Privacy Policy
How we handle your data in the Orbit ESS mobile app
Orbit IT Solutions ("Orbit", "we", "us") builds and operates Orbit ESS, the Employee Self-Service mobile app for Orbit HR / Odoo HR. This policy explains what data the app collects, how we use it, and the rights you have over it.
1. Who is the data controller?
Direct access requests, deletions, and questions about your record should go to your employer's HR team first.
For questions specifically about the Orbit ESS mobile app, contact us at privacy@orbitech.jo.
2. What data does the app collect?
Orbit ESS collects only the data required to operate the features you use:
Identification — provided by your employer- Employee number, name, photo, job title, department.
- Email, phone number, password (transmitted to your workspace, then stored locally as a hash / biometric-gated keychain item — never sent to Orbit servers).
- PIN code (stored locally as a PBKDF2-hashed value).
- Live GPS coordinates only at the moment you tap "Clock In" or "Clock Out". We do not track your location in the background.
- Timestamps of every clock-in / clock-out.
- A per-install device UUID derived from the OS device identifier (Android ID / iOS identifierForVendor) plus a random fallback. Used to bind your account to one device at a time and to address push notifications.
- Device model, OS version, app version, locale.
- Firebase Cloud Messaging registration token.
- The content of leave / overtime / correction requests you submit.
- Signatures captured in-app.
3. What we do NOT collect
- We do not collect contacts, microphone, calendar, SMS, call logs, or any other content not listed above.
- We do not track your location in the background.
- We do not sell or share your data with advertisers. There are no ads in this app.
- We do not use third-party analytics SDKs (no Mixpanel, no Amplitude, no Adjust, etc.).
4. Where is the data stored?
Your employment data (attendance, requests, payslips, documents) lives on your employer's Odoo / Orbit HR server at the workspace URL you connect to. Orbit IT Solutions does not store a copy unless explicitly contracted by your employer for hosted Orbit HR.
On your phone (encrypted device storage)
Stored in iOS Keychain / Android EncryptedSharedPreferences:
- Authentication token
- PIN hash
- Workspace URL and database name
- Device UUID
Firebase Cloud Messaging (Google LLC)
Transmitted for push notification delivery only:
- Your FCM token
- The notification body content sent by your employer's HR server
5. Who has access to your data?
- Your employer's HR team and Odoo administrators — full access via the back-end.
- Your direct manager — access to your attendance, leave, and overtime data as configured by HR.
- Orbit IT Solutions support engineers — only with your or your employer's explicit consent, for troubleshooting.
- Firebase Cloud Messaging (Google LLC) — push notification delivery only.
6. Permissions we request
| Permission | Why | When asked |
|---|---|---|
| Location | Geofence check on clock-in/out | At sign-in via the permissions intro screen; again at first punch if you skip |
| Notifications | Approval requests, announcements | At sign-in via the permissions intro screen |
| Camera | Profile photo, ID document upload | When you tap the relevant feature |
| Face ID / Fingerprint | App unlock + clock-in identity verification | When you enable biometric in Settings |
| Photo library | Profile photo selection, document download | When you tap the relevant feature |
You can revoke any permission from the OS Settings at any time. The app will degrade the affected feature but stay usable.
7. How long do we keep your data?
- Local device storage: wiped when you sign out (token, PIN, biometric flag, license JWT). The device UUID and your workspace URL are preserved so your install stays known if you sign back in.
- Employer's server: subject to your employer's retention policy. Contact your HR team.
8. Children
Orbit ESS is an employment application and is not intended for users under 18.
9. Your rights
You have the right to:
- Request a copy of your employment data
- Correct inaccurate data
- Request deletion (subject to your employer's legal retention obligations)
- Withdraw consent (which means uninstalling the app)
10. Security
11. Changes to this policy
We will post any material change here with a new "Last updated" date. Continued use of the app after a change means you accept the revised policy.
12. Contact
Privacy Policy
How we handle your data in the Orbit ESS mobile app
Orbit IT Solutions ("Orbit", "we", "us") builds and operates Orbit ESS, the Employee Self-Service mobile app for Orbit HR / Odoo HR. This policy explains what data the app collects, how we use it, and the rights you have over it.
1. Who is the data controller?
Direct access requests, deletions, and questions about your record should go to your employer's HR team first.
For questions specifically about the Orbit ESS mobile app, contact us at privacy@orbitech.jo.
2. What data does the app collect?
Orbit ESS collects only the data required to operate the features you use:
Identification — provided by your employer- Employee number, name, photo, job title, department.
- Email, phone number, password (transmitted to your workspace, then stored locally as a hash / biometric-gated keychain item — never sent to Orbit servers).
- PIN code (stored locally as a PBKDF2-hashed value).
- Live GPS coordinates only at the moment you tap "Clock In" or "Clock Out". We do not track your location in the background.
- Timestamps of every clock-in / clock-out.
- A per-install device UUID derived from the OS device identifier (Android ID / iOS identifierForVendor) plus a random fallback. Used to bind your account to one device at a time and to address push notifications.
- Device model, OS version, app version, locale.
- Firebase Cloud Messaging registration token.
- The content of leave / overtime / correction requests you submit.
- Signatures captured in-app.
3. What we do NOT collect
- We do not collect contacts, microphone, calendar, SMS, call logs, or any other content not listed above.
- We do not track your location in the background.
- We do not sell or share your data with advertisers. There are no ads in this app.
- We do not use third-party analytics SDKs (no Mixpanel, no Amplitude, no Adjust, etc.).
4. Where is the data stored?
Your employment data (attendance, requests, payslips, documents) lives on your employer's Odoo / Orbit HR server at the workspace URL you connect to. Orbit IT Solutions does not store a copy unless explicitly contracted by your employer for hosted Orbit HR.
On your phone (encrypted device storage)
Stored in iOS Keychain / Android EncryptedSharedPreferences:
- Authentication token
- PIN hash
- Workspace URL and database name
- Device UUID
Firebase Cloud Messaging (Google LLC)
Transmitted for push notification delivery only:
- Your FCM token
- The notification body content sent by your employer's HR server
5. Who has access to your data?
- Your employer's HR team and Odoo administrators — full access via the back-end.
- Your direct manager — access to your attendance, leave, and overtime data as configured by HR.
- Orbit IT Solutions support engineers — only with your or your employer's explicit consent, for troubleshooting.
- Firebase Cloud Messaging (Google LLC) — push notification delivery only.
6. Permissions we request
| Permission | Why | When asked |
|---|---|---|
| Location | Geofence check on clock-in/out | At sign-in via the permissions intro screen; again at first punch if you skip |
| Notifications | Approval requests, announcements | At sign-in via the permissions intro screen |
| Camera | Profile photo, ID document upload | When you tap the relevant feature |
| Face ID / Fingerprint | App unlock + clock-in identity verification | When you enable biometric in Settings |
| Photo library | Profile photo selection, document download | When you tap the relevant feature |
You can revoke any permission from the OS Settings at any time. The app will degrade the affected feature but stay usable.
7. How long do we keep your data?
- Local device storage: wiped when you sign out (token, PIN, biometric flag, license JWT). The device UUID and your workspace URL are preserved so your install stays known if you sign back in.
- Employer's server: subject to your employer's retention policy. Contact your HR team.
8. Children
Orbit ESS is an employment application and is not intended for users under 18.
9. Your rights
You have the right to:
- Request a copy of your employment data
- Correct inaccurate data
- Request deletion (subject to your employer's legal retention obligations)
- Withdraw consent (which means uninstalling the app)
10. Security
11. Changes to this policy
We will post any material change here with a new "Last updated" date. Continued use of the app after a change means you accept the revised policy.