Privacy Policy

Last Updated: 10/31/2025

This Privacy Policy describes how VibeThoughts ("we," "our," or "us") collects, uses, and shares your personal information when you use our website and services.

1. Information We Collect

1.1 Information You Provide to Us

  • Account Information: When you create an account, we collect your name, email address, and any other information you choose to provide.
  • Content: We collect the thoughts, notes, and other content you create and share through our service.
  • Communications: If you contact us directly, we may receive additional information about you.

1.2 Information from Facebook Login

When you choose to sign up or log in using Facebook, we collect the following information from your Facebook account:

  • Basic Profile Information: Your name, email address, and profile picture
  • Facebook User ID: A unique identifier for your Facebook account
  • Public Profile: Information that is publicly available on your Facebook profile

Important: We only request access to basic profile information necessary to create and maintain your account. We do not access your Facebook posts, friends list, or other private information unless explicitly authorized by you for specific features.

1.3 Automatically Collected Information

  • Usage Data: Information about how you use our service, including pages visited and features used
  • Device Information: Information about your device, browser, and operating system
  • Log Data: Server logs that may include IP addresses, access times, and pages viewed
  • Cookies: We use cookies and similar technologies to enhance your experience

2. How We Use Your Information

We use your personal information for the following purposes:

  • Service Provision: To provide, maintain, and improve our services
  • Account Management: To create and manage your account, including authentication
  • Communication: To send you service-related communications and respond to your inquiries
  • Security: To protect our service and users from fraud, abuse, and security threats
  • Analytics: To understand how our service is used and improve user experience
  • Legal Compliance: To comply with applicable laws and regulations

2.1 Legal Basis for Processing (GDPR)

Our legal basis for processing your personal information includes:

  • Consent: When you provide explicit consent (e.g., for marketing communications)
  • Contract Performance: To provide our services as outlined in our Terms of Service
  • Legitimate Interest: To improve our services and ensure security
  • Legal Obligation: To comply with applicable laws

3. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

  • Service Providers: With trusted third-party vendors who help us operate our service (e.g., hosting, analytics)
  • Legal Requirements: When required by law or to protect our rights and safety
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you explicitly authorize us to share information

Facebook Data: Information obtained from Facebook is used solely for account creation and authentication. We do not share Facebook-sourced data with other third parties beyond what is necessary for service operation.

4. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and monitoring
  • Access controls and authentication requirements
  • Secure coding practices and regular updates

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5. Data Retention

We retain your personal information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Protect against fraudulent or abusive activity

Account information and content are retained until you delete your account. After account deletion, we may retain certain information for legal compliance and security purposes for up to 7 years.

6. Your Rights and Choices

You have the following rights regarding your personal information:

6.1 Access and Portability

  • Request access to your personal information
  • Request a copy of your data in a portable format

6.2 Correction and Updates

  • Update your account information at any time
  • Request correction of inaccurate information

6.3 Deletion

  • Delete your account and associated data through your account settings
  • Request deletion of specific information by contacting us

6.4 Objection and Restriction

  • Object to processing of your information for certain purposes
  • Request restriction of processing under certain circumstances

6.5 Facebook Data Controls

You can also manage your Facebook data through:

  • Your Facebook privacy settings
  • Revoking VibeThoughts' access to your Facebook account
  • Contacting us to delete Facebook-sourced information

7. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Remember your preferences and settings
  • Authenticate your account
  • Analyze usage patterns and improve our service
  • Provide social media features

You can control cookies through your browser settings, but disabling cookies may affect service functionality.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for international transfers, including:

  • Adequacy decisions by relevant authorities
  • Standard contractual clauses
  • Other legally recognized transfer mechanisms

9. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

10. Third-Party Services

Our service may contain links to third-party websites or integrate with third-party services (including Facebook). This Privacy Policy does not apply to third-party services. We encourage you to review the privacy policies of any third-party services you use.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make changes, we will:

  • Update the "Last Updated" date
  • Notify you of material changes via email or service notification
  • Obtain consent where required by law

12. Contact Information

Data Controller: VibeThoughts

Email: tristan@vibethoughts.com

Contact Person: Tristan de Wit

For privacy-related inquiries, data subject requests, or concerns about our privacy practices, please contact us using the information above. We will respond to your request within 30 days.

13. Additional Rights for EU/UK Residents

If you are a resident of the European Union or United Kingdom, you have additional rights under GDPR/UK GDPR:

  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority
  • Right to object to automated decision-making

14. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of the sale of personal information
  • Right to non-discrimination for exercising CCPA rights

Note: We do not sell personal information as defined by the CCPA.

This Privacy Policy is designed to comply with global privacy regulations including GDPR, CCPA, and Facebook's Platform Policy requirements. If you have questions about our privacy practices, please don't hesitate to contact us.