Privacy Policy

• Display name, username, email address
• Profile photo (optional)
• Age, gender, country (optional)
• Bio and Instagram handle (optional)
• Encrypted authentication tokens for connected music services

• Your top artists and tracks (typically the last 6 months)
• Music genres you listen to
• Audio features of your music (energy, danceability, valence, tempo)
• Recently played tracks and playback history
• Currently playing track (only while the App is active)
• Listening habits (peak hours, daily listening minutes)

• Swipe actions (like / pass)
• Matches, friend requests, and blocks
• Chat messages between matched users
• Vibe-session participation and shared listening data
• Reports you file against other users (used for moderation only)
• In-app navigation events and feature usage metrics
• App crash reports and performance data (via Sentry)

• Subscription status and entitlements (via RevenueCat)
• Receipt validation tokens from the Apple App Store
• We never see or store your full payment card details — payments are processed entirely by Apple

• Device type, model, and operating system version
• Push notification token
• App version
• IP address (used transiently for rate-limiting and abuse prevention; not stored long-term)
• Approximate location inferred from IP at the country level (only if you grant the country field on your profile)

• Matching: We analyze your music data to find users with similar taste and calculate compatibility scores.
• Social Features: Enable messaging, friend requests, the now-playing feed, vibe sessions, and Music DNA comparisons between matched users.
• Personalization: Provide AI-powered song recommendations through Vibe Doctor based on your mood and music profile.
• Notifications: Send push notifications for new matches, messages, and friend requests. You can disable these in Settings.
• Subscription Management: Validate purchases, grant entitlements, and manage your Premium status.
• Safety & Moderation: Review reports, enforce community guidelines, prevent abuse, and respond to legal requests.
• Improvement: Analyze usage patterns and crash reports to fix bugs and improve the experience.

We do NOT sell your personal data to third parties and we do NOT use your data for advertising.

• Contractual necessity — to provide the App and its core features that you request.
• Consent — for optional features such as push notifications and connecting third-party music services.
• Legitimate interests — to improve the App, prevent abuse, and maintain security, balanced against your rights.
• Legal obligations — to comply with applicable law.

• With Other Users: Your display name, profile photo, top artists, genres, audio profile, and (if active) currently playing track are visible to your matches. You can control visibility in Privacy settings.
• Service Providers: Supabase (database & authentication, hosted on AWS), RevenueCat (subscription management), Sentry (crash reporting), Expo (push notifications), Google Gemini (AI recommendations).
• Legal Requirements: When required by valid legal process, or to protect the rights, property, or safety of Vibe Twin, our users, or others.
• Business Transfers: If we are involved in a merger, acquisition, or asset sale, your data may be transferred as part of that transaction; we will notify you and any successor will be bound by this Privacy Policy.

• Spotify: We access your listening data through Spotify's Web API. We never post to or modify your Spotify account. You can revoke access at any time at spotify.com/account/apps.
• Last.fm: Optional connection to enrich your music data from other platforms. You can unlink anytime at last.fm/settings/applications.
• Supabase: Hosts our database and authentication infrastructure on AWS, with row-level security policies.
• RevenueCat: Validates App Store purchases and manages subscription entitlements.
• Google Gemini: Powers AI features such as Vibe Doctor recommendations and AI genre classification. Prompts may include limited music-profile information; no chat content is sent.
• Sentry: Collects crash reports and performance data in production builds.
• Apple: Processes In-App Purchases and delivers push notifications via APNS.

• Active accounts: retained for as long as your account is active
• Listening history: rolling window — older entries are automatically deleted after approximately 90 days
• Chat messages: retained until you delete them or unmatch the other user
• Crash reports: 90 days
• Account deletion: when you delete your account, your personal data is removed within 30 days, except for limited records we are required to keep for legal, tax, or fraud-prevention purposes
• Backups: may persist for up to 90 days after deletion before being overwritten

• Access — request a copy of the personal data we hold about you
• Rectification — correct inaccurate or incomplete data
• Erasure — delete your account and associated data from within the App, or by contacting us
• Restriction — restrict certain processing
• Portability — receive your data in a portable format
• Objection — object to processing based on legitimate interests
• Withdraw consent — at any time, where processing is based on consent
• Complain — lodge a complaint with your local data protection authority

In the App you can already: view and edit your profile, control notification and privacy settings, disconnect Spotify or Last.fm, delete individual messages, block other users, and permanently delete your account.

• Know what personal information we collect, use, and disclose
• Request deletion of your personal information
• Opt out of any sale or sharing of personal information — we do not sell personal information, so there is nothing to opt out of
• Non-discrimination for exercising your privacy rights

To exercise these rights, contact us using the email below.