Privacy Policy
Effective date: March 11, 2026
VibeKit ("we", "us", "our") operates the VibeKit platform at vibekit.bot and the VibeKit mobile application. This policy explains what data we collect, how we use it, and your rights.
1. Information We Collect
- Account info: Telegram user ID, username, and display name when you interact with our bot. Email address if you sign up via the web dashboard.
- API keys: If you provide your own Claude or OpenAI API keys, they are stored encrypted (AES-256-GCM) and used solely to make requests on your behalf.
- Usage data: Session counts, token usage, and cost tracking to manage billing and display your usage dashboard.
- App data: Source code, files, and configurations you upload or generate through the platform are stored in isolated containers.
- Device info: Push notification tokens (if you enable notifications), device type, and browser info for delivering the service.
2. How We Use Your Data
- To provide and operate the VibeKit platform
- To process your AI agent requests using your API keys or our credits system
- To send push notifications about agent activity (if enabled)
- To track usage for billing purposes
- To improve the service and fix bugs
3. Data Storage & Security
Your data is stored on servers in AWS US-East-2 (Ohio). API keys are encrypted at rest with AES-256-GCM. App containers are isolated per user. We use HTTPS for all communications.
4. Third-Party AI Services
VibeKit connects your apps to third-party AI services to power the AI agent features. When you use the AI agent, the following data is shared with these services:
4a. What data is sent to AI providers
- Chat messages: Text messages you send to the AI agent are transmitted to the AI provider to generate responses.
- File contents: When you ask the agent to read, edit, or create files, the contents of those files may be sent to the AI provider as context.
- App context: Information about your app's structure, error logs, and configuration may be included to help the agent assist you.
We do not send your email address, payment information, API keys, or account credentials to AI providers.
4b. Who data is sent to
- Anthropic (Claude): The primary AI provider. Your chat messages and file context are sent to Anthropic's Claude API to generate agent responses. Anthropic does not use API data for model training. See Anthropic's privacy policy.
- OpenAI: If you provide your own OpenAI API key, requests are sent to OpenAI's API for text-to-speech features. See OpenAI's privacy policy.
These third-party AI providers maintain their own privacy policies and provide equivalent or greater protection of your data. Data sent to AI providers is used solely to generate responses and is not used for advertising.
4c. Your consent
Before using the AI agent features for the first time, you will be asked to review and consent to sharing your data with third-party AI services. You may withdraw consent at any time by discontinuing use of the AI agent features.
4d. Other third-party services
5. Data Retention
Chat history and app data are retained as long as your account is active. You can delete your apps and data at any time through the dashboard. Account deletion removes all associated data within 30 days.
6. Your Rights
You can:
- Access and export your data through the dashboard
- Delete your apps and associated data
- Remove your API keys at any time
- Request full account deletion by contacting us
7. Children's Privacy
VibeKit is not intended for users under 13. We do not knowingly collect data from children.
8. Changes
We may update this policy. Material changes will be communicated through the platform.
9. Contact
Questions? Reach us at [email protected] or on Discord.
← Back to VibeKit