Privacy Policy

Controller

Anton - Johannes Rost

Rheinstraße 12, 55116 Mainz, Germany

Email: alpaca-labs.dev@proton.me

What we process

We process account data, authentication data, app usage counters, and note/group content required to provide Pocket Orbit features.

If you use AI summaries, your submitted note/group content is processed through our AI provider to generate summaries.

If you use OCR scan features, images you submit are processed to extract text and are handled transiently for conversion.

OCR scan processing

OCR text extraction uses Google Cloud Vision as a processor.

Source images are processed for text extraction and are not stored as part of your account content unless you explicitly save extracted text as a note.

Waitlist

For the waitlist, we process your email address and anti-abuse verification data (reCAPTCHA token). Waitlist emails are kept until launch and then deleted after 2 months.

Legal bases

• Account and core app features: contract performance.
• Security, abuse prevention, and service reliability: legitimate interests.
• Optional communications/marketing where applicable: consent.

Processors and hosting

Main backend hosting: Hetzner Online GmbH (Germany). Landing frontend hosting: Vercel.

Depending on feature use, processors may include OpenAI (AI summaries), Google (Sign-In, reCAPTCHA, waitlist sheet, Google Cloud Vision OCR), and Proton (support email).

Retention

• Refresh tokens: up to 7 days.
• Server logs: up to 30 days.
• Deleted accounts: immediate hard delete (including related user data cleanup).
• Waitlist emails: until launch plus 2 months.
• OCR scan images: transient processing for extraction only; no persistent image storage in app backend.

Your rights

You can request access, correction, deletion, restriction, objection, and data portability under GDPR/DSGVO. Contact: alpaca-labs.dev@proton.me.