Legal
We built Vibimine around a simple principle: your health data belongs to you. This policy explains, in plain language, what we collect, why, and the choices you have.
Last updated:
We collect information in three ways: information you give us, information collected automatically, and information from service partners.
We use personal information to:
We do not sell your personal information, and we never use your health information for advertising.
With your consent, we use Google Analytics, PostHog, and Microsoft Clarity to understand how the site is used. Analytics data is aggregated and used only to improve the product. We implement Google Consent Mode v2, which means no analytics identifiers are stored unless you grant analytics consent. Health information from your account is never shared with analytics providers.
Some features use AI models to generate insights from your health data for example, explaining results or drafting suggestions that a licensed clinician reviews before they reach your care plan. AI outputs affecting your care are always reviewed by a clinician; AI never makes medical decisions alone.
With your consent, we use advertising tags (Google Ads, Meta, LinkedIn, Reddit, TikTok) to measure marketing campaigns and reach people who may benefit from our programs. Without marketing consent, none of these tags load and no advertising identifiers are stored. Advertising is based only on your visit to our marketing pages never on your health data, intake answers, or results.
Payments are handled by a PCI-DSS-compliant payment processor. We never see or store your full card number; we retain only the transaction record needed for billing, refunds, and accounting.
You can review and update your account information at any time from your settings. You may request account deletion; we will delete your data except where healthcare record-keeping laws require retention (see Data retention below).
We protect your information with encryption in transit and at rest, role-based access controls, audit logging, and continuous monitoring. Our practices are described in detail on the Security page. No system is perfectly secure; if a breach affects your data we will notify you as required by law.
We keep personal information only as long as needed for the purposes described here. Medical records are retained for the period required by applicable medical record-keeping laws, which varies by state. Analytics data is retained per each provider's configured retention window.
Our services are hosted in the United States. If you access the service from outside the U.S., your information will be transferred to and processed in the U.S. Where required, we rely on appropriate transfer safeguards.
The service is intended for adults 18 and over. We do not knowingly collect information from children under 13 (or the higher age required by local law). If you believe a child has provided us information, contact us and we will delete it.
Depending on where you live, you may have the right to:
To exercise a right, email [email protected]. We will verify your identity and respond within the timeframe required by applicable law.
Vibimine Health, Inc.
[Registered business address pending legal review]
[email protected]