Privacy Policy
Last updated: April 8, 2026
VibeLink ("VibeLink," "we," "us," or "our") operates the VibeLink mobile application and website (collectively, the "Service"). This Privacy Policy explains how we collect, use, disclose, retain, and protect your personal information when you use our Service.
By creating an account or using the Service, you consent to the collection, use, and disclosure of your personal information as described in this Privacy Policy. If you do not agree, please do not use the Service.
This Privacy Policy forms part of our Terms of Service.
1. Accountability
VibeLink has designated a Privacy Officer who is accountable for our compliance with this Privacy Policy and applicable privacy legislation. You may contact the Privacy Officer at:
VibeLink Privacy Officer
Email: privacy@vibelinkapp.com
General inquiries: contact@vibelinkapp.com
2. Information We Collect
2.1 Information You Provide Directly
Required information (necessary to create and maintain your account):
- Full name
- Email address
- Date of birth
- Gender
Optional profile information (you may choose to provide this to enhance your experience):
- Religion
- Ethnicity
- Relationship status
- Employment status
- LGBTQIA+ identity
- Phone number
- Profile photos
Sensitive personal information: Some optional fields — including religion, ethnicity, LGBTQIA+ identity, and relationship status — are considered sensitive personal information. We collect this data only with your explicit consent, it is entirely optional, and you may remove it from your profile at any time. See Section 5 for the enhanced safeguards applied to this data.
Other information you provide:
- Messages and communications with other users through the Service
- Content you post, including activity descriptions and comments
- Feedback, support requests, or correspondence you send to us
2.2 Information from Third-Party Authentication Providers
When you create an account using a third-party provider (Google, Apple, Meta/Facebook, X/Twitter, or LinkedIn), we may receive:
- Your name and email address
- Profile photo
- Account identifier
We only receive information that you have authorized the third-party provider to share. We do not access your contacts, friend lists, or private messages on these platforms.
2.3 Information Collected Automatically
When you use the Service, we automatically collect:
- Device information: Device type, operating system, unique device identifiers, and mobile network information
- Usage data: Features used, actions taken, time spent, and interaction patterns
- Log data: IP address, browser type and version, access times, and referring URLs
- Location data: With your permission, we collect precise GPS location data to show you nearby activities. You may disable location services through your device settings at any time. When location services are disabled, we may infer approximate location from your IP address.
2.4 Cookies and Tracking Technologies
We use the following tracking technologies on our website:
- Google Analytics: To understand how users interact with our website, including page views, traffic sources, and user behaviour. Google Analytics uses cookies to collect anonymized usage data. You may opt out at tools.google.com/dlpage/gaoptout.
- Meta Pixel (Facebook Pixel): To measure the effectiveness of our advertising and to deliver relevant ads. You may manage your ad preferences through your Facebook account settings.
- Essential cookies: To maintain session state and authentication.
You may control cookies through your browser settings. Disabling non-essential cookies will not affect the core functionality of the Service.
3. Legal Basis and Purposes for Processing
We collect and use your personal information for the following purposes and on the following legal bases:
| Purpose | Legal Basis (PIPEDA) |
|---|---|
| Creating and managing your account | Contractual necessity |
| Facilitating connections and activities between users | Contractual necessity |
| Processing payments and subscriptions | Contractual necessity |
| Sending transactional communications | Contractual necessity |
| Responding to support requests | Contractual necessity |
| Displaying optional sensitive profile fields | Explicit consent |
| Collecting and using precise location data | Explicit consent |
| Sending marketing communications | Consent (opt-in) |
| Push notifications | Consent (opt-in) |
| Analytics and service improvement | Legitimate interest |
| Preventing fraud, abuse, and security incidents | Legitimate interest |
| Complying with legal obligations | Legal requirement |
We limit collection to information that is necessary for the identified purposes (PIPEDA Principle 4 — Limiting Collection).
4. How We Share Your Information
4.1 With Other Users
Your profile information (name, photos, and any optional details you have chosen to share) is visible to other VibeLink users. Activity descriptions and comments you post are visible to users who can view that activity.
4.2 With Service Providers
We share information with third-party service providers who assist us in operating the Service, including:
- Cloud hosting and infrastructure (e.g., data storage, server hosting)
- Payment processing (e.g., processing subscription payments — we do not store your full payment card details)
- Analytics providers (e.g., Google Analytics)
- Advertising platforms (e.g., Meta/Facebook for ad measurement)
- Communication services (e.g., email delivery, push notification services)
All service providers are contractually obligated to use your information only for the purposes we specify and to maintain appropriate security safeguards.
4.3 For Legal Reasons
We may disclose your information if required to do so by law, or if we believe in good faith that such disclosure is necessary to:
- Comply with a legal obligation, court order, or government request
- Protect the rights, property, or safety of VibeLink, our users, or the public
- Investigate or prevent fraud, security issues, or technical problems
- Enforce our Terms of Service
4.4 Business Transfers
In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred as part of that transaction. We will notify you via the Service or email before your information becomes subject to a different privacy policy.
4.5 What We Do Not Do
- We do not sell your personal information to third parties.
- We do not share your personal information with third parties for their own marketing purposes.
- We do not allow third parties to use your data to train machine learning or artificial intelligence models.
5. Safeguards for Sensitive Personal Information
Given the nature of certain data we may collect (religion, ethnicity, LGBTQIA+ identity, relationship status), we apply enhanced protections:
- Explicit consent: These fields are optional and only collected with your affirmative consent. You may add or remove this information at any time in your profile settings.
- Access controls: Access to sensitive data is restricted to authorized personnel on a need-to-know basis.
- Encryption: Sensitive personal information is encrypted at rest and in transit.
- Minimized visibility: You control whether each sensitive field is visible on your profile. Fields you leave blank are not displayed to other users.
- No secondary use: Sensitive data is used solely for profile display and matching purposes. It is not used for advertising, analytics, or any other secondary purpose.
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Active account data | As long as your account remains active |
| Inactive account data | 12 months after last login, then notified before deletion |
| Data after account deletion | Permanently deleted within 30 days |
| Payment and transaction records | 7 years (Canadian tax law) |
| Usage and analytics data | Anonymized within 24 months |
| Support correspondence | 2 years from resolution |
| Legal hold data | As required by legal proceedings |
When data is no longer needed, it is securely deleted or anonymized so that it can no longer be associated with you.
7. International Data Transfers
VibeLink is based in Canada. Your personal information may be processed and stored in Canada and in other countries where our service providers operate (including the United States).
When your information is transferred outside of Canada, it may be subject to the laws of that jurisdiction. In such cases:
- We ensure that service providers are contractually bound to protect your information with safeguards comparable to those required under PIPEDA
- We conduct due diligence on service providers' privacy and security practices
- We inform you that foreign governments, courts, or law enforcement may be able to access your information under the laws of those jurisdictions
8. Your Rights Under Canadian Privacy Law (PIPEDA)
Under the Personal Information Protection and Electronic Documents Act (PIPEDA), you have the right to:
- Access your information: Request a copy of the personal information we hold about you.
- Correct your information: Request correction of any inaccurate or incomplete personal information.
- Withdraw consent: Withdraw your consent at any time, subject to legal or contractual restrictions.
- Challenge compliance: File a complaint about our privacy practices.
- Know how your data is used: Request information about how your data has been used and to whom it has been disclosed.
To exercise any of these rights:
- Email: privacy@vibelinkapp.com
- In-app: Account Settings > Privacy > Data Request
We will respond within 30 days. If you are not satisfied, you may file a complaint with the Office of the Privacy Commissioner of Canada at www.priv.gc.ca.
9. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have additional rights under the CCPA/CPRA:
- Right to know: Request details about personal information collected about you.
- Right to delete: Request deletion of your personal information.
- Right to correct: Request correction of inaccurate personal information.
- Right to opt out of sale/sharing: VibeLink does not sell or share your personal information as defined under the CCPA/CPRA.
- Right to non-discrimination: We will not discriminate against you for exercising your privacy rights.
To exercise these rights, contact us at privacy@vibelinkapp.com or use the in-app privacy settings.
10. Marketing Communications and CASL Compliance
In accordance with Canada's Anti-Spam Legislation (CASL):
- We will only send you commercial electronic messages with your express opt-in consent.
- Every marketing message includes a clear unsubscribe mechanism.
- You may opt out at any time through the unsubscribe link, Account Settings > Notifications, or by contacting contact@vibelinkapp.com.
- Opting out of marketing will not affect transactional communications.
- We will process your opt-out request within 10 business days.
11. Push Notifications
With your consent, we may send push notifications including activity invitations, messages from other users, subscription reminders, and marketing content (with separate opt-in). You may disable push notifications at any time through your device settings or in-app preferences.
12. Security
We implement commercially reasonable technical and organizational safeguards including:
- Encryption of data in transit (TLS) and at rest
- Access controls and authentication requirements
- Regular security assessments and vulnerability testing
- Employee training on data protection
- Secure server infrastructure with monitoring
- Incident response procedures
No method of electronic transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
13. Data Breach Notification
In the event of a data breach involving your personal information that creates a real risk of significant harm, we will:
- Notify affected individuals as soon as feasible
- Report the breach to the Office of the Privacy Commissioner of Canada
- Maintain a record of every breach of security safeguards
- Take immediate steps to contain the breach and prevent recurrence
14. Children's Privacy
The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from anyone under 18. If we discover such collection, we will immediately terminate the account and permanently delete all associated information within 72 hours.
If you believe a minor has provided us with personal information, please contact us at privacy@vibelinkapp.com.
15. Third-Party Links and Services
The Service may contain links to third-party websites or services not operated by VibeLink. We are not responsible for the privacy practices of these third parties.
16. Data Portability
You may request a copy of your personal data in a structured, machine-readable format (e.g., JSON or CSV) by contacting privacy@vibelinkapp.com or through Account Settings > Privacy > Export My Data. We will fulfill your request within 30 days.
17. Deceased Users
Upon receiving verifiable proof of a user's death, VibeLink will deactivate the account and delete the user's personal information within 30 days, unless retention is required by law. Requests should be directed to privacy@vibelinkapp.com.
18. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will post the updated policy, update the "Last updated" date, and notify you at least 14 days before changes take effect. Your continued use constitutes acceptance of the changes.
19. Contact Us
VibeLink Privacy Officer
Email: privacy@vibelinkapp.com
General inquiries: contact@vibelinkapp.com
You may also file a complaint with the Office of the Privacy Commissioner of Canada:
Website: www.priv.gc.ca
Phone: 1-800-282-1376