1. Introduction & Overview
Orensio, a product of Vishwakarma Group LLC ("Orensio", "we", "us", or "our"), provides an autonomous AI-driven sales development representative (the "Platform", "SDR") designed to automate lead generation, personalization, sequences, and calendar scheduling for business-to-business (B2B) communications.
We are committed to operating our services with the highest standard of corporate responsibility, data protection, and absolute integrity. This Privacy Policy outlines how we collect, process, utilize, and protect your information, as well as the proprietary data sourced or uploaded to run automated sequences.
2. Information We Sourcing & Collect
Orensio processes data in two main capacities: as a Data Controller (for your registration, account details, and billing details) and as a Data Processor (for the prospective B2B lead profiles, emails, and campaign details processed on your behalf).
- Account and Profile Data: Full name, professional email address, company name, billing details, and encrypted access keys necessary to set up HubSpot CRM or outreach nodes.
- Prospect and Lead Data: Sourced through compliant public records, professional directory networks, and user-provided lists, including job titles, company emails, professional LinkedIn profiles, and business firmographic details.
- Usage Data: Dynamic logs of dashboard interactions, campaigns dispatched, response rates, and calendar bookings utilized to calculate plan limits.
3. AI Processing & Sequence Data
The platform uses advanced natural language processing (NLP) models to write highly customized business pitches referencing specific, public details of lead companies.
Our Orensio AI Engine operates under strict guidelines:
- No customer outreach databases, private emails, or calendar links are ever used to train public language models.
- All AI-generated text is processed dynamically in safe sessions and stored securely on your dedicated database instances.
- Outreach sequences follow deterministic caps configured strictly under your active plan limits (Starter, Growth, or Scale/Agency).
4. Third-Party Subprocessors
To deliver seamless outreach, Orensio partners with premium infrastructure subprocessors. Each subprocessor is vetted to ensure complete security compliance:
| Subprocessor | Purpose | Data Transferred |
|---|---|---|
| Supabase Inc. | PostgreSQL Hosting & RLS | User profiles, lead tables, campaign logs |
| Stripe Inc. | Secure Payment processing | Billing addresses, card tokens (PCI-compliant) |
| Anthropic Inc. / OpenAI | AI Personalisation Engines | Prospect firmographics, ICP criteria (Zero data retention) |
5. Security Protocols & Encryption
We treat security as a first-class citizen of Orensio's architecture.
- Data in Transit: All HTTP requests are encrypted using TLS 1.3 protocol.
- Sensitive Token Encryption: HubSpot API private keys and outreach tokens are encrypted using military-grade AES-256 equivalent standard before saving to our databases, keeping them safe from unauthorized database visibility.
- Row-Level Security (RLS): The database schema strictly isolates client campaigns and logs to their matching customer account context.
6. Data Retention & Erasure
Orensio retains data only for as long as necessary to fulfill active campaigns or billing compliance. If you delete a lead, campaign, or your entire account, all associated database records are fully erased using cascading database triggers.
Sourced lead profiles that have not engaged in sequences are periodically cleared to keep Orensio's systems light and completely clean.
7. Your Rights & Choice
Orensio is designed with global compliance safeguards. Depending on your location, you may have specific rights regarding your personal information, which you can manage at any time:
- Opt-Out & Unsubscribe: Any B2B prospect can request complete data erasure and opt-out of future campaign sequences by clicking the unsubscribe link or requesting a block. You can manage your cookie preferences through our global Cookie Consent Banner overlay.
- Portability & Access: You can download a complete CSV export of your campaign lists, replies, and calendar bookings at any time.
8. Regional Disclosures (US / UK / AU)
We comply with regional data protection standards across our primary B2B markets:
A. United States (CCPA/CPRA - California)
Under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA), California residents are entitled to specific disclosures. We collect the following categories of B2B personal information: Identifiers (name, email, company, title), Professional/Employment Information (job title, history), and Internet/Electronic Network Activity (clicks, replies, page views).
We do not sell or share your personal B2B information in exchange for monetary value. You have the right to request access, correction, or deletion of your personal data, and to opt-out of any B2B sharing by emailing hello@orensio.com. We will not discriminate against you for exercising your privacy rights.
B. United Kingdom & EU (UK GDPR & DPA 2018)
If you reside in the United Kingdom or the EEA, the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018 apply. Orensio acts as a Data Processor for prospect lists and as a Data Controller for our client accounts. The lawful bases for processing your account details are the Performance of Contract and our Legitimate Interest in delivering safe outbound capabilities.
For cross-border data transfers outside the UK or EEA (such as to our US database instances), we utilize Standard Contractual Clauses (SCCs) and the UK International Data Transfer Addendum (IDTA). You have the right to lodge a complaint with the Information Commissioner's Office (ICO) in the UK (ico.org.uk) or your local supervisory authority.
C. Australia (Privacy Act 1988 & APPs)
We manage personal information in compliance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). Personal B2B information collected for campaigns is securely processed and hosted on cloud servers located in the United States. By providing your information or using our services, you consent to this cross-border disclosure.
Outbound communications strictly adhere to the Spam Act 2003 (Cth). Every marketing or outreach campaign includes clear identifying information and a functional unsubscribe mechanism. If you believe we have breached the APPs, you may submit a complaint to hello@orensio.com. We will respond within 30 days. If unsatisfied, you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.
9. Contact Information
For any inquiries, data erasure requests, or compliance reviews, please contact our dedicated security team directly:
Email: hello@orensio.com
Orensio AI Compliance Department
(Globally Remote)