§ 1
Important notice
This Privacy Policy explains what information ORB may collect, how ORB may use it, how ORB may share it, and what choices users may have.
Do not use ORB if you do not agree with this Privacy Policy.
§ 2
What ORB is
ORB is a trading automation product and brand operated by Konstantin Manzyuk.
ORB is not a broker, dealer, investment adviser, commodity trading advisor, futures commission merchant, financial institution, prop firm, exchange, or clearing firm.
References to ORB mean the ORB product, website, software, documentation, Web Panel, relay infrastructure, support workflow, and Konstantin Manzyuk as the current operator of the service.
ORB may provide:
- website access
- customer onboarding
- ORB Web Panel access
- TradingView-based automation workflow
- webhook relay infrastructure
- backtest, replay, demo, and live-mode workflows
- customer support
- billing and subscription management
- technical monitoring and logs
- Telegram Bot access
- Telegram Web App / Mini App dashboard
- signal, order, fill, control, and audit journal workflows
- exchange execution integration workflows, including Binance where applicable.
ORB is designed to collect and process only information reasonably needed to operate, secure, support, bill, and improve the service.
§ 3
Information ORB may collect
ORB may collect the following categories of information.
3.1Account and contact information
- name
- email address
- username
- business name, if applicable
- support contact details
- billing contact details.
3.2TradingView-related information
- TradingView username
- TradingView script access status
- TradingView alert setup status
- TradingView alert metadata needed for support
- TradingView webhook delivery metadata
- webhook alert payloads, including symbol, side or direction, signal type, strategy or order identifiers, and timestamps
- validation or rejection status
- stale, duplicate, or safety rejection status.
ORB does not control your TradingView account.
3.3ORB Web Panel information
- login identifier
- authentication status
- session metadata
- configuration settings
- selected mode
- selected account or integration status
- Web Panel activity needed for security, support, and diagnostics.
Telegram Bot and Telegram Web App information
- Telegram user ID
- Telegram chat ID
- Telegram username or display name, where available
- Telegram bot commands and interactions
- Telegram notification delivery status
- Telegram Web App initData used for authentication and authorization
- Telegram Web App API requests
- Telegram Web App dashboard activity
- device, browser, or session metadata from the Web App.
ORB uses Telegram Web App initData to verify that Web App requests are associated with a Telegram user. ORB does not treat frontend-provided customer_id values as trusted unless validated by the backend.
3.4Integration credentials and tokens
Depending on the product setup, ORB may process or store:
- PickMyTrade webhook URL
- PickMyTrade token
- PickMyTrade account ID
- market data provider credential status or token, where required for the selected setup
- Telegram bot or chat configuration
- relay secret
- other integration identifiers required to operate the service.
ORB stores sensitive credentials only when required for service operation.
ORB does not store unnecessary credentials.
ORB does not store secrets in public repositories.
3.5Trading and automation data
ORB may process or store:
- strategy signals
- alert payloads
- relay status
- order intent logs
- trade logs
- execution status
- account mode
- bot status
- session state
- risk settings
- open and closed trade metadata
- backtest results
- replay results
- demo results
- live automation status
- operational diagnostics.
This data may include information about your trading activity, but ORB does not custody funds and does not control your broker or prop firm account.
3.6Billing and subscription information
ORB may process:
- subscription status
- plan type
- setup fee status
- invoices
- payment status
- renewal status
- cancellation status
- refund status
- payment processor identifiers.
Payment card or bank details are handled by a third-party payment processor and are not stored directly by ORB.
3.7Support and communications
ORB may collect:
- emails
- support messages
- screenshots you provide
- technical diagnostics you provide
- onboarding notes
- troubleshooting notes
- customer feedback.
Do not send unnecessary sensitive information through support channels.
3.8Device, usage, and security data
ORB may collect:
- IP address
- browser type
- device type
- operating system
- login timestamps
- access logs
- error logs
- security events
- rate-limit events
- audit logs
- cookie or session data
- approximate location derived from IP address.
This information may be used for security, fraud prevention, debugging, service reliability, and abuse prevention.
3.9Jurisdiction and eligibility data
ORB may process information needed to assess supported or unsupported jurisdictions, including:
- country of residence
- billing country
- payment country
- account country
- IP-derived approximate location
- user-provided residency or location information
- company incorporation country, if applicable.
This information may be used to determine whether ORB can provide access under its supported-jurisdiction policy.
Exchange and Binance execution information
- Binance account connection status
- Binance demo or testnet configuration
- future live Binance integration only if enabled and explicitly approved
- order requests and intents
- exchange order IDs
- order status
- fill status
- quantity
- symbol
- side
- execution timestamps
- rejection or error status
- balances or positions, only if collected for service operation.
ORB does not custody user funds and does not act as an exchange or broker.
Demo or testnet data may be processed before live execution is enabled. Live execution data is processed only if a live integration is later configured and explicitly approved by the user.
Customer settings, controls, and audit logs
- fixed quantity or risk settings
- selected symbol or environment
- active or paused status
- emergency stop status
- pause, resume, or emergency stop actions
- fixed quantity changes
- confirmation actions
- safety and risk rejection logs
- control audit logs
- actor or source, such as Telegram Bot, Telegram Web App, backend, or operator.
§ 4
How ORB may use information
ORB may use information to:
- provide the service
- enable and manage Customer Portal access
- provide access to ORB tools
- provide TradingView script or workflow access
- operate webhook relay infrastructure
- operate Web Panel features
- process billing and subscriptions
- provide customer support
- troubleshoot technical issues
- monitor system health
- detect abuse or unauthorized access
- prevent fraud or security incidents
- verify supported-jurisdiction eligibility
- improve product functionality
- comply with legal obligations
- enforce Terms of Service
- maintain business records
- authenticate Telegram Web App requests
- map Telegram users to customer accounts
- display dashboard, status, and journal information
- process customer control actions
- operate Binance demo or testnet, or future approved live execution workflows
- record safety, risk, and audit events
- investigate rejected, duplicate, stale, failed, or unknown-order outcomes
- respond to user requests.
ORB does not sell personal data.
ORB does not use customer trading data for public marketing without written permission.
§ 5
Legal bases and consent
The applicable legal basis may depend on the user’s jurisdiction.
ORB may process data because:
- the data is needed to provide the service
- the data is needed to perform a contract
- the user consented
- ORB has a legitimate interest in security, support, operations, fraud prevention, abuse prevention, and product improvement
- ORB must comply with legal obligations.
For Uruguay-related data handling, personal data protection obligations may apply under Ley N° 18.331.
For EU/EEA users, GDPR concepts such as controller, processor, lawful basis, data subject rights, and international transfers may apply.
§ 6
How ORB may share information
ORB may share information with service providers needed to operate ORB.
Possible service providers include:
- hosting providers
- domain and DNS providers
- email providers
- payment processors
- analytics providers, if used
- support tools, if used
- GitHub or development infrastructure
- TradingView, where integration requires it
- PickMyTrade, where integration requires it
- market data providers, where integration requires it
- Telegram, where integration requires it
- Binance or other exchange platforms, where user-directed integration requires it
- Cloudflare, for infrastructure and security services
- VPS or hosting providers, for backend operation
- broker, prop firm, or execution platforms, where user-directed integration requires it.
ORB may also share information when required to:
- comply with law
- respond to lawful requests
- protect ORB rights
- enforce Terms of Service
- investigate security issues
- prevent fraud or abuse
- protect users or third parties.
ORB does not disclose customer trading data publicly without written permission.
§ 7
Third-party services
ORB may rely on third-party services.
Third-party services have their own terms and privacy policies.
ORB does not control third-party privacy practices.
Users are responsible for reviewing the privacy policies and terms of any third-party services they connect to ORB, including:
- TradingView
- PickMyTrade
- market data providers
- Telegram
- Binance or other exchange platforms
- Cloudflare
- VPS or hosting providers
- brokers
- prop firms
- payment processors
- email and support providers
- hosting and infrastructure providers.
§ 8
Credentials and secrets
ORB may need certain credentials, tokens, webhook URLs, or integration identifiers to operate automation workflows.
ORB applies the following principles:
- collect only credentials required for operation
- mask sensitive values in user interfaces
- restrict access to sensitive values
- avoid logging full secrets
- avoid exposing secrets in public repositories
- use environment files or protected storage where appropriate
- rotate credentials when needed
- remove credentials when no longer required
- allow users to update or revoke credentials where possible.
Additional principles for specific credential types:
- Binance API keys or secrets may be processed or stored only when required for exchange integration
- Telegram bot tokens are stored only in protected runtime configuration
- Telegram Web App initData is used for request verification and should not be used as a long-term password
- secrets must not be embedded in Telegram Web App URLs
- secrets must not be exposed in frontend code or public repositories.
Users are responsible for protecting their own third-party accounts and for revoking or rotating credentials if they suspect compromise.
§ 9
Data retention
ORB retains information only as long as reasonably needed for:
- service operation
- account management
- billing
- support
- legal compliance
- security
- dispute resolution
- audit logs
- product diagnostics.
Retention categories:
- account and contact data: retained while the account is active and for a reasonable period after closure
- billing records: retained as required for accounting, tax, and legal purposes
- support records: retained for troubleshooting and dispute resolution
- trading logs and automation logs: retained for diagnostics, audit, and customer history
- security logs: retained for security monitoring and abuse prevention
- credentials: retained only while needed to provide the service
- Telegram Bot and Telegram Web App interaction logs: retained for support, audit, and service operation
- TradingView signal and webhook logs: retained for audit, diagnostics, and dispute resolution
- Binance order and fill logs: retained for audit, diagnostics, and dispute resolution
- control and audit logs: retained for security, audit, and dispute resolution
- safety and rejection logs: retained for audit, diagnostics, and risk review.
Specific retention periods may vary by data category and applicable legal obligations.
9.1Onboarding and contact form data
When you submit the onboarding or contact form on the ORB website, ORB stores the information you provide (such as name, email, country or region, product interest, request type, and your message) together with limited technical and audit information used for security and abuse prevention.
This onboarding and contact data is retained while it remains reasonably needed for business, support, legal compliance, abuse prevention, and audit purposes. ORB does not currently operate automatic deletion or a fixed automated retention period for this data, and does not promise one. The data is removed, anonymized, or corrected on request, which is handled manually as described in "User rights and choices" below.
A copy of the information you submit may also exist in the transactional email systems used to deliver onboarding and contact notifications, and in the recipient mailboxes that receive them. Where reasonably possible, those copies are handled under the same manual request process.
§ 10
User rights and choices
Depending on jurisdiction, users may have rights to:
- access personal data
- correct personal data
- delete personal data
- restrict processing
- object to processing
- request portability
- withdraw consent
- close account
- request information about data sharing.
To make a privacy request, users should contact:
legal@integrall.group
ORB may need to verify identity before processing certain requests.
Privacy requests — including access, correction, deletion, and export (portability) — are handled manually by the ORB team after they are received at the address above. ORB does not currently provide an automated self-service tool to delete or export website onboarding and contact data; each request is reviewed and actioned by a person.
Some data may need to be retained for legal, security, billing, dispute, or operational reasons.
§ 11
International users, unsupported jurisdictions, and data transfers
ORB may operate across jurisdictions.
ORB is intended for users outside Uruguay.
ORB is not offered to residents of Uruguay, individuals located in Uruguay, companies incorporated in Uruguay, or users accessing ORB for use within Uruguay, unless ORB gives prior written approval.
Users are responsible for providing accurate country, residency, billing, and account information.
ORB may restrict, suspend, or reject access if a user appears to be located in an unsupported jurisdiction.
Data may be processed in countries different from the user’s country of residence.
Data may be processed in Uruguay or other countries for export-oriented SaaS operations, but the service is not offered to Uruguay-based customers.
Third-party providers may process data in the United States, Uruguay, the European Union, or other countries.
International data transfer, tax, export-service, and privacy obligations may apply depending on user location, service provider location, and ORB’s operating structure.
§ 12
Security
ORB uses reasonable administrative, technical, and organizational safeguards to protect information.
Security measures may include:
- access control
- password protection
- token masking
- restricted credential access
- environment-based secret storage
- HTTPS
- firewall controls
- private administrative access
- monitoring
- logging
- backups
- least-privilege access
- service separation
- credential rotation when needed.
No system is completely secure.
ORB cannot guarantee that unauthorized access, data loss, platform failure, or security incidents will never occur.
§ 13
Cookies and analytics
ORB website, Web Panel, Customer Portal, Telegram Web App, or similar interface may use cookies, local storage, or session storage for:
- login sessions
- security
- UI preferences and session state
- analytics
- product improvement
- diagnostics
- dashboard operation
- abuse prevention.
If additional analytics or tracking tools are introduced, this Privacy Policy will be updated to reflect them.
§ 14
Children and minors
ORB is not intended for children or minors.
Users must be legally able to enter into a binding agreement and use trading-related services in their jurisdiction.
ORB does not knowingly collect information from minors.
If ORB learns that a minor submitted personal data, ORB will delete it where legally required.
§ 15
Customer trading data
Customer trading data is sensitive operational data.
Customer trading data includes, but is not limited to:
- strategy signal data
- order and fill data
- Telegram Bot and Telegram Web App control logs
- control and audit logs
- rejected, stale, duplicate, or safety-blocked signal or order data
- account mode, status, and operational settings.
ORB does not publish customer trading data, screenshots, account results, performance metrics, logs, or testimonials without written permission.
If customer results are used in marketing, they must be clearly labeled and must not imply guaranteed future results.
§ 16
Data breach and security incident handling
If ORB becomes aware of a security incident involving personal data, ORB will:
- investigate the incident
- limit further exposure
- preserve relevant logs
- identify affected data
- assess legal notification obligations
- notify affected users or authorities when legally required
- document remediation steps.
Exact notification obligations depend on jurisdiction.
§ 17
Changes to this Privacy Policy
ORB may update this Privacy Policy from time to time.
The updated version will be posted on the ORB website or provided through another reasonable method.
Continued use of ORB after changes become effective means you accept the updated Privacy Policy, where permitted by law.
§ 18
Contact
For privacy questions or requests, contact:
legal@integrall.group
For legal questions, contact:
legal@integrall.group