Privacy Policy

1. Introduction

Vibble is a real-time microblogging and conversation platform operated by Nexa Group (“Nexa Group”). This Privacy Policy applies to all users of Vibble’s services worldwide, including visitors, registered users, advertisers, developers, and organizations.

By using Vibble, you acknowledge that you have read and understood this Privacy Policy and consent to the processing of your data as described, subject to your rights under applicable law.

2. Data We Collect

We may collect the following categories of data:

• Account Information: Username, display name, email address, password, profile photo, bio, language, and account preferences.
• Public Profile & Posts: Posts, replies, reposts, quote posts, lists, likes, bookmarks, polls, and other public interactions.
• Direct Messages & Private Content: Messages, media, and attachments sent via private channels. These are encrypted in transit and stored as necessary to deliver the service.
• Device & Technical Data: IP address, device identifiers, operating system, app version, browser type, network information, and diagnostic logs.
• Usage & Interaction Data: Pages viewed, features used, time spent, engagement patterns, interactions with other accounts, and safety reports.
• Location Data: Approximate location (country/region), and, if you grant permission, more precise location information.
• Payment & Transaction Data: Payment method information, purchase history, subscriptions, tips, and monetization-related data (collected via payment processors where applicable).
• Safety & Enforcement Data: Reports, flags, content moderation outcomes, strikes, appeals, law enforcement requests, and security anomalies.

3. How We Use Your Data

Vibble processes personal data for the following purposes:

• To operate and maintain the platform, including account creation, login, and content delivery.
• To personalize timelines, recommendations, trends, and search results.
• To protect users, detect abuse, enforce policies, and prevent fraud or spam.
• To provide customer support, respond to requests, and handle appeals.
• To manage monetization, payments, and financial reporting.
• To comply with legal obligations, law enforcement requests, and regulatory requirements.
• To analyze performance, improve features, and develop new services.
• To send safety notices, legal updates, and administrative communications.

4. Legal Bases for Processing (GDPR)

Where GDPR applies, our legal bases include:

• Contract: Processing necessary to provide the service you requested.
• Legitimate Interests: Platform safety, fraud prevention, analytics, service improvement.
• Consent: Where required for certain cookies, marketing, or optional data uses.
• Legal Obligation: Compliance with applicable laws, law enforcement, and regulatory requests.

5. Data Sharing & Third Parties

Vibble does not sell your personal data. We may share data with:

• Service Providers: Hosting providers, analytics tools, payment processors, content delivery networks, security vendors, and customer support tools.
• Business Partners: Where you explicitly connect your Vibble account to third-party apps or services via APIs or OAuth.
• Law Enforcement & Regulators: Where required by law, court order, or valid legal process, as detailed in the Law Enforcement Data Request Guide.
• Corporate Transactions: In case of mergers, acquisitions, or restructuring, your data may be transferred as part of the business assets.

6. International Data Transfers

Vibble may store and process personal data on servers located in multiple jurisdictions. Where data is transferred from the EU/EEA or UK to third countries, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs), adequacy decisions, or equivalent measures, consistent with our Cross-Border Data Transfer Policy.

7. Data Retention

Data is retained only as long as necessary to provide services, comply with legal obligations, resolve disputes, and protect platform integrity. Typical retention periods are defined in our Data Retention & Deletion Policy. After retention periods expire, data is securely deleted or anonymized.

8. Your Rights & Controls

Depending on your jurisdiction, you may have the right to:

• Access your personal data.
• Request correction of inaccurate data.
• Request deletion of your account and personal data.
• Object to or restrict certain processing.
• Request data portability.
• Withdraw consent for optional processing where applicable.

You can exercise many of these rights via in-app settings. For formal requests, contact privacy@vibble.org or our DPO at dpo@vibble.org.

9. Cookies & Tracking Technologies

Vibble uses cookies, SDKs, and similar technologies to remember preferences, secure accounts, measure performance, and personalize content. Details are provided in the Cookie Policy. Where legally required, you may manage preferences via cookie banners or settings.

10. Children & Minor Users

Vibble is not intended for children under 13. We apply enhanced protections for minors, including stricter privacy settings and limited data processing, as described in the Child Safety Policy and Age Verification Policy. If you believe a child under 13 is using Vibble, please contact safety@vibble.org.

11. Security Measures

We apply technical and organizational security measures, including encryption in transit, restricted access controls, logging, and security monitoring. More details are provided in the Security Practices Disclosure. No system is completely secure, but we continuously work to enhance our defenses.

12. CCPA / CPRA Notice (California)

California residents have additional rights, including the right to know, delete, and opt out of certain sharing, as described in our dedicated CCPA Notice. Vibble does not sell personal data in the traditional sense but may share data with service providers under strict contracts.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via in-app notices, email, or changelog updates. Continued use of Vibble after an update indicates your acceptance of the revised Policy.

14. Contact Information

For privacy questions, data rights, or complaints, contact:

Privacy Office: privacy@vibble.org
Data Protection Officer (DPO): dpo@vibble.org
General Support: support@vibble.org