Privacy Policy

1. Introduction

Orama ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application, including any other media form, media channel, mobile website, or mobile application related or connected thereto.

2. Information We Collect

We collect information in the following ways:

  • Account Information: When you create an account, we collect your name, email address, and authentication credentials.
  • Usage Data: We automatically collect information about your interactions with Orama, including tasks created, notes, integrations connected, and usage patterns.
  • Integration Data: When you connect third-party services (Zoom, Google Calendar, etc.), we collect and store necessary authentication tokens and synced data.
  • Device Information: We collect information about your device, browser, IP address, and operating system.
  • Communication Data: If you contact us for support, we collect your messages and any attachments.
  • Analytics Data: We use Vercel Analytics to collect anonymized usage statistics about your interactions with our service. This data helps us improve performance and user experience. You can opt-out of analytics collection at any time through the cookie banner.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve Orama and our services
  • Process and manage your account
  • Sync data with your connected integrations
  • Send you service-related announcements and updates
  • Respond to your inquiries and support requests
  • Analyze usage trends to enhance user experience
  • Prevent fraud and secure our platform
  • Comply with legal obligations

4. Cookie and Analytics Policy

We use analytics tools to understand how our service is used. Specifically:

  • Vercel Analytics: We use Vercel Analytics to collect anonymized website analytics. This service processes data about your device type, browser, and usage patterns to help us improve our service. No personally identifiable information is shared with Vercel unless you explicitly consent.
  • Consent Management: When you first access our dashboard, you will see a cookie banner asking for your consent to analytics collection. You can accept or reject analytics at any time. Your choice is stored locally in your browser.
  • Opting Out: If you reject analytics, Vercel Analytics will not be loaded, and no analytics data will be collected from your session.

5. Data Security

We implement comprehensive security measures to protect your personal information. Your data is encrypted in transit using HTTPS and at rest in our secure databases. We limit access to your information to authorized personnel only. However, no method of transmission over the internet or electronic storage is completely secure, so we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy. You can request deletion of your account and associated data at any time. Some information may be retained for legal compliance purposes.

7. Third-Party Integrations and Data Processing

Orama integrates with and uses services from the following third parties:

  • Zoom, Google Calendar, GitHub, Asana, Todoist, Notion, Trello: When you connect these services, we store your authentication tokens securely and sync necessary data. These integrations are governed by their own privacy policies.
  • Resend (Email): We use Resend to send transactional emails (account verification, password reset, notifications). Your email address is transmitted to Resend for these purposes only.
  • Stripe (Payments): We use Stripe for payment processing. Your payment information is handled by Stripe according to their privacy policy. We do not store your credit card information.
  • Vercel (Analytics & Hosting): We host our application on Vercel and use their analytics service (if you consent). Vercel may process analytics data according to their privacy policy.
  • Groq (AI Processing): When you use AI features, your requests may be processed by Groq API. Check Groq's privacy policy for details on their data handling.

We are not responsible for the data practices of these third parties. We only transmit the minimum data necessary for each service to function.

8. Your Rights (GDPR/RGPD)

You have the following rights regarding your personal information under GDPR:

  • Right to Access: You can request a copy of your personal data at any time by contacting us
  • Right to Rectification: You can request corrections to inaccurate information through your account settings
  • Right to Erasure: You can request deletion of your account and all associated data. We will process this request within 30 days
  • Right to Data Portability: You can request your data in a portable, machine-readable format
  • Right to Withdraw Consent: You can withdraw consent for data processing at any time. You can also change your analytics consent through the cookie banner
  • Right to Object: You can object to certain types of data processing by contacting us

9. Contact Us & Data Protection

If you have questions about this Privacy Policy, wish to exercise your rights, or have concerns about our privacy practices, please contact us at:

Email: support@orama.li
Website: https://orama.li

We are committed to responding to all data protection requests within the timeframes required by GDPR (typically 30 days).

Last Updated: January 13, 2026