Skip to main content

Privacy Policy

Effective date: June 23, 2026

1. Introduction

Pixbots Private Limited, the company behind Orviora ("we", "our", or "us"), explains here how we collect, use, share, and protect personal data when you use the Orviora platform ("Service"). Orviora is an outreach and engagement platform for managing leads and contacts, running email campaigns and sequences, and handling replies, unsubscribes, and suppression lists.

This policy covers two kinds of personal data: data about the people who hold Orviora accounts (our customers and their users), and the contact or lead data that customers load and process through the Service. Different responsibilities apply to each, as explained below.

2. Data We Collect From Account Users

When you create and use an Orviora account, we may collect:

  • Identity and contact details: name, email address, company name
  • Billing details: billing contact, plan, and transaction records (card details are handled by our payment processor and are not stored by us)
  • Login and security data: password (stored hashed), authentication and session data, and security events
  • Usage data: features used, actions taken, and device, log, and similar technical information

3. Contact and Lead Data Customers Load

As part of using the Service, customers upload, import, or generate data about their leads and contacts. This may include:

  • Names, work email addresses, company names, and job titles
  • Phone numbers and LinkedIn or other profile URLs
  • Notes, tags, and custom fields
  • Campaign and outreach activity: messages sent, opens, clicks, replies, bounces, unsubscribes, and suppression status

Customers decide what contact data to load and how to use it. As explained in our Terms of Service, the customer is the controller, data fiduciary, or business for this data, and Pixbots acts as the processor or service provider.

4. Where Contact Data Comes From

Contact and lead data in the Service may come from:

  • Data customers upload or enter directly
  • Integrations customers connect, such as CRMs and email providers
  • Third-party lead and enrichment providers customers choose to use
  • Public business sources
  • Interactions during campaigns, such as replies, opens, clicks, bounces, and opt-outs

5. How We Use Data

We use personal data to:

  • Provide, operate, and maintain the Service
  • Send campaigns and manage sequences on the customer's instructions
  • Process and route replies
  • Build and maintain suppression lists so opted-out contacts are not contacted again
  • Improve deliverability and detect and prevent abuse, spam, and fraud
  • Provide support and respond to requests
  • Produce analytics and reporting
  • Handle billing and payments
  • Maintain security and protect the Service and its users
  • Meet legal and regulatory obligations

6. Legal Bases

Where data protection law requires a legal basis, we rely on:

  • Performance of a contract, to provide the Service to account users
  • Legitimate interests, such as operating, securing, and improving the Service and preventing abuse, balanced against individual rights
  • Consent, where the law requires it (you can withdraw consent at any time)
  • Legal obligation, where we must process data to comply with the law

For the contact data that customers process through the Service, the customer is responsible for having a valid legal basis to collect and contact those individuals.

7. Suppression Records

To help prevent opted-out or unsubscribed contacts from being contacted again, we may keep suppression records, such as a suppressed email address and the fact that it opted out. We may retain these records even after other data is deleted, because they exist to honor opt-outs and reduce the risk of contacting someone who asked not to be contacted.

8. Sharing and Subprocessors

We do not sell personal data. We share data with service providers (subprocessors) that help us run the Service. These may include:

  • Email and sending providers
  • Cloud hosting and infrastructure providers
  • Analytics providers
  • Payment processors
  • CRM and integration providers you connect
  • AI and LLM providers used for drafting and processing
  • Enrichment providers you choose to use

A current list is available on our subprocessors page. We may also disclose data when required by law or legal process, or to protect the rights, safety, and security of people and the Service.

9. International Transfers

Orviora is operated from India and uses infrastructure and processors that may be located in India, the United States, or other countries. Your data, and the contact data customers load, may be processed in these locations. Where required, we use appropriate safeguards for international transfers, such as standard contractual clauses.

10. Data Retention

We keep personal data for as long as needed to provide the Service and for legitimate business, security, and legal purposes. In general:

  • Account and billing data is kept while your account is active and for a period afterward as needed for legal and accounting purposes
  • Campaign data and contact data is kept while it is in your account. You can delete it, and it is removed within a reasonable period after account closure
  • Suppression records, logs, and backups may be retained longer where needed for compliance, security, deliverability, and to honor opt-outs

11. Your Rights

Depending on where you live and which law applies, you may have rights to:

  • Access a copy of your personal data
  • Correct inaccurate data
  • Delete your data
  • Object to or restrict certain processing
  • Withdraw consent or opt out
  • Data portability

To exercise these rights for your Orviora account, contact us at [email protected]. We may need to verify your identity.

12. Requests About Contact Data

If you are an individual whose data a customer loaded into Orviora (for example, you received outreach), the customer is the controller of that data. Please direct access, correction, deletion, objection, and opt-out requests to the customer who contacted you. We support our customers in responding to these requests as their processor, and we pass along requests we receive where appropriate. Customers are responsible for responding to data subject requests for the contact data they control.

13. Security

We use reasonable technical and organizational measures to protect personal data, including encryption in transit and at rest, encrypted storage of credentials and tokens, access controls, tenant data isolation, and logging. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

14. Cookies

We use essential cookies for authentication and sessions, and we may use analytics to understand usage. You can control cookies through your browser settings.

15. Changes to This Policy

We may update this policy. We will notify you of material changes by email or through the Service. Continued use after the changes take effect means you accept the updated policy.

16. Contact

For privacy questions or to exercise your rights:

  • Privacy: [email protected]
  • Company: Pixbots Private Limited, WeWork Block 10, DLF Cybercity, 124, Mount Poonamallee Rd, Manapakkam, Chennai, Tamil Nadu 600089, India