OrionsLock Pulse Privacy Policy

Last updated: April 24, 2026

Data We Collect

We collect account information such as email address, workspace membership, billing status, support messages, and authentication metadata. When you use the gateway, Pulse stores request metadata such as provider, model, status, latency, estimated cost, policy decisions, ThreatPrint results, request IDs, trace IDs, and attribution headers you choose to send.

Request and Log Retention

Retention is controlled by plan and workspace configuration. Developer workspaces use shorter metadata and trace windows; paid plans may retain metadata, traces, exports, and archives longer. Raw prompt or response payload retention is not a default requirement for using Pulse and is redacted or configurable by plan.

Key Handling

Pulse keys authenticate requests to OrionsLock. Upstream provider credentials can be passed from your server per request or stored as encrypted virtual keys. Plaintext virtual-key secrets are not returned to the browser after creation. Do not send GitHub tokens, provider keys, or other secrets to support channels unless a secure exchange has been arranged.

Service Providers

Pulse uses Cloudflare, Vercel, Stripe, Resend, GitHub Container Registry, a managed authentication/database provider, and optional customer-configured observability or webhook providers to operate the service. These providers process data only as needed to provide hosting, authentication, storage, billing, email, package delivery, monitoring, and support.

Deletion and Contact

To request export, deletion, billing help, or privacy review, email contact@orionslock.com. Security reports should go to security@orionslock.com.