or about clients to train, fine-tune, or validate any AI or machine learning model without explicit written authorization in a signed agreement.
  • Disclosure of AI tools: Where AI-powered tools are deployed within a consulting engagement, this is disclosed in the applicable Statement of Work or engagement documentation.
  • Anonymization-first approach: Internal AI methodology development uses only anonymized, aggregated, or synthetically generated data. Once data is de-identified, it is no longer considered personal data and is outside the scope of this Policy.
  • Re-identification prohibition: Data Orbis AI will not attempt to re-identify any de-identified dataset. Any third-party recipient of de-identified data is contractually prohibited from re-identification.
  • No fully automated consequential decisions: No decision producing legal or similarly significant effects on a data subject will be made by automated means alone without human oversight and, where required, explicit consent.
  • AI Privacy Impact Assessments: Data Orbis AI conducts internal AI PIAs for new tools or algorithms deployed in client-facing or data-intensive contexts.
⚠ Liability Disclaimer for AI OutputsAI and machine learning outputs, recommendations, and models produced by Data Orbis AI are advisory in nature. Data Orbis AI expressly disclaims all liability for decisions made by clients, third parties, or any person in reliance on AI outputs, predictive models, or analytical deliverables produced as part of any engagement. All such outputs are provided "as is" without warranty of accuracy, fitness for purpose, or fitness for any specific use case.

8 Data Retention (Minimum Necessary)

Data Orbis AI applies a minimum necessary retention policy. Personal data is deleted or irreversibly anonymized as soon as the purpose for which it was collected has been fulfilled, unless a specific and documented legal obligation mandates continued retention. Indefinite retention violates the necessity principle under LGPD Article 6 and is expressly prohibited in our internal data management procedures.

✅ Our Default: Delete Upon Purpose CompletionOur default position is that personal data is deleted upon completion of the purpose. The retention periods below represent the outer legal limits, not operational targets. In practice, data is purged as soon as business necessity no longer applies.
Data CategoryMaximum RetentionLegal Basis for Retention
Website server access logs and IP addresses6 monthsMarco Civil da Internet, Art. 15
General business correspondence and inquiries90 days after closure of inquiryOperational necessity; deleted upon completion
Client engagement and project deliverablesDuration of engagement + 30 daysContract; deleted upon final delivery and acceptance
Financial and invoice records5 yearsBrazilian tax law (Lei No. 9.430/1996)
Signed contracts and legal documents5 years from contract endBrazilian Civil Code, Art. 206
Data security incident registry5 yearsANPD guidance, LGPD Art. 48
Marketing consent recordsUntil withdrawal of consent + 1 yearLGPD Art. 8; evidence of consent
Job applicant data (unsuccessful applicants)90 days unless extended consent grantedLegitimate interest; deleted by default after 90 days
Anonymized and aggregated analytics dataNo limit (no longer personal data)Not subject to LGPD once fully anonymized

Where no mandatory legal retention period applies, Data Orbis AI's default action is immediate deletion or anonymization upon completion of purpose. We do not retain data "just in case." Upon expiration of any retention period, data is securely deleted using industry-standard data destruction methods or irreversibly anonymized.

You may request confirmation of the retention period applicable to your data by contacting hello@orbisdata.ai.

9 Data Sharing and Third Parties

✅ No Sale of Personal DataData Orbis AI does not sell, rent, lease, auction, barter, or otherwise transfer personal data to any third party for commercial gain under any circumstances, with no exceptions.

Personal data may be shared only in the following strictly defined circumstances:

  • Service Providers (Sub-processors): Vendors providing infrastructure services (hosting, email delivery, analytics, payment processing) operating under signed Data Processing Agreements that impose data protection obligations at least equivalent to this Policy. Sub-processors are permitted to process data only for the documented, limited purpose specified in their agreement.
  • Client Organizations: Where Data Orbis AI acts as data processor, data may be returned to or shared with the client controller as directed under the engagement agreement.
  • Professional Advisors: Legal counsel, accountants, auditors, and insurers, bound by professional confidentiality obligations.
  • Legal and Governmental Authorities: Where disclosure is required by a binding court order, regulatory directive, or applicable law. Data Orbis AI will disclose only the minimum data required to satisfy the legal obligation and will notify the affected data subject to the extent permitted by law.
  • Business Successors: In the event of a corporate restructuring, merger, acquisition, or asset transfer, personal data may be transferred to the successor entity subject to the same or stronger protections. Affected individuals will be notified in advance.
  • With Your Explicit Written Consent: Any sharing not described above requires your documented prior consent, obtainable at hello@orbisdata.ai.

A current list of active sub-processors is available upon written request to hello@orbisdata.ai.

10 Your Rights as a Data Subject

Under LGPD and, where applicable, GDPR, you have the following rights. All requests must be submitted in writing to hello@orbisdata.ai and will be processed within 15 business days of receipt of a verified request.

RightDescription
AccessObtain confirmation that we hold data about you and receive a copy in a clear format
RectificationRequest correction of inaccurate, incomplete, or outdated data
ErasureRequest deletion of your data; subject to mandatory legal retention obligations
PortabilityReceive your data in a structured, machine-readable, interoperable format
RestrictionRequest limitation of processing in defined legal circumstances
ObjectionObject to processing based on legitimate interest or direct marketing
Consent WithdrawalRevoke consent at any time; no retroactive effect on prior lawful processing
Non-DiscriminationYou will not receive degraded service for exercising any privacy right
Human ReviewRequest human review of any automated processing that significantly affects you

Identity verification is required before any right is fulfilled. We reserve the right to deny requests that are manifestly unfounded, repetitive, or abusive, in accordance with LGPD Article 18. Where an exception applies under applicable law preventing full compliance, we will inform you of the reason within the response period.

11 Cookies and Tracking Technologies

Our website uses cookies and similar technologies. On your first visit, a consent banner will allow you to accept or reject non-essential cookies. You may update your preferences at any time via the cookie settings link in the website footer.

Cookie TypePurposeConsent Required
Strictly NecessaryCore website security and functionalityNo (essential)
AnalyticsAnonymized usage patterns and performance monitoringYes
MarketingInterest-based advertising and retargetingYes (explicit opt-in)
FunctionalUser preferences and personalizationYes

Data Orbis AI does not deploy cross-site tracking, behavioral fingerprinting, or invasive advertising technologies without explicit opt-in consent. Rejecting non-essential cookies does not impair your access to the core functionality of our website.

12 International Data Transfers

Personal data may be transferred to and processed in countries outside Brazil as part of our consulting operations and use of cloud-based service providers. All such transfers comply with LGPD Chapter V (international transfer rules) and, where applicable, GDPR Chapter V. Transfer mechanisms include adequacy decisions, Standard Contractual Clauses (SCCs), and binding contractual safeguards with sub-processors.

Where no adequacy determination exists, Data Orbis AI ensures appropriate safeguards are in place before any transfer occurs. You may request information about the specific safeguards applied to transfers involving your data by contacting hello@orbisdata.ai.

13 Data Security

Data Orbis AI implements technical and organizational security measures proportionate to the risk of each processing activity. Measures include:

  • TLS 1.2+ encryption for all data in transit
  • Encryption at rest for stored personal and client data
  • Role-based access controls and the principle of least privilege
  • Multi-factor authentication for internal system access
  • Periodic security assessments, vulnerability scanning, and penetration testing
  • Documented incident response procedures and breach notification protocols
  • Data protection training for all personnel with access to personal data
  • Vendor security review prior to onboarding any new sub-processor
⚠ Security Limitation DisclaimerDespite the implementation of industry-standard security measures, no digital transmission or storage system is completely immune to unauthorized access, interception, or compromise. Data Orbis AI does not represent, warrant, or guarantee that personal data will be completely secure at all times. Your use of our website and submission of personal data is at your own risk with respect to security events outside our direct and reasonable control.

In the event of a personal data breach that poses a risk to your rights and freedoms, Data Orbis AI will notify the Autoridade Nacional de Proteção de Dados (ANPD) within 72 hours and affected individuals without undue delay, to the extent required under LGPD Article 48 and applicable law.

14 Disclaimer of Warranties

⚠ Full Disclaimer of Warranties

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, ORB DATA AI'S WEBSITE, SERVICES, CONTENT, TOOLS, AI OUTPUTS, ANALYTICAL DELIVERABLES, AND ALL RELATED MATERIALS ARE PROVIDED STRICTLY ON AN "AS IS," "AS AVAILABLE," AND "WITH ALL FAULTS" BASIS, WITHOUT ANY REPRESENTATIONS, GUARANTEES, OR WARRANTIES OF ANY KIND, WHETHER EXPRESS, IMPLIED, STATUTORY, OR OTHERWISE.


ORB DATA AI EXPRESSLY DISCLAIMS ALL IMPLIED WARRANTIES, INCLUDING BUT NOT LIMITED TO: (A) WARRANTIES OF MERCHANTABILITY; (B) FITNESS FOR A PARTICULAR PURPOSE; (C) NON-INFRINGEMENT; (D) ACCURACY, COMPLETENESS, OR RELIABILITY OF ANY CONTENT OR OUTPUT; (E) UNINTERRUPTED OR ERROR-FREE OPERATION; (F) FREEDOM FROM VIRUSES, MALWARE, OR OTHER HARMFUL CODE; AND (G) ANY WARRANTY ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.


NO ORAL OR WRITTEN REPRESENTATION MADE BY ORB DATA AI, ITS PERSONNEL, AGENTS, OR PARTNERS SHALL CREATE ANY WARRANTY NOT EXPRESSLY SET FORTH IN A SIGNED WRITTEN AGREEMENT.

15 Limitation of Liability

⚠ Zero Liability Cap

1. Zero Monetary Liability. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE MANDATORY LAW, ORB DATA AI'S TOTAL AGGREGATE MONETARY LIABILITY TO ANY PARTY FOR ANY AND ALL CLAIMS ARISING FROM OR RELATING TO THIS POLICY, THE WEBSITE, THE SERVICES, ANY DATA PROCESSING ACTIVITY, OR ANY PRIVACY-RELATED MATTER SHALL BE:

BRL 0.00 — ZERO

2. No Consequential Damages. IN NO EVENT SHALL ORB DATA AI, ITS DIRECTORS, OFFICERS, EMPLOYEES, CONTRACTORS, AGENTS, PARTNERS, SUPPLIERS, OR LICENSORS BE LIABLE FOR ANY: INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, CONSEQUENTIAL, OR PUNITIVE DAMAGES — INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS, LOSS OF REVENUE, LOSS OF DATA, LOSS OF GOODWILL, BUSINESS INTERRUPTION, COST OF SUBSTITUTE SERVICES, OR ANY OTHER INTANGIBLE LOSSES — ARISING OUT OF OR IN CONNECTION WITH THIS POLICY, YOUR USE OF OR INABILITY TO USE THE WEBSITE OR SERVICES, ANY DATA BREACH OR SECURITY INCIDENT, OR ANY AI OR ANALYTICAL OUTPUT, REGARDLESS OF THE THEORY OF LIABILITY AND EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.


3. Third-Party Breaches and External Causes. Data Orbis AI bears no liability for unauthorized access, data loss, or security incidents attributable to: (a) your own actions, negligence, or omissions; (b) force majeure events; (c) cyberattacks, ransomware, or infrastructure failures of third-party service providers or telecommunications networks; (d) your failure to use adequate security measures, strong credentials, or updated software on your own systems; or (e) any cause outside Data Orbis AI's direct and reasonable control.


4. Reliance on AI and Analytical Outputs. Data Orbis AI shall bear zero liability for any decision, action, investment, business outcome, or consequence arising from reliance on any AI model output, predictive analysis, data visualization, or consulting deliverable. All outputs are advisory. The client or user bears full responsibility for independent validation and any decisions made.


5. Third-Party Websites. Data Orbis AI is not responsible for and shall bear no liability for the content, privacy practices, security posture, or data handling of any third-party website, platform, or service linked to or from our website.


6. Mandatory Law Carve-Out. Nothing in this Section excludes or limits liability that cannot be excluded under applicable mandatory law, including but not limited to liability for: (a) death or personal injury directly caused by proven gross negligence of Data Orbis AI; or (b) fraudulent misrepresentation directly attributable to Data Orbis AI. This carve-out is narrow and does not expand any other form of liability.

16 Indemnification

⚠ Your Obligation to IndemnifyYou agree to indemnify, defend, and hold harmless Data Orbis AI and its officers, directors, employees, contractors, agents, partners, and successors from and against any and all claims, damages, losses, liabilities, costs, and expenses (including reasonable legal fees) arising out of or relating to: (a) your violation of this Policy; (b) your provision of inaccurate, unlawful, or unauthorized personal data to Data Orbis AI; (c) your violation of any applicable law, regulation, or third-party right in connection with your use of our services; (d) your reliance on or use of any AI output, analytical model, or consulting deliverable produced by Data Orbis AI; or (e) any claim by a third party that your use of our services caused harm to that third party.

This indemnification obligation survives termination of any agreement or engagement with Data Orbis AI and your discontinuation of use of our website and services.

17 Consulting Client Liability

In all consulting engagements where Data Orbis AI acts as a data processor on behalf of a client organization:

  • The client organization is the data controller and bears primary and direct legal responsibility for all data protection obligations under LGPD, GDPR, and applicable laws
  • The client is solely responsible for ensuring a valid legal basis exists for every personal data element provided to or processed by Data Orbis AI
  • The client is solely responsible for the accuracy, completeness, and lawfulness of data delivered to Data Orbis AI for processing
  • The client is solely responsible for providing adequate privacy notices to data subjects whose data is shared with Data Orbis AI
  • Data Orbis AI's liability as a data processor is strictly limited to processing activities performed in material breach of a signed, written DPA and only to the extent directly caused by Data Orbis AI's proven failure to comply with its processor obligations
  • Data Orbis AI shall have no liability for any privacy or data protection violation arising from client instructions, client-provided data, or client-owned systems, platforms, or databases

18 Children's Privacy

Our website and services are directed exclusively at individuals aged 16 and above. We do not knowingly collect, solicit, or process personal data from children under 16. If we become aware that a minor has submitted personal data without verifiable parental or guardian consent, we will delete such data immediately upon discovery.

If you believe a minor has provided personal data to Data Orbis AI, please notify us immediately at hello@orbisdata.ai. Data Orbis AI bears no liability for personal data submitted by minors misrepresenting their age.

19 Marketing Communications

Data Orbis AI sends marketing, newsletter, or promotional communications only to individuals who have provided explicit prior opt-in consent. Every such communication includes a clear, one-click unsubscribe mechanism. Withdrawal of marketing consent will take effect within 5 business days and does not affect transactional, contractual, or legally required communications. Consent records are maintained in compliance with LGPD Article 8.

20 Third-Party Links

Our website may contain links to external websites, platforms, and resources operated by third parties. These links are provided for informational convenience only. Data Orbis AI does not endorse, control, or assume responsibility for the content, privacy practices, security, data handling, or availability of any third-party website. Access to third-party websites is entirely at your own risk, and Data Orbis AI expressly disclaims all liability arising from your interaction with any third-party site.

21 Force Majeure

Data Orbis AI shall not be liable for any failure or delay in performing its obligations under this Policy to the extent that such failure or delay is caused by events beyond its reasonable control, including but not limited to: acts of God, natural disasters, pandemic, epidemic, governmental actions, war, terrorism, riots, embargoes, acts of civil or military authority, fire, flood, earthquakes, strikes or labor disputes, power outages, internet or telecommunications failures, third-party cyberattacks or ransomware incidents, denial of service attacks, or failure of third-party infrastructure or service providers.

In such circumstances, Data Orbis AI's obligations will be suspended for the duration of the force majeure event. Data Orbis AI will use commercially reasonable efforts to notify affected parties and resume normal operations as soon as reasonably practicable.

22 Changes to This Policy

Data Orbis AI reserves the right to update, modify, or replace this Policy at any time to reflect changes in applicable law, our data practices, or our services. When material changes are made:

  • The "Last Updated" date at the top of this page will be revised
  • Known contacts and registered clients will be notified by email at least 30 days before changes take effect where practicable
  • A prominent notice will be displayed on the website

Your continued access to or use of our website or services after the effective date of any updated Policy constitutes your binding acceptance of the revised terms. If you do not accept the revised Policy, you must immediately cease use of our services and may request deletion of your data at hello@orbisdata.ai.

23 Dispute Resolution and Arbitration

Before initiating any formal legal proceeding, you agree to first attempt to resolve any privacy-related dispute with Data Orbis AI informally by contacting hello@orbisdata.ai. Data Orbis AI will make good-faith efforts to resolve the matter within 30 days.

If informal resolution is unsuccessful, any dispute, controversy, or claim arising out of or relating to this Policy, including any question regarding its existence, breach, validity, or termination, shall be finally resolved by binding arbitration administered under the rules of the Câmara de Comércio Brasil-Canada (CCBC) in São Paulo, Brazil, or such other mutually agreed arbitral institution. The arbitration shall be conducted in Portuguese or English (to be agreed), and the arbitral award shall be final and binding on both parties. You waive any right to a jury trial or to participate in a class action lawsuit with respect to any claim subject to this arbitration clause.

Nothing in this clause prevents either party from seeking urgent injunctive or provisional relief from a competent court where necessary to prevent imminent irreparable harm.

24 Governing Law and Jurisdiction

This Policy is governed by and construed in accordance with the laws of the Federative Republic of Brazil, without regard to conflict of law principles. For any matter not subject to arbitration under Section 23, the parties submit to the exclusive jurisdiction of the courts of the Comarca de São Paulo, State of São Paulo, Brazil.

Where mandatory consumer protection or data protection laws in your jurisdiction provide rights that cannot be contractually waived, those rights are preserved solely to the minimum extent required by law, and all other provisions of this Policy remain in full force and effect.

25 Severability and Entire Agreement

Severability: If any provision of this Policy is found to be invalid, unlawful, or unenforceable under applicable law, that provision shall be modified to the minimum extent necessary to make it enforceable, or if modification is not possible, severed from this Policy. The remaining provisions shall continue in full force and effect without interruption.

Entire Agreement: This Policy, together with any signed engagement letter, Statement of Work, DPA, or other written agreement between you and Data Orbis AI, constitutes the entire agreement between the parties with respect to privacy and data protection and supersedes all prior discussions, representations, or understandings on those subjects.

No Waiver: Failure by Data Orbis AI to enforce any provision of this Policy at any time shall not constitute a waiver of its right to enforce that provision in the future.

Language: This Policy is drafted in English. Any translation is provided for convenience only. In the event of any inconsistency between the English version and a translation, the English version shall prevail.

26 Supervisory Authorities

You have the right to lodge a complaint directly with the relevant data protection supervisory authority at any time, without prejudice to any other administrative or judicial remedy:

JurisdictionAuthorityWebsite
BrazilAutoridade Nacional de Proteção de Dados (ANPD)gov.br/anpd
European UnionYour local Data Protection Authority (DPA)edpb.europa.eu
United KingdomInformation Commissioner's Office (ICO)ico.org.uk

We strongly encourage you to contact us first at hello@orbisdata.ai before escalating to a supervisory authority, so we may attempt to resolve your concern directly.

27 Contact Us

📧 Privacy InquiriesFor all privacy-related questions, data subject rights requests, complaints, data breach reports, or general inquiries regarding this Policy, contact:

Data Orbis AI
Email: hello@orbisdata.ai
Response Time: Within 15 business days of verified receipt
Location: São Paulo, Brazil