OrchOps Logo
OrchOps
ES | EN
Contact

Privacy Policy

Legal information updated. Last review: 12/13/2025

Executive Summary

OrchOps is an analytics tool. We do not sell your data. We only access metrics from your connected accounts with your explicit permission to generate reports. You can revoke access and delete your data at any time.

1. Data Controller

The data controller is the OrchOps project.

2. Data We Collect

To provide the service, we need to access certain information through official platform APIs (such as Meta Graph API):

  • Technical Connection Data: OAuth access tokens (encrypted).
  • Account Identity: Name, user ID, and profile picture of connected professional accounts.
  • Performance Metrics (Insights): Reach, impressions, engagement (likes, comments, shares), clicks, and aggregated demographic data if available.

We do not read your private messages nor post content on your behalf without direct explicit action.

3. Security and Authentication

"OrchOps does not store passwords from external platforms. Accesses are managed through secure authorizations (such as OAuth or technical credentials) and tokens are stored encrypted, so they are not readable or reusable outside our systems. Only strictly necessary permissions are requested and all communications are made via secure connections, allowing the user to revoke access at any time from the corresponding platform."

4. Purpose and Legal Basis

Purpose:

  1. Show unified dashboards and calculate personalized KPIs.
  2. Allow comparison between thematic content lists.
  3. Generate historical series for trend analysis.

Legal Basis: The processing is based exclusively on your consent by voluntarily connecting the account.

Sharing: We do not share data with third parties except for technology infrastructure providers (hosting, database) acting as data processors under contract.

5. Retention Policy

  • Active Data: Kept while the user has the account connected.
  • After Disconnection: Deleted within a maximum period of 30 days following the cancellation or disconnection request.
  • Security Logs: Retained for a maximum of 14 days.

6. Your Rights and Control

We comply with GDPR and international standards. You have the right to:

  • Access, rectify, or suppress your data.
  • Request portability of your metrics.
  • Revoke consent at any time.

To exercise these rights or request total deletion, visit our Data Deletion page or write to privacy@orchops.io.

You can also review our Terms and Conditions.