privacy policy

meet vibe coders (the "service") is a social discovery app for developers. this policy explains what we collect, why, and how you can control it. if you have questions, reach us through our support page.

we collect the minimum data needed to run the service. everything listed below is information you explicitly provide by signing up and using the app.

• account identity — github id + username, OR apple subject id, OR google subject id + email. we store only the minimum identifier needed to sign you back in.
• profile data — display name, bio, location, avatar, website, twitter handle, current status. all optional except what you type in.
• ships (projects) — title, tagline, tech stack, languages, a short readme excerpt, links you provide. we do NOT store source code.
• chat messages — plain-text bodies for messages you send, and the match they belong to. deleted when you delete your account.
• view history — which profiles you've seen in the feed (counts only, no content), used to rotate the feed so you don't see the same person repeatedly.
• device tokens — apple push notification service tokens so we can deliver new-message notifications.
• subscription state — platform (apple/stripe), product tier, expiry date. we never see card numbers; stripe and apple handle payments directly.

• IP addresses beyond short-lived server logs
• device fingerprints, IDFA, or advertising IDs
• cross-app or cross-site browsing history
• your private repository source code
• your github access token in any client-readable form — we keep it encrypted
• contacts, photos, location data, or any other OS permissions we don't need

when you sign in with github, we ask for access to list your repositories (including private ones you choose to publish) and read your public profile and email. for each ship you publish, we read:

• name, description, stars count, primary language, topics
• a short snippet of your readme, used to draft the tagline

we never clone your repos, read source files, or upload code anywhere. private repos you publish as ships get the same metadata-only treatment. if you revoke the app from your github settings, we drop your token and ask you to reconnect.

we use third-party AI services for specific features. your content is sent to these services on demand; nothing is used to train any model — training is opted out by default on the services we use.

• openai (matchmaking) — we send your bio and project details to openai so our ranking and relevance engine can surface members whose work is a good match for yours. re-sent only when your content actually changes.
• openai (moderation) — user-generated text (bios, ships, chat messages) is checked against openai's free moderation service before publishing. no training, no storage beyond abuse-detection retention.
• anthropic (claude) — ship taglines, bio drafts, and "what you could build together" suggestions are generated by claude. we send your project details and the other member's project details so it can write relevant suggestions.

openai and anthropic may each keep content we submit on your behalf for up to 30 days for abuse detection, then delete it. neither trains on our traffic.

the feed and public profile pages are visible to other signed-in users (and, for users who opt in, to search engines via public profile URLs). specifically:

• public to everyone (including search engines): display name, handle, bio, location, avatar, ship titles, taglines, tech stacks, language tags, and links you explicitly added to your ships.
• private to other signed-in users: real name and chat.
• never shared: email address, apple/google identifier, github OAuth token, source code, device tokens, chat messages (except to the two parties in a conversation).

payments are processed by apple (in-app purchases on iOS) and stripe (web). we never see your card number or billing address. apple and stripe share only the minimum transaction metadata with us: product id, transaction id, purchase date, expiration date, platform. see apple's privacy policy and stripe's privacy policy for details.

you can exercise these at any time from the settings screen on iOS or web:

• export — download a JSON file containing your profile, ships, matches, and messages.
• delete — permanently remove your account and all associated data. cascades across ships, matches, messages, matchmaking data, view history, device tokens, and subscription records.
• block & report — block users to remove them from your feed and block bidirectional messaging. report users for spam, harassment, inappropriate content, or fake profiles.

if you'd prefer to make a data request outside the in-app tools, contact us through our support page with the email on file and we'll respond within 30 days.

we run every user-generated text field (bio, ship titles and taglines, chat messages) through automated moderation before publishing. flagged content is rejected with an error. we also accept user reports and may remove content or suspend accounts at our discretion.

the service is intended for users 13 and older (16+ in the EU). we don't knowingly collect data from children under these ages. if you believe a child has provided us data, email us and we'll delete it.

meet vibe coders is operated from the united states. by using the service you consent to your data being processed in the U.S. we use reasonable security measures — encryption in transit, encryption at rest for sensitive tokens, and access controls — but no system is perfectly secure.

if we materially change what we collect or how we use it, we'll update the "last updated" date and notify signed-in users in the app. continued use after an update means you accept the new terms.

for questions, concerns, or data requests, visit our support page. you can chat with our AI assistant for instant answers or send a message directly to our team.