Privacy Policy

Nolote, Inc. provides and operates VibeGuard.

Nolote, Inc. · [Insert legal business address] · San Diego, California, United States

Privacy contact: [Insert privacy email] · Support contact: [Insert support email]

VibeGuard is used in more than one privacy context, so our role depends on how the product is being used.

When Nolote acts as a controller

Nolote generally acts as the controller or equivalent role under applicable law for personal data related to:

• Visitors to the VibeGuard website and documentation
• Demo, contact, audit, and sales inquiries
• Account registration, authentication, and subscription administration
• Support requests, security operations, and product improvement
• Service telemetry, incident records, and business operations data

When Nolote processes data on behalf of a customer

When a customer deploys VibeGuard inside a Telegram group, supergroup, channel, or similar workspace, Nolote generally processes that workspace data on the customer's behalf.

• The customer decides why VibeGuard is used and how moderation, verification, and workflow rules are configured.
• Nolote provides the technical platform, hosting, tooling, logging, analytics, and support.
• Requests that relate mainly to a customer-managed Telegram community should usually be directed first to the relevant community owner or administrator.

The personal data we collect depends on how you interact with VibeGuard.

Information you provide directly

• Name, display name, username, company name, and job title
• Email address, phone number, Telegram handle, and similar contact details
• Account credentials and profile details
• Messages, files, and information you submit through forms, support requests, demos, pilots, audits, surveys, or other communications
• Newsletter or product-update preferences

Account, workspace, and authentication data

• Internal account and user identifiers
• Login, session, and authentication records
• Team-member invitations, roles, permissions, and workspace membership details
• Settings, presets, moderation policies, workflows, forms, reports, and administrative actions
• Subscription, contract, and billing contact information

Telegram bot and Mini App data

• Telegram user ID and, where available, username, display name, profile attributes, language, or locale
• Telegram chat, group, channel, topic, and workspace identifiers
• Bot commands, button clicks, verification steps, and Mini App interaction data
• Messages, media, attachments, join and leave events, moderation actions, appeals, admin commands, logs, and related metadata
• Timestamps, status signals, and action outcomes associated with moderation and automation

Website, device, and usage data

• IP address and approximate location inferred from IP
• Browser, device, operating system, language, and referral information
• Page views, clicks, navigation paths, feature usage, error logs, diagnostics, and performance data
• Cookie, local storage, and similar technology data as described below

Payment and transaction data

If paid services are enabled, we may collect billing contacts, invoices, transaction records, and limited payment metadata needed to administer subscriptions. Full payment card data is typically handled by payment service providers and not stored by Nolote.

We use personal data to operate, secure, improve, and support VibeGuard, including to:

• Provide the website, application, Telegram bot, Telegram Mini App, and related services
• Create and manage accounts, workspaces, and administrator access
• Run moderation, verification, workflows, analytics, audit logs, and related features
• Authenticate users and manage sessions
• Respond to demos, audits, contact requests, and support inquiries
• Detect, investigate, and respond to spam, raids, abuse, impersonation, fraud, and security incidents
• Monitor performance, reliability, and service quality
• Improve product features, documentation, and user experience
• Comply with legal, regulatory, contractual, tax, and accounting obligations

Where required by law, we rely on one or more of the following legal bases:

• Performance of a contract or steps taken before entering into a contract
• Legitimate interests, such as operating, securing, improving, and supporting the service
• Consent, where we ask for it
• Compliance with legal obligations

VibeGuard may use cookies, local storage, SDKs, pixels, and similar technologies on its website and web application.

We use essential technologies to render pages, maintain session state, support login and security controls, and prevent abuse. We may also use analytics or performance technologies to understand site usage. Where required by law, we will request consent before placing non-essential technologies.

You can control cookies through your browser settings and, where available, through our consent or cookie settings tools.

VibeGuard helps customers manage Telegram communities through configurable moderation and automation rules. Depending on customer settings, the service may detect spam, raids, and suspicious joins; trigger verification steps; remove or restrict content automatically; and generate analytics and audit logs.

VibeGuard is designed around explainability and auditability — actions can be reviewed through logs and policy records. If you believe a moderation action in a customer-managed Telegram community was incorrect, you should usually contact that community's administrator first.

Service providers and subprocessors

• Cloud hosting, storage, networking, and delivery
• Authentication, fraud prevention, and security monitoring
• Email delivery, support, ticketing, CRM, and communications
• Analytics, performance monitoring, and diagnostics
• Invoicing, accounting, and payment processing

Customers and workspace administrators

If you interact with VibeGuard in a customer-managed Telegram community or workspace, the relevant customer, owner, or administrator may access workspace data, moderation outcomes, reports, and logs associated with that workspace.

Corporate and legal disclosures

• To affiliates and advisers in connection with financing, acquisition, merger, or sale of assets
• To comply with law, regulation, legal process, or lawful government requests
• To investigate or prevent fraud, abuse, security incidents, or illegal activity
• To protect the rights, property, or safety of Nolote, customers, users, or others

Nolote is based in the United States and may process personal data in the US and other countries where Nolote, its affiliates, customers, or service providers operate.

Where required by law, we use appropriate safeguards for cross-border transfers, including contractual protections and technical measures designed to protect the data.

We retain personal data for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the service, comply with law, resolve disputes, enforce agreements, and protect service security.

• Sales, audit, and support records may be retained for relationship management and business recordkeeping
• Account and workspace data may be retained while the account is active and for a limited period after closure
• Customer-managed workspace data may be retained according to customer settings, contractual terms, and deletion instructions

We use technical, organizational, and administrative measures designed to protect personal data against unauthorized access, disclosure, alteration, loss, and misuse.

• Access controls and role-based permissions
• Authentication and session protections
• Encryption in transit
• Logging, monitoring, and alerting
• Rate-limiting and abuse controls

You can review VibeGuard security information for a broader operational overview. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Depending on where you live and the context in which Nolote processes your personal data, you may have rights such as:

• The right to know whether we process your personal data
• The right to access or obtain a copy of your personal data
• The right to correct inaccurate or incomplete personal data
• The right to delete personal data in certain circumstances
• The right to restrict or object to certain processing
• The right to withdraw consent where processing is based on consent
• The right to data portability where applicable
• The right to complain to a regulator or supervisory authority where applicable

Requests related to customer-managed Telegram communities

If your request mainly concerns data processed inside a customer-managed Telegram group, channel, or workspace, please contact the relevant community owner or administrator first.

VibeGuard is not directed to children and is not intended to be used by individuals below the minimum age permitted under applicable law. We do not knowingly collect personal data from children in violation of applicable law. If you believe that a child has provided personal data to us unlawfully, please contact us.

We may update this Privacy Policy from time to time to reflect changes in the service, law, technology, business practices, or operational needs. When we update this Privacy Policy, we will revise the Last updated date above.

If you have questions, requests, or complaints about this Privacy Policy or our privacy practices, contact:

Nolote, Inc. · Attn: Privacy · [Insert legal business address] · [Insert privacy email]

You can also read the VibeGuard Terms of Service for related legal terms and service rules.