Privacy Policy
Effective Date: April 6, 2026
VibeLab ("we," "us," or "our") operates the UniSave mobile application, iOS Share Extension, and browser extension (collectively, the "Services"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Services. Please read this policy carefully. By using UniSave, you consent to the practices described in this Privacy Policy.
1. Information We Collect
1.1 Information You Provide
- Bookmarked URLs: Web addresses you save through the App, Share Extension, or browser extension
- Account information (optional): If you choose to sign in with a third-party provider (such as Google or Sign in with Apple), we may receive and store basic profile information (for example, your name and email address or relay email) and provider identifiers for authentication.
- User notes: Notes and annotations you add to bookmarks
- Collections: Collection names and organization preferences
- Favorites: Bookmarks you mark as favorites
1.2 Automatically Collected Information
- Web page metadata: Title, description, and thumbnail extracted from bookmarked URLs
- AI-generated content: Summaries, tags, and save reasons generated by our AI enrichment service
- Usage data: Bookmark view timestamps, enrichment request counts, and sync activity
- Account identifiers: Firebase User ID (UID) for account identification (anonymous by default; may be linked to a sign-in provider if you choose to sign in)
- Diagnostics: Crash logs, performance data, and error reports
1.3 Information We Do NOT Collect
- Phone number
- Precise location data
- Contacts or address book
- Photos, camera, or microphone data
- Health or fitness data
- Financial or payment information (handled by Apple for in-app purchases)
- Full browsing history (we only handle URLs and page content you explicitly choose to save)
2. How We Use Your Information
We use the collected information for:
| Purpose | Data Used |
|---|---|
| Providing core functionality | Bookmarks, URLs, metadata, collections |
| AI enrichment | Web page content (processed, not stored raw) |
| Search functionality | Titles, descriptions, tags, search tokens |
| Cloud sync | All bookmark and collection data |
| Subscription management | Subscription status, product ID, expiry date |
| Usage quota enforcement | Enrichment counts, rate limit counters |
| Improving app quality | Crash logs, performance metrics |
3. Third-Party Services
We use the following third-party services to operate the App. Each provider processes data in accordance with their own privacy policies:
| Service | Purpose | Data Shared |
|---|---|---|
| Google Firebase | Database, authentication, cloud functions | Bookmarks, user metadata, and account identifiers (UID; and if you sign in, basic profile info) |
| Google Vertex AI | AI enrichment (summaries, tags) | Web page content for processing |
| RevenueCat | Subscription state management | Subscription product ID, user ID, expiry |
| Sentry | Error tracking & performance | Crash logs, stack traces, breadcrumbs |
| Apple StoreKit 2 | In-app purchases | Transaction JWS tokens (managed by Apple) |
We do not sell, rent, or trade your personal information to third parties. Data shared with third-party services is limited to what is necessary for their stated purpose.
Chrome Web Store Limited Use disclosure: The use of information received from Google APIs will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.
4. Data Storage and Security
- Cloud storage: Your data is stored on Google Firebase servers in the Asia-Southeast region (asia-southeast1), encrypted at rest and in transit
- Device storage: Local data is cached using SwiftData with iOS-level encryption and Keychain protection
- Browser extension storage: When you use our Chrome extension, certain data (such as authentication tokens and settings) may be stored locally in Chrome's extension storage to keep you signed in and remember your preferences.
- Transport security: All network communications use TLS/HTTPS encryption
- Access control: Strict Firestore security rules ensure only you can access your own bookmarks and data. Firebase App Check provides additional device attestation
5. Data Retention and Deletion
| Data Type | Retention Period | Deletion Method |
|---|---|---|
| Bookmarks & collections | Until you delete them | In-app deletion or account request |
| User account (UID) | Until account deletion | Delete via in-app / extension settings (where available) or contact support@unisave.io |
| Enrichment jobs | 7 days after completion | Automatic cleanup |
| Usage counters | 30 days (monthly reset) | Automatic cleanup |
| Error logs (Sentry) | 30 days | Auto-deleted by Sentry |
6. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Right to access: Request a copy of your data stored by our services
- Right to deletion: Request deletion of your account and all associated data
- Right to portability: Request your data in a portable format
- Right to rectification: Request correction of inaccurate data
- Right to withdraw consent: Revoke consent for data processing at any time
To exercise any of these rights, please contact us at privacy@unisave.io. We will respond to your request within 30 days.
7. Children's Privacy
UniSave is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently collected personal information from a child under 13, we will take steps to delete such information promptly. If you believe a child under 13 has provided us with personal data, please contact us at privacy@unisave.io.
8. Tracking and Advertising
UniSave does not track you across apps or websites owned by other companies for the purposes of advertising or advertising measurement. We do not display third-party advertisements. We do not share your data with data brokers or advertising networks.
9. International Data Transfers
Your data is primarily stored on Google Firebase servers in Southeast Asia (asia-southeast1). Third-party services such as Sentry and RevenueCat may process data in other regions. By using the App, you consent to the transfer of your data to these locations. All transfers are protected by appropriate security measures and encryption.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make material changes, we will update the "Effective Date" at the top of this page and, where feasible, notify you through an in-app notification. Your continued use of the App after any changes constitutes your acceptance of the updated Privacy Policy.
11. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:
- Privacy inquiries: privacy@unisave.io
- General support: support@unisave.io
- Website: https://unisave.io
App Privacy Summary
In accordance with Apple's App Store requirements, here is a summary of our data practices:
Data Linked to You
- - User ID (anonymous Firebase UID)
- - Email address (only if you choose to sign in)
- - Purchase history (subscription status)
- - Product interaction (bookmark views)
- - Other user content (bookmarks, notes)
Data NOT Linked to You
- - Crash data
- - Performance data
Data NOT Collected
- - Location
- - Contacts
- - Photos or videos
- - Browsing history (automatic collection)
- - Health & fitness
- - Financial info
- - Advertising data
- - Sensitive info
- - Email content or messages