VibeGuard AI

Legal

Privacy Policy

Last updated July 13, 2026

This Privacy Policy explains what information VibeGuard AI ("we", "us") collects when you use our service, how we use it, and the choices you have. By using VibeGuard AI you agree to the practices described here.

Information we collect

  • Account information. When you sign in with GitHub or Google, we receive your name, email address, and profile identifier from that provider. We do not receive or store your password.
  • Repository and website data. When you connect a repository or verify a website, we store metadata (names, owners, default branch, installation identifiers) and the results of scans — findings, file paths, and the specific code snippets needed to explain an issue.
  • Source code. To run a scan we clone your repository into an isolated, ephemeral environment and delete it immediately after the scan completes. We do not retain a full copy of your source code; only findings and the snippets referenced by them are persisted.
  • Billing information. Payments are processed by Paystack. We do not store your card details; we retain only the subscription and customer identifiers Paystack returns.
  • Usage data. Standard technical logs (such as request metadata) used to operate and secure the service.

How we use your information

  • To provide, maintain, and improve the scanning and reporting service.
  • To generate plain-English explanations and suggested fixes for findings.
  • To send security alerts and service-related notifications you have enabled.
  • To process payments and manage your subscription.
  • To detect, prevent, and address fraud, abuse, or security issues.

Service providers we share data with

We share the minimum data necessary with providers that help us operate the service: GitHub and Google (authentication and repository access), Paystack (payments), Google Gemini (generating explanations and fixes from finding data), and Resend (email notifications). We do not sell your personal information.

Data retention

Cloned source code is deleted immediately after each scan. Findings, reports, and account data are retained for as long as your account is active. You may delete your data by removing repositories, uninstalling the GitHub App, or closing your account — contact us for assistance.

Your rights

Depending on where you live, you may have the right to access, correct, export, or delete your personal data. To exercise these rights, email privacy@vibeguard.ai.

Changes to this policy

We may update this policy from time to time. When we do, we will revise the "last updated" date above and, where appropriate, notify you.

Contact

Questions about this policy? Email privacy@vibeguard.ai.