LogoVibeDBTool

Privacy Policy

Last Updated: December 8, 2025

Introduction

Welcome to Loopl Team ("we," "our," or "us"). Loopl Team is operated by Strum Technology Corp. We are committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our database management platform at vibedbtool.com (the "Service").

By using Loopl Team, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

Information We Collect

1. Account Information

When you create an account, we collect:

  • Authentication Data: Email address and authentication credentials (if using Google OAuth, we receive your name, email, and profile picture)
  • Profile Information: Name, company name (optional), and profile settings
  • Contact Information: Email address for account notifications and support

2. Database Connection Information

To provide our Service, we collect and encrypt:

  • Connection Credentials: Database host URLs, port numbers, database names, usernames, and passwords
  • Connection Metadata: Database type (PostgreSQL, MySQL, MongoDB, Supabase, etc.), connection status, and configuration settings
  • Schema Information: Table names, column names, data types, relationships, and foreign key constraints (metadata only)

Important: We do NOT store the actual data from your databases. We only store encrypted connection credentials and schema metadata necessary to visualize and interact with your data.

3. Usage Data

We automatically collect certain information when you use our Service:

  • Query History: SQL queries generated by our AI and executed through the platform
  • View Configurations: Custom views, filters, and dashboard configurations you create
  • Activity Logs: Timestamps of logins, database connections, and operations performed
  • Device Information: Browser type, operating system, IP address, and device identifiers
  • Performance Data: Page load times, error logs, and feature usage statistics

4. Payment Information

If you subscribe to a paid plan:

  • Billing Information: Name, billing address, and email address
  • Payment Data: Payment card information is processed through our payment processor (Stripe) and is not stored on our servers. We only retain the last four digits of your card and expiration date for reference.

5. Communications

  • Support Requests: When you contact support, we collect your email, message content, and any attachments you provide
  • Feedback: Any feedback, suggestions, or survey responses you voluntarily provide

How We Use Your Information

We use the collected information for the following purposes:

1. Service Delivery

  • Establishing and maintaining secure connections to your databases
  • Generating AI-powered insights, queries, and visualizations
  • Providing CRUD (Create, Read, Update, Delete) interfaces for data management
  • Suggesting relevant views and analytics based on your schema
  • Facilitating data exports and downloads

2. Security and Safety

  • Encrypting database credentials using AES-256-GCM encryption
  • Monitoring for unauthorized access or suspicious activity
  • Implementing guardrails and safety checks for potentially destructive operations
  • Maintaining audit logs for security and debugging purposes

3. Service Improvement

  • Analyzing usage patterns to improve AI accuracy and feature performance
  • Identifying and fixing bugs or technical issues
  • Developing new features and enhancements
  • Conducting research and development

4. Communications

  • Sending transactional emails (account verification, password resets, operation confirmations)
  • Providing customer support and responding to inquiries
  • Sending important service updates and security notifications
  • Sending marketing communications (only if you opt in, and you can unsubscribe anytime)

5. Legal and Compliance

  • Complying with legal obligations and responding to lawful requests
  • Enforcing our Terms of Service and protecting our rights
  • Preventing fraud, abuse, or illegal activities

Our Zero-Data Retention Policy

We never store your actual database data. Here's what this means:

  • No Data Storage: When you query your database through Loopl Team, the results are displayed to you but are NOT stored on our servers
  • Temporary Processing: Data passes through our servers only for the duration necessary to display it to you, then it is immediately discarded
  • Metadata Only: We only retain schema metadata (table names, column names, data types) necessary to provide our Service
  • Query Logs: We store the SQL queries we generate, but not the results of those queries
  • Complete Deletion: When you disconnect a database or delete your account, all associated connection credentials and metadata are permanently deleted

Data Security

We implement industry-standard security measures to protect your information:

Encryption

  • At Rest: All database credentials are encrypted using AES-256-GCM encryption
  • In Transit: All data transmission uses TLS 1.2 or higher encryption
  • Key Management: Encryption keys are stored separately from encrypted data and rotated regularly

Access Controls

  • Read-Only Options: You can connect databases with read-only credentials to prevent modifications
  • Operation Previews: Dangerous operations (DELETE, DROP, TRUNCATE) require explicit confirmation
  • Audit Logging: All database operations are logged with timestamps and user information
  • Role-Based Access: Team features include role-based permissions (when available)

Infrastructure Security

  • Secure Hosting: Our infrastructure is hosted on secure, SOC 2 compliant cloud providers
  • Regular Updates: We maintain up-to-date software with security patches
  • Monitoring: 24/7 automated monitoring for security threats and anomalies
  • Incident Response: Documented procedures for handling security incidents

Organizational Security

  • Limited Access: Only authorized personnel have access to systems containing user data
  • Background Checks: Employees with data access undergo background checks
  • Confidentiality Agreements: All employees sign strict confidentiality agreements
  • Security Training: Regular security awareness training for all team members

Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

Service Providers

We may share information with trusted third-party service providers who assist us in operating our Service:

  • Cloud Infrastructure: Railway, Cloudflare
  • Payment Processing: Stripe for payment processing
  • Analytics: Google Analytics or similar tools for usage analytics (anonymized where possible)
  • Email Services: SendGrid, Mailgun, or similar for transactional emails
  • Support Tools: Zendesk, Intercom, or similar for customer support

These providers are contractually obligated to protect your information and use it only for the specific purposes we authorize.

Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Valid legal processes (subpoenas, court orders, or search warrants)
  • Governmental or regulatory requests
  • Investigations of suspected fraud or illegal activity
  • Protection of our rights, property, or safety
  • Enforcement of our Terms of Service

Business Transfers

If Loopl Team is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our Service of any change in ownership or use of your information.

Aggregate Information

We may share aggregated, non-personally identifiable information for research, marketing, or analytical purposes. This information cannot be used to identify individual users.

Data Retention

We retain your information for as long as necessary to provide our Service and fulfill the purposes outlined in this Privacy Policy:

  • Account Information: Retained while your account is active
  • Connection Credentials: Retained while database connections are active
  • Query History: Retained for 90 days or until account deletion
  • Usage Logs: Retained for 12 months for security and debugging purposes
  • Support Communications: Retained for 3 years for quality assurance

When you delete your account:

  • All connection credentials are immediately and permanently deleted
  • All schema metadata is permanently deleted
  • Personal information is permanently deleted within 30 days
  • Some information may be retained longer if required by law or for legitimate business purposes (e.g., fraud prevention, dispute resolution)

Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

Access and Portability

  • Access: Request a copy of the personal information we hold about you
  • Data Export: Download your query history and configurations
  • Portability: Receive your data in a structured, machine-readable format

Correction and Deletion

  • Update: Correct or update your account information at any time through your account settings
  • Delete: Request deletion of your account and all associated data
  • Disconnect: Remove database connections at any time

Control and Opt-Out

  • Marketing Emails: Unsubscribe from marketing communications via the link in any email
  • Analytics: Opt out of analytics tracking through browser settings or privacy extensions
  • Cookies: Control cookie preferences through your browser settings

Object and Restrict

  • Object: Object to processing of your information for direct marketing purposes
  • Restrict: Request restriction of processing in certain circumstances

To exercise these rights, please contact us at privacy@vibedbtool.com. We will respond to your request within 30 days.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

Essential Cookies

Required for the Service to function properly:

  • Authentication tokens and session management
  • Security and fraud prevention
  • Load balancing and performance optimization

Analytics Cookies

Help us understand how users interact with our Service:

  • Page views and feature usage
  • Error tracking and debugging
  • Performance monitoring

Preference Cookies

Remember your settings and preferences:

  • Interface customization
  • Language preferences
  • Display settings

You can control cookies through your browser settings, but disabling essential cookies may affect Service functionality.

Third-Party Links and Services

Our Service may contain links to third-party websites, databases, or services (such as Supabase, PostgreSQL providers, MongoDB Atlas, etc.). We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any information to them.

When you connect external databases, you are subject to those services' privacy policies and terms of service as well.

International Data Transfers

Loopl Team operates globally, and your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from your jurisdiction.

When we transfer personal information internationally, we ensure appropriate safeguards are in place:

  • Standard contractual clauses approved by relevant authorities
  • Adequacy decisions where applicable
  • Your explicit consent when required

Children's Privacy

Loopl Team is not intended for use by children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately at privacy@vibedbtool.com, and we will take prompt steps to delete such information.

California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: What personal information we collect, use, disclose, and sell
  • Right to Delete: Request deletion of your personal information
  • Right to Opt-Out: Opt out of the "sale" of personal information (Note: We do not sell personal information)
  • Right to Non-Discrimination: Equal service and pricing regardless of privacy rights exercise

To exercise these rights, contact us at privacy@vibedbtool.com or call our toll-free number (if provided). We will verify your identity before processing requests.

European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

Legal Basis for Processing

We process your personal data based on:

  • Contract Performance: To provide the Service you've requested
  • Legitimate Interests: To improve our Service, prevent fraud, and ensure security
  • Consent: When we ask for your explicit consent
  • Legal Obligation: To comply with applicable laws

Your GDPR Rights

  • Right to access your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent
  • Right to lodge a complaint with a supervisory authority

Contact our Data Protection Officer at dpo@vibedbtool.com for GDPR-related inquiries.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:

  • We will update the "Last Updated" date at the top of this policy
  • For material changes, we will notify you via email or prominent notice on our Service
  • Continued use of the Service after changes constitutes acceptance of the updated policy

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: privacy@vibedbtool.com
Support: support@vibedbtool.com
Website: https://vibedbtool.com/contact

Data Protection Officer: dpo@vibedbtool.com

We aim to respond to all privacy-related inquiries within 30 days.

Summary of Key Points

For your convenience, here's a quick summary of our privacy practices:

  • We encrypt all database credentials using AES-256-GCM encryption
  • We never store your actual database data - only connection metadata
  • We use TLS encryption for all data transmission
  • You can use read-only connections to prevent modifications
  • We delete all your data when you close your account
  • We don't sell your information to third parties
  • You have full control over your data and can delete it anytime
  • We provide operation previews and confirmations for safety
  • We maintain audit logs for security purposes
  • We're transparent about what we collect and why

Thank you for trusting Loopl Team with your database management needs.