Vimub

Privacy Policy

Last updated: 22 April 2026

This Privacy Policy explains how Quantum AI WebApps Digital LLC (“we”) collects, uses, and shares personal data when you use the Vimub platform (“Service”).

1. Data we collect

  • Account data: name, email, password hash, organization name, role.
  • Customer Data: reviews, contacts, messages, bookings, and other records you upload or sync.
  • Usage data: pages visited, features used, error events, IP address, user agent.
  • Billing data: handled by Stripe; we receive only the subscription status and last 4 digits of the card.
  • OAuth tokens: if you connect Google Business Profile or other integrations, we store the refresh token encrypted with AES-256-GCM.

2. How we use data

  • To operate, maintain, and improve the Service.
  • To respond to support requests and security alerts.
  • To send transactional emails (account, billing, security) and, if you opt in, product updates.
  • To detect and prevent fraud, abuse, and unauthorized access.
  • To comply with legal obligations, court orders, and lawful requests from public authorities.

3. AI processing

When you ask the Service to generate AI content (e.g. review responses), the relevant text is sent to Anthropic’s Claude API. Anthropic processes the text under their own privacy policy and does not use it to train their models for paid API customers. We never send raw billing data, OAuth tokens, or full customer profiles to AI providers — only the minimum context required for the requested task.

4. Sharing

We share personal data only with:

  • Sub-processors required to run the Service: Supabase (database), Vercel (hosting), Cloudflare (CDN/security), Stripe (billing), Twilio (SMS), SendGrid (email), Anthropic (AI), Sentry (errors).
  • Law-enforcement when compelled by valid legal process. We will challenge over-broad requests where reasonable.
  • Successor entities in the event of a merger, acquisition, or asset sale, subject to equivalent privacy protections.

We do not sell personal data.

5. Retention

We retain Customer Data for as long as your account is active and for up to 30 days after deletion to support account recovery. Backups are retained for 30 days and then permanently deleted. Audit logs are retained for 12 months for security and compliance purposes.

6. International transfers

Our infrastructure may transfer personal data to the United States and the European Union. Where required by law we rely on Standard Contractual Clauses or equivalent transfer mechanisms.

7. Your rights

Depending on your jurisdiction (UK GDPR, EU GDPR, CCPA), you have rights to access, correct, delete, restrict, or port your personal data, and to object to certain processing. Submit requests to privacy@vimub.com. We respond within 30 days. To exercise the right to delete an entire account and all associated data, you can use the in-app account-delete flow under Settings → Account.

8. Security

We use industry-standard safeguards: HTTPS everywhere, AES-256-GCM at rest for sensitive tokens, bcrypt password hashes, RLS-enforced database isolation per tenant, rate limiting, and continuous logging via Sentry. No system is perfectly secure; report vulnerabilities to support@vimub.com.

9. Children

The Service is not directed to children under 16. We do not knowingly collect personal data from children. If you believe we have, contact privacy@vimub.com for deletion.

10. Changes

We may update this Privacy Policy. Material changes will be announced via email or in-app notice at least 30 days before taking effect.

11. Contact

Quantum AI WebApps Digital LLC
Privacy contact: privacy@vimub.com