Orbita Notes

Data Protection

Orbita Note Series LLC is committed to ensuring the privacy, integrity, and security of all personal and financial data entrusted by its investors. Through the adoption of global data protection frameworks and advanced security protocols, the company safeguards sensitive information at every stage of its lifecycle—from collection and processing to storage and disposal. Below is a comprehensive overview of the data protection measures in place.

1. Data Collection and Minimization

  • Purpose-Driven Data Collection:
    • Orbita Note Series LLC collects only the data necessary for investment management, regulatory compliance, and operational processes.
    • Personal data collected includes identifying information, contact details, and payment data, as required for KYC/AML compliance.
  • Minimization and Relevance:
    • The company adheres to the principle of data minimization, ensuring that no unnecessary or excessive data is collected or retained.

2. Data Storage and Encryption Protocols

  • Encryption of Stored Data:
    • All sensitive data is encrypted using AES-256 encryption during storage to prevent unauthorized access.
    • Investor data, including account credentials, transaction history, and personal identifiers, are stored in secure, isolated databases.
  • Cloud Security and Backup Systems:
    • Secure cloud services are utilized with redundant backup systems to ensure data availability even during system disruptions or cyber incidents.
    • Regular backups and integrity checks safeguard investor data against corruption or loss.

3. Data Access and Role-Based Permissions

  • Access Control Measures:
    • Investor data is accessible only to authorized personnel under role-based access control (RBAC) policies.
    • Access to sensitive data requires multi-factor authentication (MFA) to ensure only verified personnel can view or process information.
  • Audit Trails and Monitoring:
    • All access to data is tracked through audit logs to ensure transparency and accountability.
    • Regular audits ensure that access permissions align with operational and security needs.

4. Compliance with International Data Protection Regulations

  • GDPR and CCPA Compliance:
    • Orbita Note Series LLC complies with the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), ensuring the rights of EU and U.S. residents are protected.
    • Investors are informed of their rights, including access, correction, and deletion of their personal data.
  • Cross-Border Data Transfers:
    • Data transfers to regions outside the investor’s country of residence are protected through Standard Contractual Clauses (SCCs) and data processing agreements to ensure compliance with relevant regulations.

5. Data Retention and Deletion Policies

  • Retention Periods:
    • Personal data is retained only for as long as necessary to meet regulatory, legal, and operational requirements.
    • Financial and transactional records are retained for seven years or as mandated by law.
  • Secure Data Deletion:
    • Upon expiration of the retention period or at an investor’s request, data is securely deleted or anonymized to prevent recovery or misuse.

6. Investor Rights and Consent Management

  • Right to Access and Correction:
    • Investors can request access to their personal data and correct any inaccuracies through the online portal.
  • Right to Deletion:
    • Investors may request the deletion of their personal data, subject to regulatory obligations requiring data retention.
  • Consent Management:
    • Consent for marketing communications and other non-essential data processing activities can be managed through the account settings.

7. Third-Party Data Sharing Policies

  • Trusted Service Providers:
    • Orbita Note Series LLC shares data only with trusted service providers, such as payment processors, CUIBs, NCUIBs, and partner platforms.
    • All third-party partners are required to adhere to the company’s data protection policies and international privacy laws.
  • Data Sharing with Regulatory Authorities:
    • In compliance with legal obligations, data may be shared with regulatory bodies or law enforcement upon official request.
    • Any such disclosures are handled transparently, and investors are informed where applicable.

8. Data Breach Prevention and Response

  • Proactive Monitoring:
    • Continuous monitoring systems detect and prevent potential data breaches before they occur.
    • Automated alerts notify the security team of suspicious activity, triggering immediate investigation.
  • Data Breach Response Plan:
    • In the unlikely event of a data breach, the company has a data breach response plan in place to contain the incident, assess its impact, and notify affected parties within the timeframe required by law.
  • Investor Notification:
    • Affected investors are notified promptly and provided with guidance on protective actions they can take to mitigate risks.

9. Secure Management on Third-Party Platforms

  • Data Integrity on Partner Platforms:
    • For investors managing Orbita Notes via third-party platforms such as StellarTerm, data remains under the control of Orbita Note Series LLC in compliance with its data protection policies.
    • Investors are encouraged to use two-factor authentication and secure passwords on these platforms to ensure account safety.
  • Coordination for Compliance and Security:
    • Orbita Note Series LLC works closely with partner platforms to ensure all investor data handled on these platforms meets the company’s security and privacy standards.

10. Investor Awareness and Best Practices

  • Educational Materials:
    • Investors receive educational content on best practices for account security and phishing prevention.
    • Periodic security updates keep investors informed of any potential threats and evolving security practices.
  • Dedicated Support:
    • A data protection officer and dedicated support team are available to address any investor concerns related to data privacy and security.

Conclusion

The data protection framework of Orbita Note Series LLC reflects its commitment to transparency, security, and regulatory compliance. Through a combination of encryption, access control, compliance standards, and monitoring systems, the company ensures that all investor data is protected from unauthorized access and misuse. Investors are empowered to exercise their rights, manage consent, and stay informed about their data, fostering trust and confidence in every investment interaction.

Scroll to Top