Vibotype
TermsPrivacyProcessorsMedical disclaimer

Vibotype Privacy Policy

Last updated: 2026-07-07 Version: 2 Status: Engineering draft pending counsel review.

The short version: the quiz never asks your name. Your answers are encrypted, they belong to you, and you can delete them whenever you like. We do not sell anything about you, and there are no ad trackers here.

The long version follows. Vibotype (the "Service") is operated by Our Senses ("we", "us").

1. What we actually collect

  • Your quiz answers and result. The heart of the Service. Collected only after you consent on the pre-quiz screen, and encrypted at rest (Section 5).
  • A result link and code, if you save them. Keeping your result works through a private link and a short code. No name, no email required.
  • An email address, only if you hand us one. For example, Stripe collects your email for the receipt when you buy something, and if you text or send yourself your result link, that happens on your phone, not our servers.
  • Payment metadata when you buy. Stripe processes the payment; we store what we need to honor the purchase and the refund promise (which product, when, and Stripe's reference). We never see your full card number.
  • Technical metadata. IP address, browser type, timestamps, and a country code derived from IP, used for security and for the EU geo-block during the testing window.
  • First-party usage events. Which screens get used, so we can tell what is working. These stay in our own database; no third-party advertising or analytics identifiers are attached.

2. Why we may lawfully collect it

  • Quiz answers and result: your explicit consent under Article 9(2)(a) GDPR, given on the consent screen before the quiz.
  • Result links, purchases, receipts: performing our contract with you under Article 6(1)(b) GDPR.
  • Technical metadata and usage events: our legitimate interest in running and securing the Service under Article 6(1)(f) GDPR.

A per-category lawful-basis matrix is published in our source repository (docs/legal/lawful-basis-matrix-v1.md) for the curious.

3. How long we keep things

  • Quiz answers and results: 365 days by default. You can extend up to 3 years from /account/privacy, or delete earlier, any time.
  • Account and claim metadata: while your account or claim links are active, then 90 days after you close or delete, then gone.
  • Technical logs: 12 months, for security audits and GDPR Article 30 records, then deleted.
  • Payment records: as long as tax and accounting law requires (typically 7 years in the United States).

4. Article 9: what "sensitive" means here, and how you take it back

Your answers concern sexual behavior. Under Article 9 GDPR that is special-category data, the most protected kind. We process it only with your explicit, separate, opt-in consent, given on the consent screen that names the data and the purpose in plain words.

You can withdraw at any time, free of charge:

  • Delete your result and answers from /account/privacy (or ask us at the address below). Deletion triggers the cryptographic shred described in Section 5 after a 30-day grace window.
  • If you ever used the optional companion feature (not currently offered), its dedicated withdrawal door is /account/privacy/withdraw-companion-consent.

Withdrawal does not make past processing unlawful; it stops everything going forward.

5. Encryption, and what deletion really deletes

Sensitive content is encrypted at rest with a per-user data-encryption key, which is itself wrapped by a key-management-service master key. When you delete (or withdraw consent), we destroy your per-user key after the 30-day grace window. Once the key is gone, the stored ciphertext cannot be decrypted by us or anyone else. We call this a cryptographic shred because that is what it is.

6. Who else touches the data

The complete list of third-party processors lives at /legal/companion-processing: who they are, what they do for us, the lawful basis, and each one's data-processing agreement.

We do not sell personal information. We do not share it outside that named list. There is no advertising identifier exchange, full stop.

7. Cookies

A handful of strictly necessary cookies: session, authentication, anti-CSRF. Usage analytics are first-party (Section 1) with no cross-site tracking. During the testing window EU traffic is redirected to a "not available" page rather than served any of this; an EU-compliant consent banner ships before we open to the EU.

8. Your rights

Depending on where you live, you can:

  • Know what we hold about you.
  • Delete it.
  • Correct it.
  • Take it with you (a machine-readable copy).
  • Withdraw consent for Article 9 data (Section 4).
  • Complain to a supervisory authority.
  • CCPA non-discrimination: exercising your California rights never changes your price or your service.

The doors: /account/privacy/ccpa for California, /account/privacy/gdpr for the EU, EEA, and UK, and /account/privacy/withdraw-companion-consent for Article 9 withdrawal. We do not sell personal information, so the CCPA opt-out-of-sale right has nothing here to opt out of.

9. Children

The Service is 18+ and not directed at minors. If we learn we hold a minor's information, we delete it.

10. Security

TLS in transit, encryption at rest for sensitive content, least-privilege access, and audit logs on the operations that matter. No system is perfectly secure; please use a strong password where you have one.

11. Contact

Privacy questions and data-rights requests: support@vibotype.com.


Draft pending counsel review.

Draft pending counsel review.

No-medical-claims disclaimer · Privacy controls