Back

Privacy Policy

Effective date: March 15, 2026

Introduction

Vibeful (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our desktop application, website at www.vibeful.io, cloud services, and related tools (collectively, the “Service”).

By using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please do not use the Service.

1. Personal Data We Collect

A. Information You Provide

  • Account Information: Name and email address when you create an account.
  • Payment Information: Billing details processed through our payment provider (Stripe). We do not store full card numbers.
  • Inputs and Outputs: Content you provide to the AI agent (“Inputs”) and the generated results (“Outputs”). See Section 3 for how we handle this data.
  • Feedback: Corrections, ratings, and preferences you provide to improve your AI experience.
  • Communications: Messages you send us via email or support channels.

B. Information Collected Automatically

  • Usage Data: Pages visited, features used, timestamps, and interaction patterns.
  • Device Information: Browser type, operating system, and device identifiers.
  • Analytics: We use Vercel Analytics to collect anonymous performance data. No personal information is included.

C. Information We Do Not Collect

We do not knowingly collect sensitive personal data (biometric, health, religious information) or information from children under 18. The desktop application processes data locally and does not transmit your files to our servers unless you explicitly enable cloud features.

2. Local-First Architecture

The Vibeful desktop application is designed to run locally on your machine. Your documents, rules, conversation history, and AI-generated outputs are stored on your device by default. When you use your own API keys, data flows directly between your device and your chosen AI provider — it does not pass through our servers.

Cloud features (cloud sync, hosted documents, Cloud Agent) are optional and require explicit opt-in. When enabled, your data is transmitted via encrypted connections and stored on our infrastructure.

3. How We Use Your Data

  • To provide, maintain, and improve the Service.
  • To process payments and manage your account.
  • To respond to your inquiries and provide support.
  • To send product updates and important notices (you can opt out at any time).
  • To detect and prevent fraud, abuse, and security incidents.
  • To comply with legal obligations.

We do not use your Inputs or Outputs to train AI models. Your content is processed by third-party AI providers (OpenAI, Anthropic, etc.) solely to generate responses for you, subject to their respective privacy policies. When you use built-in AI credits, prompts are routed through our infrastructure for metering purposes only.

4. How We Share Your Data

  • AI Providers: When using cloud AI features, your Inputs are sent to third-party AI providers to generate Outputs.
  • Service Providers: We use trusted vendors for hosting (Vercel, Render), database (Neon), storage (Cloudflare), and payments (Stripe).
  • Legal Requirements: We may disclose data when required by law, court order, or to protect our rights and safety.
  • Business Transfers: In the event of a merger or acquisition, your data may be transferred to the successor entity.

We do not sell your personal data or share it for advertising purposes.

5. Data Retention

We retain your personal data only as long as necessary to provide the Service and comply with legal obligations. Account data is retained while your account is active. You can request deletion of your account and associated data at any time.

Local data on the desktop application is under your control and is not subject to our retention policies.

6. Security

We implement industry-standard security measures including encryption in transit (TLS), encrypted storage, and access controls. However, no system is perfectly secure. You are responsible for keeping your account credentials confidential.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access and receive a copy of your personal data.
  • Correct inaccurate personal data.
  • Request deletion of your personal data.
  • Object to or restrict certain processing.
  • Data portability (receive your data in a structured format).
  • Withdraw consent where processing is based on consent.

To exercise these rights, contact us at info@vibeful.io. We will respond within 30 days.

8. International Data Transfers

Our services are hosted in the United States. If you are accessing the Service from outside the US, your data may be transferred to and processed in the US. We apply the protections described in this policy regardless of where your data is processed.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date at the top of this page and, where required, notify you by email or through the Service.

10. Contact Us

If you have questions about this Privacy Policy, please contact us at info@vibeful.io.