VibeUIVibeUI

Privacy Policy

Last updated: March 7, 2026

1. Information We Collect

Account Information

When you sign in via Google or GitHub OAuth, we receive your email address, display name, and profile picture URL. We do not have access to your OAuth provider password.

Usage Data

We log API requests including: request path, response status, response time, IP address, client application name, and AI agent identifier (if provided via optional headers).

Payment Information

Payment processing is handled by Stripe. We do not store credit card numbers or financial data on our servers. Stripe's privacy policy applies to payment data.

2. How We Use Your Information

  • To provide and maintain the Service
  • To authenticate your identity and manage your account
  • To process credit purchases and API billing
  • To monitor API usage and enforce rate limits
  • To improve the Service and develop new features
  • To detect and prevent abuse, fraud, and security incidents

3. Data Sharing

We do not sell your personal information. We may share data with:

  • Supabase — database hosting and authentication
  • Stripe — payment processing
  • Google (Gemini API) — AI processing of submitted designs
  • Vercel — application hosting

4. Data Security

  • API keys are stored as SHA-256 hashes; the full key is shown only once at creation.
  • All connections are encrypted via HTTPS/TLS.
  • Row-level security (RLS) policies ensure users can only access their own data.
  • Credit deductions use atomic database operations to prevent race conditions.

5. Cookies

We use essential cookies for authentication session management. We do not use advertising or tracking cookies.

6. Data Retention

Account data is retained as long as your account is active. API usage logs are retained for billing and analytics purposes. You may request account deletion by contacting us.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and associated data
  • Export your data in a portable format

8. Changes to This Policy

We may update this policy from time to time. We will notify registered users of significant changes via email or in-app notification.

9. Contact

For privacy-related inquiries, please visit our documentation or reach out through the platform.