Legal

Privacy Policy

Last updated: May 2026

This Privacy Policy explains how VIBEZCORE Audio Library collects, uses, and protects your personal data when you use our service. We aim to be transparent and to respect your privacy regardless of where you live.

1. Who We Are

VIBEZCORE operates the VIBEZCORE Audio Library service and is the data controller for personal data processed in connection with your use of the service.

For privacy questions or to exercise your rights, please use our support form.

2. What We Collect

Account data: email address, hashed password, account creation date, and login activity.

Subscription data: subscription status, plan, renewal date, and transaction IDs provided by our payment processor. We do not store your card details — these are handled by the payment processor.

Usage data stored locally on your device: sessions played, listening progress, favourites. This data is stored in your browser's localStorage and never leaves your device unless cross-device sync is enabled.

Technical data: IP address (briefly, for security and rate-limiting), browser type and version, device type. We do not currently run third-party analytics, advertising trackers, or fingerprinting.

Support data: any information you provide when contacting us.

3. How We Use Your Data

  • To provide and operate the service (login, streaming, progress tracking)
  • To process payments through our payment provider
  • To improve the service and develop new features
  • To communicate important updates, changes, and support replies
  • To prevent fraud, abuse, and unauthorised account sharing
  • To comply with legal obligations

We do not sell your personal data to anyone, ever.

4. Legal Basis for Processing (GDPR)

If you are in the European Union, we rely on the following legal bases under the General Data Protection Regulation:

  • Performance of a contract (Art. 6(1)(b)) — to deliver the service you signed up for
  • Legitimate interests (Art. 6(1)(f)) — to secure, improve, and protect the service
  • Consent (Art. 6(1)(a)) — for optional analytics or marketing communications, where applicable
  • Legal obligation (Art. 6(1)(c)) — for tax, accounting, and regulatory requirements

5. Who We Share Data With

We share data only with the service providers required to operate the service. Each is bound by confidentiality and data protection obligations:

  • Gumroad — payment processing, merchant of record, tax compliance
  • Supabase — authentication, database, and account management
  • Bunny CDN — delivery of audio sessions and static assets
  • Netlify — web hosting and deployment

We do not share your data with advertising networks or data brokers.

6. International Data Transfers

Some of our service providers process data outside the European Economic Area, including in the United States. Where required, we rely on appropriate safeguards (such as the European Commission's Standard Contractual Clauses) and additional measures to ensure your data is protected at a level equivalent to EU law.

7. How Long We Keep Your Data

  • Account data: for as long as your account is active, plus a reasonable retention period after closure
  • Transaction data: retained as required by tax and accounting law (typically up to 7 years in the EU)
  • Usage data on our servers: kept in aggregated or anonymous form for product analytics
  • Local-device data (localStorage): remains on your device until you clear it via your browser or the in-app reset option
  • Support correspondence: kept while reasonably needed for record-keeping

8. Your Rights

Depending on where you live, you have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate or incomplete data
  • Erase your account and associated data ("right to be forgotten")
  • Restrict or object to certain processing
  • Portability — receive a copy of your data in a structured, commonly used format
  • Withdraw consent at any time, where consent is the legal basis

To exercise any of these rights, use the support form. We aim to respond within 30 days, in line with GDPR Article 12.

9. Right to Lodge a Complaint

If you believe we have not handled your personal data correctly, you have the right to lodge a complaint with the data protection authority in the EU country where you live, work, or where the alleged infringement took place.

For users in Belgium, this is the Gegevensbeschermingsautoriteit / Autorité de protection des données (www.gegevensbeschermingsautoriteit.be).

We would, however, appreciate the chance to address your concerns first — please contact support before involving a supervisory authority.

10. Security

We use industry-standard technical and organisational measures to protect your data: encryption in transit (HTTPS), hashed passwords, restricted access to systems, and regular security reviews. No system is 100% secure, but we work continuously to reduce risk.

11. Children

Paid subscriptions are not directed at children. We do not knowingly collect personal data from minors below the age of digital consent in their country (16 in many EU member states, 13 elsewhere). If you believe a minor has provided us with data, please contact support and we will delete it.

12. Cookies & Local Storage

VIBEZCORE Audio Library does not use advertising or third-party tracking cookies. We use only essential storage required to run the service (your login session and locally-saved listening progress). See our Cookie Policy for full details.

13. Automated Decision-Making

We do not use your personal data for automated decision-making or profiling that produces legal or similarly significant effects on you.

14. Changes to This Policy

We may update this Privacy Policy as the service evolves. Material changes will be communicated by email or in-app notification. The "Last updated" date at the top reflects the most recent version.

Privacy questions?

Use the support form for any data access, deletion, or privacy concern. We respond as quickly as reasonably possible and within 30 days.

Contact Support →