Version updated: 2026/6/2

Privacy Policy

Orbit Moon Alpha (“Orbit Moon Alpha,” “we,” “us,” or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, disclose, and protect information when you visit or use our website and services, including our AI Agent, Kepler platform, membership features, account management tools, and related web-based services (collectively, the “Services”).

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy.

1. Who We Are

Our website address is: https://orbitmoonalpha.com

Orbit Moon Alpha provides web-based digital products and services, including AI-powered tools, multimedia creation features, membership-based access plans, and related account management functionality.

2. Information We Collect

We may collect the following categories of information:

a. Account Information

When you register for an account or use our login features, we may collect:

  • email address;
  • phone number;
  • account identifiers;
  • authentication-related information;
  • passkey-related authentication metadata, where enabled;
  • account status information, including active, restricted, closure-requested, closed, or deletion-processing status; and
  • membership or access-level information.

b. Transaction, Subscription, and Billing Information

When you purchase a product, membership, subscription, or digital service credit, we may collect or receive:

  • order details;
  • selected plan, product, or service credit package;
  • billing interval and renewal status;
  • payment status;
  • transaction identifiers;
  • Stripe customer ID, subscription ID, invoice ID, payment ID, or refund ID, where applicable;
  • subscription status, renewal, cancellation, failed-payment, and billing-portal activity information;
  • checkout email address and related order communication details; and
  • checkout consent records, including the accepted policy version, relevant policy URLs, acceptance timestamp, IP address, and user agent where reasonably necessary for authorization, fraud prevention, dispute handling, and compliance.

We do not store full payment card numbers, Alipay account credentials, or full sensitive payment credentials on our own servers.

c. Moon Shards and Digital Service Credit Information

If you purchase, receive, or use Moon Shards or other digital service credits, we may maintain records related to your balance, grants, top-ups, usage activity, consumption history, service fulfillment, adjustments, expirations, forfeitures, refunds, and support requests.

These records are used to deliver digital services, maintain account continuity, prevent abuse, resolve disputes, support refunds or account closure handling, and provide customer support.

d. AI Interaction and User Content

When you use our AI-powered Services, we may process and retain prompts, messages, uploaded inputs, uploaded files, conversation history, thread metadata, generated outputs, and related technical metadata as necessary to provide the requested functionality and support user-facing product features.

e. Technical and Usage Information

We may automatically collect certain technical and usage information, such as:

  • IP address;
  • browser type and version;
  • operating system;
  • device information;
  • log data;
  • referring URLs;
  • pages visited;
  • timestamps and usage activity;
  • error reports; and
  • security and abuse-prevention signals.

f. Cookies and Authentication Data

We use cookies and similar technologies, including:

  • JWT-based authentication cookies;
  • secure HttpOnly cookies;
  • session cookies;
  • account and session integrity tokens; and
  • other essential cookies necessary for login, authentication, session integrity, security, and website operation.

g. Communications and Support Information

If you contact us directly, submit a refund request, request account closure, or request support, we may collect:

  • your contact details;
  • support messages;
  • request details;
  • attachments;
  • account verification information; and
  • other information you choose to provide.

h. Account Closure and Deletion Request Information

If you request account closure or deletion of personal data, we may collect and maintain limited information related to that request, including:

  • closure request ID;
  • account ID;
  • request status;
  • verification status and timestamp;
  • subscription status snapshot;
  • Moon Shards balance or entitlement snapshot;
  • confirmation records and notice version shown to you;
  • closure, deletion, anonymization, or retention status;
  • support or manual review notes where necessary; and
  • a minimized identity reference, such as a cryptographic hash of your relevant phone number or email address.

This information is used to process the request, prevent accidental restoration of closed accounts, maintain audit integrity, handle disputes, support security, and comply with legal or billing obligations.

3. How We Use Information

We may use personal data for the following purposes:

  • to create and manage user accounts;
  • to authenticate users and maintain secure sessions;
  • to provide access to our AI Agent, Kepler, and related Services;
  • to support user-facing product functions, including access to account-related history and continuity features;
  • to process purchases, memberships, subscriptions, Moon Shards, refunds, and billing requests;
  • to send transactional communications, including purchase confirmations, service notices, billing notices, refund updates, and account closure notices;
  • to provide customer support;
  • to maintain, secure, monitor, and improve our Services;
  • to detect fraud, abuse, unauthorized access, or technical issues;
  • to process account closure, deletion, anonymization, deactivation, or retention actions;
  • to prevent accidental restoration of closed accounts or closed account data;
  • to comply with legal, tax, accounting, regulatory, or contractual obligations; and
  • to enforce our Terms and related policies.

We do not sell your personal data to third parties for their own marketing purposes.

4. AI Tools and Conversation Data

When you use our AI-powered tools, we may process prompts, conversation content, uploaded inputs, uploaded files, generated outputs, and related metadata as necessary to provide the requested functionality.

To support thread continuity, user account features, and cross-device access, we may securely maintain conversation history and related thread records on behalf of users so that they can retrieve, review, manage, and continue prior interactions within the Services. This functionality is intended to support the user experience, rather than to repurpose conversation content for unrelated uses.

We do not intentionally use user conversation records for model training, advertising, or unrelated marketing purposes. We also do not routinely monitor or manually review user conversation content, except where limited access is reasonably necessary for security, abuse prevention, technical troubleshooting, legal compliance, or when assistance is requested by the user.

Where product controls are available, users may delete threads or conversation records through the application interface. We will make reasonable efforts to remove associated data from active systems, subject to technical, legal, backup, security, or compliance limitations.

When account closure or deletion processing applies, we may delete, anonymize, deactivate, or make unavailable stored threads, prompts, uploaded files, generated outputs, and other account-linked AI content, subject to technical feasibility, legal obligations, security needs, backup integrity, and applicable third-party service limitations.

5. Payment Processing

Payments on our website are processed by Stripe (“Stripe”), our third-party payment service provider. Where available, Alipay payments are provided through Stripe and/or Alipay-related payment networks.

Where Alipay is available for subscriptions or recurring billing, the recurring authorization and subsequent billing are handled through Stripe-supported payment flows and applicable Alipay payment network rules. We do not directly collect or store your Alipay login credentials or full Alipay account details.

When you make a payment, start a subscription, manage billing, request a refund, cancel a subscription, use a Stripe-hosted billing portal, or request account closure while billing records remain relevant, Stripe may collect and process payment-related information in accordance with its own privacy policy and terms. We may receive limited payment-related information from Stripe, such as:

  • payment status;
  • transaction ID;
  • Stripe customer ID;
  • subscription ID;
  • invoice ID;
  • payment intent or checkout session ID;
  • refund ID and refund status;
  • billing cycle, renewal, cancellation, and failed-payment information;
  • partial payment method details, where made available to us; and
  • information necessary for order fulfillment, refunds, customer support, fraud prevention, accounting, tax, legal compliance, and dispute handling.

We do not store full payment card numbers, Alipay account credentials, or full sensitive payment credentials on our own servers.

For more information about how Stripe handles payment data, please review Stripe’s privacy policy and terms. If you choose Alipay as a payment method, Alipay-related payment data may also be processed by Alipay or its related payment network providers under their own applicable terms and privacy practices.

6. Cookies and Similar Technologies

We use cookies and similar technologies for essential website and application functions, including authentication, session management, and security.

Essential / Authentication Cookies

These may include JWT-based and secure HttpOnly cookies used to:

  • keep users logged in;
  • authenticate user sessions;
  • protect account access; and
  • support secure use of logged-in areas of the Services.

Session Cookies

We may use temporary session cookies to maintain website functionality and improve user experience during active sessions.

Security-Related Technologies

We may use HTTPS, security headers, and related safeguards to help protect data transmitted between your device and our systems.

You may be able to control cookies through your browser settings, but disabling essential cookies may affect your ability to log in or use parts of the Services.

7. How We Share Information

We may share personal data with trusted third-party service providers only where reasonably necessary to operate, secure, maintain, or support our Services.

Such providers may include:

  • payment processors, including Stripe;
  • hosting or infrastructure providers;
  • authentication or account management providers;
  • analytics or security service providers;
  • communication, email, SMS, or support tools;
  • AI model, inference, or infrastructure providers, where necessary to deliver AI-related functionality; and
  • legal, accounting, or other professional advisers where reasonably necessary.

Where AI model, inference, or infrastructure providers process user inputs or outputs on our behalf, they do so only as necessary to provide, secure, maintain, or improve the requested Services, and not for their own independent marketing purposes.

We do not share your personal data with third parties for their own direct marketing purposes.

We may also disclose information:

  • if required by law, regulation, legal process, or governmental request;
  • to protect our rights, users, systems, or Services;
  • in connection with fraud prevention, security investigations, or dispute resolution;
  • to process account closure, deletion, billing, tax, audit, refund, or dispute obligations; or
  • in connection with a merger, acquisition, restructuring, financing, or sale of assets, subject to applicable legal requirements.

8. International Data Transfers

Our Services may involve systems, personnel, or service providers located in multiple jurisdictions. As a result, your personal data may be processed or stored in countries other than your own.

This may include processing by payment processors such as Stripe, Alipay-related payment networks, hosting providers, security providers, support tools, authentication providers, communication tools, and AI infrastructure providers located outside your country or region.

Where appropriate, we take reasonable steps to ensure that personal data transferred internationally receives an appropriate level of protection consistent with applicable law.

9. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide our Services, maintain accounts, support stored thread history, comply with legal obligations, resolve disputes, and enforce our agreements.

Retention periods may vary depending on the type of data, including:

  • Account information: retained while your account remains active and for a reasonable period thereafter as necessary for legal, security, account closure integrity, or operational purposes.
  • Transaction, subscription, invoice, refund, and billing consent records: retained as needed for tax, accounting, legal, fraud prevention, authorization, dispute resolution, chargeback handling, and operational purposes.
  • Moon Shards and digital service credit records: retained as needed to provide account balance continuity, service fulfillment, refund handling, abuse prevention, customer support, account closure processing, and accounting records.
  • Conversation, thread, prompt, uploaded file, and generated output data: retained while needed to provide thread history and account functionality, unless deleted by the user, removed under our retention practices, or processed as part of account closure or deletion workflows.
  • Account closure and deletion request records: retained as needed to document request handling, prevent accidental restoration of closed accounts, handle billing or legal disputes, support security, and maintain audit integrity.
  • Technical logs and security data: retained for limited periods as reasonably necessary to secure and maintain our systems.

Subscription authorization, invoice, refund, chargeback, and payment dispute records may be retained for the periods required or permitted by payment network rules, tax laws, accounting requirements, anti-fraud obligations, and legal limitation periods.

Residual copies may remain in backups, logs, or archived systems for a limited period where technically necessary or legally required.

10. Account Closure, Deletion Requests, and Re-Registration

Where available, you may request to close your account through the account management area. If the in-account closure path is unavailable or if you need assistance, you may contact us at contact@orbitmoonalpha.com.

Account closure is separate from subscription cancellation. If you have an active recurring subscription, you may be asked to cancel future renewals through the Kepler Account billing area or the Stripe-hosted billing portal before closure can be completed. Where supported by the Services, account closure processing may also cancel, disable, or prevent future renewal of the related subscription. We do not intend to continue charging recurring subscription fees for an account after the account has been closed. Subscription status, unpaid invoices, refunds, disputes, suspected abuse, security concerns, or legal obligations may affect how and when we process an account closure or deletion request, but they will not be used as an indefinite or unreasonable barrier to submitting such a request.

When your account is closed, we may delete, anonymize, deactivate, or make unavailable account profile data, authentication access, user-generated threads, prompts, uploaded files, generated outputs, account preferences, and other account-linked content, subject to applicable law, security needs, technical limits, backup integrity, and required retention.

Some records may be retained where necessary for billing, payment processing, tax, accounting, fraud prevention, abuse investigation, security, legal compliance, dispute resolution, backup integrity, or audit purposes. This may include Stripe-related records, invoices, refunds, chargebacks, subscription authorization records, Moon Shards transaction records, closure request records, security logs, and minimal identity references.

Unused Moon Shards, credits, remaining subscription benefits, paid-through access time, promotional benefits, bonus credits, or similar account-linked entitlements associated with a closed account may be forfeited, expired, cancelled, or otherwise made unavailable, subject to applicable law and any written terms expressly agreed by us.

After an account is closed, you will not be able to log into or access the old account or old account data. You may be able to register again using the same phone number, email address, or supported login method, but any such registration will be treated as a new account. We will not automatically restore the closed account, historical threads, prompts, uploaded files, generated outputs, Moon Shards, subscription benefits, paid-through access, preferences, profile data, analytics labels, or other historical account-linked data to the new account.

To prevent accidental restoration of closed accounts, support legal or billing records, handle disputes, protect security, and maintain audit integrity, we may retain a limited account closure record and a minimized identity reference, such as a cryptographic hash of the relevant phone number or email address, subject to applicable law. This reference is intended for account closure integrity, fraud prevention, billing dispute handling, security, and audit purposes, and not for marketing, profiling, or feature recommendation.

For SMS-only accounts or accounts without a reachable email address, account closure results may be shown in the account interface where available. If a billing email exists, we may use it for billing-related and closure-related notices. We will not require you to add an email address solely as a condition for submitting an account closure request unless necessary for identity verification, legal compliance, or security reasons.

11. Your Rights and Choices

Depending on your jurisdiction, you may have rights regarding your personal data, including the right to:

  • request access to personal data we hold about you;
  • request correction of inaccurate data;
  • request deletion of personal data;
  • object to or request restriction of certain processing; and
  • request a copy of certain personal data in a portable format, where applicable.

To exercise your rights, please contact us at:

contact@orbitmoonalpha.com

We may need to verify your identity before processing certain requests. We may also retain certain information where required by law, for security purposes, fraud prevention, tax and accounting obligations, dispute resolution, chargeback handling, subscription authorization records, account closure integrity, or other legitimate business needs.

Please note that deletion of account or conversation data may not immediately delete payment, invoice, refund, subscription, billing consent, account closure, security, or Moon Shards transaction records where we are required or permitted to retain them for legal, tax, accounting, fraud prevention, dispute handling, audit, or service-fulfillment purposes.

Payment method data held by Stripe, Alipay, or related payment networks may be subject to their own retention, deletion, and legal compliance rules. We can assist with requests that relate to information we control, but we may not be able to delete records that payment processors are legally required or permitted to retain.

If your account includes built-in controls for deleting threads, conversations, account information, or requesting account closure, you may also use those product features where available.

12. GDPR and CCPA

If you are located in a jurisdiction with specific privacy rights, including the European Economic Area, the United Kingdom, or California, you may have additional rights under applicable privacy laws such as the GDPR or CCPA/CPRA.

If you maintain separate GDPR or CCPA pages, you may reference them here. Otherwise, this Privacy Policy is intended to provide a general overview of how we handle personal data across our Services.

13. Security

We implement reasonable technical and organizational measures designed to protect personal data from unauthorized access, disclosure, alteration, or destruction.

These measures may include:

  • HTTPS / SSL encryption in transit;
  • secure authentication mechanisms;
  • secure HttpOnly cookies;
  • access controls;
  • server-side protections; and
  • reasonable operational safeguards.

However, no method of transmission over the Internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

14. Age Requirements / Children’s Privacy

Our Services are primarily intended for adults and are not designed for children. You must be at least 18 years old, or the age of majority in your jurisdiction, to purchase paid products, subscriptions, or membership plans through our Services.

If you are under the age of majority in your jurisdiction, you should use the Services only where permitted by applicable law and with appropriate permission or supervision.

We do not knowingly collect personal data from children in violation of applicable law. If you believe that a child has provided us with personal data in a manner that violates applicable law, please contact us and we will take reasonable steps to investigate and address the issue.

15. Third-Party Links and Services

Our Services may contain links to third-party websites, tools, or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing them with personal information.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we may provide notice by updating the date above or by other appropriate means.

Your continued use of the Services after any update becomes effective constitutes your acknowledgment of the revised Privacy Policy.

17. Contact Us

If you have any questions, requests, or concerns regarding this Privacy Policy or our data handling practices, please contact us at:

contact@orbitmoonalpha.com

Shopping Cart
Scroll to Top