Privacy Policy

Last Updated: January 2025

Vybly ("we", "us", "our") provides AI-assisted tools that help users communicate more effectively on social platforms. This Privacy Policy explains how we collect, use, store, and protect personal information across our products, including:

  • The Vybly Chrome Extension
  • The Vybly website (vybly.ai)
  • The Vybly backend and APIs
  • The Vybly account system
  • Future products such as the web dashboard and mobile experiences

We are committed to transparency, security, and respecting your privacy.

1. Information We Collect

We collect only the data necessary to operate our services, maintain reliability, and provide a high-quality user experience.

1.1 Information You Provide Voluntarily

Account Information

When you create an account on Vybly, we may collect:

  • Email address
  • Password (hashed) or OAuth identifier
  • Profile settings
  • Subscription status (Free / Pro)

Billing Information

Payment information is processed securely by Stripe or another PCI-compliant provider.

We do not store credit card numbers.

1.2 Information Automatically Collected

Usage Data

To maintain functionality, enforce usage limits, and improve the product, we collect:

  • Number of replies generated
  • Active features and settings
  • Device/browser type
  • Extension version
  • Anonymous identifiers for rate-limiting
  • Crash logs and performance analytics

This data is non-personal and does not include browsing history or personal communications.

1.3 Website Content (Tweet Text)

When you activate the extension on X (Twitter), we temporarily process:

  • The visible tweet text
  • Public username and tweet metadata
  • Logged-in Twitter username or user ID (derived from the page)

This data is:

  • Sent to our backend only to generate replies
  • Never stored in long-term logs
  • Never used for tracking, profiling, or advertising
  • Never shared with third parties outside of our AI model provider

Chrome requires us to declare this as "website content."

1.4 Information We Do NOT Collect

Vybly does not collect:

  • X/Twitter passwords
  • Private messages or DMs
  • Your social graph (followers, likes, etc.)
  • Browsing history
  • Keystrokes, click tracking, scroll tracking, or device activity
  • Location (GPS or IP-based geolocation)
  • Sensitive categories (health, financial statements, political beliefs, etc.)

Vybly is strictly assistive, not automated.

2. How We Use Your Information

2.1 Core Product Functionality

We use your data to:

  • Generate AI replies
  • Enforce daily usage limits
  • Personalize your experience (reply style, tones, settings)
  • Maintain account access and subscription status

All content sent to our backend is processed in real-time and discarded.

2.2 Improving the Product

We use anonymized usage analytics to:

  • Diagnose performance issues
  • Detect abuse
  • Improve accuracy and speed
  • Understand feature usage

We do not use personal data for advertising or third-party marketing.

2.3 Communications

If you contact support or opt into email updates, we may communicate with you regarding:

  • Account issues
  • Product updates
  • Billing and subscription changes
  • Service outages

3. Sharing of Information

We do not sell personal information.

We do not share data with advertisers.

Your data may be shared only with:

AI Model Provider (OpenAI or equivalent)

Only receives the text needed to generate your requested replies.

Authentication & Database Providers

(Example: Supabase, Firebase)

Used to manage user accounts and securely store limited metadata.

Payment Processor (Stripe)

For billing and subscription management.

Infrastructure Providers

(e.g., Vercel, Railway)

These store server logs and system-level diagnostics.

All third parties follow strict privacy and security requirements.

4. Data Retention

Tweet Content

Not stored. Not logged. Deleted immediately after the reply is returned.

Account Information

Stored until your account is deleted.

Usage Data

Retained as long as needed to maintain the service and provide accurate limits.

Technical Logs

Typically retained 30–90 days for debugging.

5. Security

We use modern security practices, including:

  • Encryption at rest and in transit
  • Access-controlled databases
  • Role-based internal access
  • Secure server infrastructure
  • Hashed and salted passwords
  • No storage of sensitive content

We continuously update our systems to meet industry standards.

6. Your Rights

Depending on your region (GDPR, CCPA, etc.), you may have rights to:

  • Access your data
  • Request deletion
  • Correct inaccurate information
  • Export your data
  • Opt out of marketing emails

We respond to all privacy requests within 72 hours.

To request data deletion:

📧 support@vybly.ai

7. Cookies

The website may use cookies for:

  • Authentication
  • Session management
  • Basic product analytics

The Chrome extension does not use cookies.

8. Children's Privacy

Vybly is not intended for users under 13.

We do not knowingly collect data from minors.

9. International Transfers

Our servers and third-party providers may operate globally.

We ensure all transfers comply with GDPR and international data protection frameworks.

10. Changes to This Policy

We update our Privacy Policy as Vybly evolves.

The "Last Updated" date will always reflect the latest version.

11. Contact Us

For privacy inquiries, contact:

📧 support@vybly.ai

🌐 https://vybly.ai/support