DocsAPI and MCP ReferenceHomepageSign In

Privacy and Data Collection Disclosure

This Privacy and Data Collection Disclosure outlines how Orbit handles user data in connection with our Model Context Protocol (MCP) services and integrations, including through platforms such as Claude, OpenAI APIs, or any LLM Chatbot or API service that follows MCP Standard Protocol.

Data Collected

Orbit collects minimal user data, strictly necessary for providing MCP access and monitoring usage:

  • Access Logs: We log user-level activity including authentication events, accessed companies/tickers, query timestamps, and usage frequency.

  • Account Metadata: We may collect a user's name, email address, and affiliated organization (if applicable) as part of their Orbit Insight subscription.

  • Query Metadata: We log the number of companies queried and document types accessed for usage analytics and billing purposes.

Orbit does not systematically collect or store user prompts, inputs, or queries. We also do not have access to, and therefore do not store, any LLM-generated outputs (e.g., chatbot responses) resulting from interactions with our MCP server.

Security and Infrastructure

  • The Orbit MCP server implements the MCP OAuth Specification to ensure secure, credentialed access.

  • MCP access is strictly read-only. Third parties cannot write to, upload to, or modify any Orbit data via the protocol.

  • All data transmissions are encrypted in transit using TLS 1.3 or higher. Internal access is restricted, monitored, and subject to audit controls.

Third-Party Sharing

  • Orbit does not sell, share, or distribute any collected user data or access logs to third parties.

  • All data stays within Orbit's secure infrastructure and is used solely for operational, compliance, access monitoring, and internal analytical purposes.

  • Aggregated, anonymized usage statistics may be used for product improvement and reporting, but never in a way that identifies individual users.

Data Retention

  • We retain access logs (e.g., login activity, company/ticker usage) for up to 12 months for compliance and internal analytics.

  • Account metadata is retained for the duration of your Orbit Insight subscription and up to 90 days after termination.

  • No long-term retention of user prompts or LLM outputs occurs, as they are never stored.

Transparency and Branding

  • All users accessing Orbit data via Claude, OpenAI APIs, or similar interfaces are made aware of the integration with Orbit services.

  • No white-labeling is permitted. Orbit branding and source attribution remain transparent throughout the user experience.

  • All responses include clear citations to official filing sources, maintaining transparency about data provenance.

User Rights

  • Users may request access to their usage logs by contacting [email protected]

  • Users may request deletion of their account metadata, subject to legal retention requirements

  • Users retain all rights to their queries and any derived insights

Compliance

  • This MCP service complies with GDPR, CCPA, and other applicable data protection regulations

  • Financial data access complies with all relevant securities regulations

  • Usage is monitored to ensure compliance with our Terms of Service

Updates to This Disclosure

We may update this disclosure periodically. Users will be notified of material changes via their registered email address.

Contact

For questions about this disclosure or our data practices, please contact:

Last Updated: August 2025 Version: 1.0

Previous3. Future Roadmap

Last updated