Privacy Policy

Last Updated: January 18, 2026

Introduction

At Vibedasher, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Business Intelligence platform.

Information We Collect

Personal Information

We collect information that you provide directly to us, including:

Account Information: Name, email address, password, and company details
Profile Information: Job title, department, and preferences
Payment Information: Billing address and payment method details (processed securely through Stripe)
Communication Data: Messages, feedback, and support requests

Usage Information

We automatically collect certain information when you use our platform:

Log Data: IP address, browser type, operating system, and access times
Usage Analytics: Features used, dashboards created, and interaction patterns
Device Information: Device type, unique device identifiers, and mobile network information
Cookies and Similar Technologies: We use cookies to enhance your experience and analyze usage

Data You Upload

When using Vibedasher, you may upload or connect your data sources:

Database Connections: Connection strings and credentials (encrypted at rest)
Uploaded Files: CSV, Excel, and other data files
Query Results: Cached query results for performance optimization
Visualizations: Charts, dashboards, and reports you create

How We Use Your Information

We use the information we collect to:

Provide Services: Operate, maintain, and improve our platform
Process Transactions: Handle billing and payment processing
Communicate: Send service updates, security alerts, and support messages
Personalization: Customize your experience and provide relevant features
Analytics: Analyze usage patterns to improve our services
Security: Detect, prevent, and address security incidents and fraud
Compliance: Meet legal obligations and enforce our terms

Data Storage and Security

Security Measures

We implement industry-standard security measures to protect your data:

Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
Access Controls: Role-based access control and multi-factor authentication
Infrastructure: SOC 2 Type II compliant cloud infrastructure
Monitoring: 24/7 security monitoring and incident response
Regular Audits: Periodic security assessments and penetration testing

Data Retention

Account Data: Retained while your account is active and for 90 days after deletion
Usage Logs: Retained for 12 months for security and analytics purposes
Backups: Maintained for disaster recovery, typically retained for 30 days
Legal Holds: Data may be retained longer if required by law

Third-Party Services

We share data with trusted third-party service providers:

Cloud Infrastructure: AWS, Google Cloud Platform (data hosting and processing)
Payment Processing: Stripe (payment transactions)
Analytics: PostHog (privacy-focused analytics)
Communication: Email service providers for transactional emails
AI Services: OpenAI, Anthropic, Google (AI-powered features, only when you use them)

All third parties are contractually obligated to protect your data and use it only for specified purposes.

Legal Requirements

We may disclose your information if required by law or in response to:

Valid legal processes (subpoenas, court orders)
Requests from law enforcement or government agencies
Protection of our rights, property, or safety
Investigation of fraud or security issues

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

Your Rights and Choices

Data Access and Control

You have the right to:

Access: Request a copy of your personal data
Correction: Update or correct inaccurate information
Deletion: Request deletion of your account and data
Portability: Export your data in a machine-readable format
Objection: Opt out of certain data processing activities
Restriction: Limit how we process your data

You can control cookie settings through your browser. Note that disabling cookies may affect platform functionality.

Marketing Communications

You can opt out of marketing emails by clicking the unsubscribe link or updating your preferences in your account settings.

On-Premise Deployment

For customers using our on-premise or self-hosted solution:

Data Sovereignty: All data remains on your infrastructure
No Cloud Storage: We don't store or access your data unless you explicitly grant access for support
Local Processing: All analytics and AI processing can be done locally with your own LLM
Audit Logs: Full control over access logs and monitoring

Children's Privacy

Vibedasher is not intended for users under 16 years of age. We do not knowingly collect personal information from children.

International Data Transfers

If you're accessing Vibedasher from outside the region where our servers are located, your data may be transferred internationally. We ensure appropriate safeguards are in place, including:

Standard Contractual Clauses (SCCs) approved by the European Commission
Privacy Shield Framework compliance (where applicable)
Data processing agreements with third parties

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

Email notification to your registered email address
Prominent notice on our website or platform
In-app notification upon login

Continued use of Vibedasher after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices:

Email: privacy@vibedasher.com
Data Protection Officer: dpo@vibedasher.com
Address: Company Address

For EU residents, you have the right to lodge a complaint with your local data protection authority.

Regional-Specific Information

California Residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

Right to know what personal information is collected
Right to know if personal information is sold or disclosed
Right to opt out of the sale of personal information (Note: We do not sell personal information)
Right to non-discrimination for exercising CCPA rights

For users in the European Economic Area, UK, and Switzerland:

Legal Basis: We process data based on consent, contract performance, legal obligations, and legitimate interests
Data Protection Officer: Contact dpo@vibedasher.com
Right to Object: You can object to processing based on legitimate interests
Automated Decision-Making: We don't make automated decisions that significantly affect you without human review

This policy is effective as of January 18, 2026. Please review it periodically for updates.