Privacy Policy
Effective date: July 10, 2026
This policy explains what The Vibe (thevibe.chat) — operated under the trade name “The Vibe” by its founder, Masud Uddin Ahmed, pending formation of a corporate entity — collects, why, and the choices you have. We collect the minimum needed to run a safe, adults-only club network.
1. Location and geography
We never read GPS, device geolocation, or precise coordinates. Your browser's location permission is blocked by our security policy. We do not store street addresses, neighborhoods, or distance from other members.
Optional city (your choice): You may voluntarily add a city in Settings — selected manually from a curated list, never inferred from your device. City is off by default. You control whether it appears on your profile, who can see it (friends only or all verified members), and whether it provides a gentle same-city nudge in tag-based discovery. Interest tags remain the primary matching signal. The Vibe is platonic — not a dating or proximity app. There is no distance display, map, or “nearby” feed.
Helper connections only (crisis): When room-safety systems detect severe distress, we surface appropriate confidential in-app helper resources using a tiered fallback: (1) a voluntary browser locale hint you send with your message (never GPS), (2) your connection’s country from our edge network (e.g. Cloudflare CF-IPCountry), or (3) a universal global directory at findahelpline.com. Country codes used for this purpose are not stored in our database and are separate from any city you choose to add to your profile.
Like most websites, our hosting provider (Cloudflare) may process network metadata (such as IP addresses) for security and delivery. We do not use that data to infer your city for profiling or discovery.
2. What we collect
- Account data: email address and a hashed password (managed by Supabase Auth).
- Profile data you provide: username, display name, bio, avatar choice, interest (“vibe”) tags, and optional voluntary city (city name, region/state, and country code — only if you add it in Settings).
- Location privacy preferences: whether to show your city, who may see it (
friendsormembers), whether to enable same-city discovery boost, and whether to hide your profile from people discovery. - Verification outcome only: after Didit verifies your ID and liveness, we store a verification status (
VERIFIED_ADULT,PENDING, orREJECTED), a boolean verified flag, your age in years, and the verification timestamp. Didit sessions are linked to your account solely via your user ID (vendor_data). Raw webhook or decision payloads — including legal name, document numbers, document images, and date of birth — are not written to our database or application logs. - Content: messages you send in clubs and private parlor chats with friends, reports you file, votes you cast, and companion designs you create.
- Billing: subscription status via Stripe. Card details are handled entirely by Stripe and never touch our servers.
- Push subscriptions: if you opt in, the browser push endpoint needed to deliver notifications.
- Friend connections: friend requests you send or receive, accept/decline actions, and block lists (stored as relationship records between user IDs — we do not import your phone contacts).
- Referral attribution: if you join via another member’s invite link, we store which member referred you (by user ID) solely to grant them optional product unlock bonuses after you complete ID verification. We do not sell referral data.
- Companion forks: when you adopt a public or official AI companion into your personal library, we store a private copy on your account and a lineage pointer to the source design. Your copy is independent — updates or removal of the original do not change your private copy.
- Parlor preferences: whether you enable read receipts in private 1:1 parlor chats (on by default; you may disable in Settings).
- Parlor read state: a per-thread “last read” timestamp so you and your friend can see unread counts and, if you both keep read receipts enabled, when messages were read.
3. What we do not collect
- Precise geolocation, GPS coordinates, street addresses, neighborhoods, or address book data.
- Your government ID, legal name, or document photos (processed only by Didit).
- Third-party advertising identifiers or cross-site tracking profiles.
4. How we use your information
- Operating clubs, parlor chats, governance, and interest-based discovery (with optional same-city boost when both members opt in);
- Age-gating and keeping minors off the platform;
- Generating AI companion replies (recent club messages are sent to Google’s Gemini API to compose responses);
- Safety review of AI outputs, reports, and companion designs before public publication;
- Processing subscriptions through Stripe;
- Operating friend requests, blocks, and handle-based lookup (blocked members are hidden from your discovery and cannot see your city);
- Granting referral unlock bonuses when invited members complete verification;
- Delivering optional push notifications for club and parlor activity.
- Enforcing published tier limits (companion designs, club seats, daily AI companion sessions) to keep the service sustainable.
5. AI processing, privacy-first room safety, and helper connections
The Vibe is an 18+ social entertainment environment. Club messages you send may be transmitted to Google’s Gemini API to generate companion replies. Automated background context evaluation (including Gemini analysis with recent conversation context) is deployed solely to help maintain safe, stable chat sessions. Support messages and hardship venting are not blocked for asking for help.
Private de-escalation: When severe safety or distress anomalies are detected, we resolve them through private, non-punitive, in-app de-escalation layouts that surface anonymous external help-seeking resource links. We do not build behavioral profiles of your emotional state for third parties.
Group chat privacy (Matrix Split): In clubs with multiple human members, a severe room-safety intercept on your message never writes that message to the shared chat history. Other members see only a generic notice that a participant stepped away — never your message, your name in connection with distress, or any mental-health signal. The intercept applies a room-local pause on your device only; it is not a permanent account ban and you may leave for the main dashboard and use other clubs.
Google applies additional safety filters to AI generation. When those filters block dangerous content, we may display confidential in-app helper connection resources. We do not use your private messages to train our own models.
6. Processors we rely on
- Supabase — database, authentication, and realtime infrastructure;
- Didit — identity and age verification (your ID is processed under Didit’s privacy policy; we receive only the outcome);
- Google (Gemini API) — AI companion message generation and safety classification;
- Stripe — payments;
- Cloudflare — hosting and network delivery.
7. What we don’t do
- We do not sell or rent your personal information.
- We do not run third-party advertising or ad trackers.
- We do not use your private club messages to train AI models.
8. Retention and deletion
Content is kept while your account is active. You may delete your account in Settings → Data & account, or by emailing support@thevibe.chat. We remove your profile (including any saved city and location preferences), memberships, parlor threads, private companions, and push subscriptions promptly. Public AI companions already seated in clubs may remain available to those communities without your creator attribution. Club and parlor messages you sent may remain visible to other participants. We retain only what we must for legal, safety, or billing-dispute reasons (typically within 30 days of a verified request).
9. Your rights
Depending on where you live (including under the New York SHIELD Act and, where applicable, GDPR/CCPA-style laws), you may have rights to access, correct, export, or delete your data, and to object to certain processing. Contact support@thevibe.chat to exercise them.
10. Security
Data is protected with encryption in transit, row-level security in our database, secret-scoped server APIs, and least-privilege service keys. No system is perfectly secure; we will notify affected users of any breach as required by law.
11. Children
The Service is not for anyone under 18. We use mandatory document-based age verification, and we delete accounts found to belong to minors.
12. Changes and contact
We will announce material changes in-app or by email 14 days in advance. Questions: support@thevibe.chat · The Vibe (d/b/a of Masud Uddin Ahmed), United States.