1. Introduction

This Privacy Policy explains how VibeUE ("we", "us", or "our") collects, uses, and protects information when you use our API service ("Service"). We are committed to protecting your privacy and being transparent about our practices.

VibeUE is a free, open-source project maintained by independent developers. We are not a corporation and do not sell your data.

2. Information We Collect

Account Information

When you sign in with a supported authentication provider, we receive and store:

• Email address - Used to identify your account
• Name - For display purposes
• Profile picture - For display purposes (optional)
• Provider ID - Unique identifier for authentication

API Usage Data

When you use the API, we collect:

• API requests - Which tools/endpoints were called
• Timestamps - When requests were made
• Token usage - Input/output token counts for rate limiting
• Error logs - Error messages and stack traces for debugging
• Response times - Performance metrics

What We Do NOT Collect

• Your project files or source code - We don't store or log the actual content of your Unreal Engine projects
• AI conversation content - We don't log the prompts or responses from your AI assistant
• Asset content - We don't retain the actual data of assets you create or modify
• Payment information - The Service is free; we don't collect payment data

3. How We Use Your Information

We use the collected information to:

• Provide the Service - Authenticate you and process API requests
• Improve the Service - Analyze usage patterns, fix bugs, and optimize performance
• Enforce rate limits - Ensure fair usage and prevent abuse
• Debug issues - Identify and fix errors in the Service
• Communicate with you - Send service-related notifications (rare)

4. Data Sharing

We do not sell, rent, or trade your personal information. We may share data only in these limited circumstances:

• Service providers - We use Turso (database), authentication providers, and Vercel (hosting) to operate the Service. These providers have access to data necessary to perform their functions.
• Legal requirements - If required by law, subpoena, or legal process
• Protection of rights - To protect the rights, property, or safety of VibeUE, our users, or others

5. Data Retention

• Account data - Retained while your account is active, deleted upon request
• Usage analytics - Retained for up to 12 months, then aggregated or deleted
• Error logs - Retained for up to 30 days for debugging purposes
• API keys - Deleted immediately when you regenerate your key or delete your account

6. Data Security

We implement reasonable security measures to protect your information:

• HTTPS encryption for all API communications
• Secure storage of API keys (hashed)
• Authentication via OAuth 2.0
• Regular security reviews of our codebase

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

7. Your Rights

You have the right to:

• Access - Request a copy of your personal data
• Correction - Request correction of inaccurate data
• Deletion - Request deletion of your account and associated data
• Portability - Receive your data in a portable format
• Withdraw consent - Stop using the Service at any time

To exercise these rights, please contact us through our Discord or GitHub (see Contact section).

8. Third-Party Services

The Service integrates with third-party AI providers (Anthropic, OpenAI, etc.) that you configure. When you use the Service:

• Your AI prompts and responses are processed by those third parties
• Their privacy policies govern how they handle your data
• We recommend reviewing their policies:
  • Anthropic Privacy Policy
  • OpenAI Privacy Policy

9. Cookies and Local Storage

We use minimal browser storage:

• Authentication token - Stored in localStorage to keep you signed in
• No tracking cookies - We do not use third-party tracking or advertising cookies

10. Children's Privacy

The Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected such information, please contact us immediately.

11. International Users

The Service is operated from the United States. If you are accessing the Service from outside the US, please be aware that your information may be transferred to, stored, and processed in the US where our servers are located.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please reach out to us through:

• Discord Community
• GitHub Repository