Privacy Notice

Last updated on July 12, 2025.

This Privacy Notice describes policies and procedures for collection, use, and disclosure of personal data when using the Service or Website, including your privacy rights regarding data processing.

1. Definitions and Scope

1.1. Key Terms

You — Individual accessing or using the Service or Website, or the company or legal entity on whose behalf such access occurs.

Company — Ilities.dev B.V., trading as Viberglass, incorporated in the Netherlands with registered office at Broerenstraat 45 41, 6811EB Arnhem, Netherlands.

Account — Unique account created for access to Service or Website.

Website — Viberglass.io and all subdomains.

Service — The Viberglass platform, including self-hosted and cloud-hosted offerings.

Personal Data — Customer Data constituting "personal data" under GDPR.

Device — Any device accessing Service or Website (computer, mobile phone, tablet).

Data Protection Laws — EU General Data Protection Regulation (GDPR), EU Privacy and Electronic Communications Directive, and applicable privacy, security, and data protection laws of relevant jurisdictions.

Usage Data — Data generated by Service or Website use or infrastructure.

Data Controller — Person determining purpose and means of Personal Data processing.

Data Processor — Person processing Personal Data on Controller's behalf.

1.2. Controller Status

Either Ilities.dev B.V. or any other Viberglass group company from time to time, may be the controller of your personal data.

2. Types of Data Collected

2.1. Personal Data

  • Email address
  • First name and last name
  • Phone number
  • Company name
  • Role in company
  • Location data (address, state, province, postal code, city, IP address)
  • Bank account information (VAT number, billing address, credit card information, payment details)
  • Usage Data (device information, browser type, unique device identifiers, referral data, pages clicked, interaction time and duration)
  • Third-party source information (interaction data, company information, social media handles and avatars from social media providers, advertising providers, lead generation providers)

2.2. Tracking Technologies and Cookies

We use Cookies and similar tracking technologies to track the activity on our Service and Website and store certain information. Tracking technologies include beacons, tags, and scripts for collection, tracking, and Service/Website improvement and analysis. If you do not accept Cookies, you may not be able to use some parts of our Service or Website.

3. How Personal Data Is Used

3.1. Service Provision and Maintenance

Processing occurs to perform contracts and fulfill obligations under applicable terms. Where no contract exists, legitimate interests support processing to operate and administer the Service and Website, including account creation, administration, and management.

3.2. Contract Performance

Development, compliance, and undertaking of purchase contracts for products, items, or services purchased or any other contract through the Service or Website.

3.3. Service and Website Improvement

Processing enhances and optimizes the Service and Website through understanding user behavior, monitoring usage and traffic patterns, analyzing trends, and developing new products, services, features, and functionality based on legitimate interests.

3.4. User Contact

Contact via email, telephone, SMS, or equivalent electronic communication regarding updates, informative communications related to functionalities, products, or contracted services, including security updates when necessary or reasonable.

3.5. News and Offers

Provision of news, special offers, and general information about goods, services, and events similar to those previously purchased or inquired about, unless opted out.

3.6. Request Management

Attending to and managing user requests.

3.7. GDPR Lawful Bases

Processing relies on:

  • User consent
  • Contractual obligation
  • Legal obligation
  • Legitimate interest

4. Personal Data Sharing

4.1. Service Providers

Consultants and vendors supporting Service and Website provision and business operation, including processors added to the Subprocessors List.

4.2. Advertising Partners

Third party advertising companies may use cookies and similar technologies to collect information about your activity on the Service or Website and other online services over time to serve you online targeted advertisements.

4.3. Professional Advisors

Lawyers, auditors, insurers rendering professional services.

4.4. Law Enforcement Compliance

Compliance with applicable laws, lawful requests, and legal process (subpoenas, government authority requests); protection of rights, privacy, safety, or property; enforcement of terms and conditions; prevention and investigation of fraudulent, harmful, unauthorized, unethical, or illegal activity, including cyberattacks and identity theft.

4.5. Business Transfers

Parties to transactions or potential transactions (and their professional advisors) involving corporate divestiture, merger, consolidation, acquisition, reorganization, sale, or disposition of business assets or equity interests (including bankruptcy proceedings).

4.6. Intercompany Transfers

Other Viberglass group companies, including newly added group companies.

5. Personal Data Retention

5.1. General Retention

The Company will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Notice.

5.2. Usage Data and Specific Periods

The Company will also retain Usage Data for internal analysis purposes. Personal data retention continues only as long as necessary to fulfill stated purposes. For specific retention period details, contact privacy@viberglass.io.

6. Personal Data Transfer

6.1. Processing Locations

Your information, including Personal Data, is processed at the Company's operating offices and in any other places where the parties involved in the processing are located. Information may transfer to and be maintained on computers outside your jurisdiction where data protection laws may differ.

6.2. Consent to Transfer

Your consent to this Privacy Notice followed by your submission of such information represents your agreement to that transfer.

6.3. Transfer Safeguards

The Company will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Notice and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

7. Personal Data Security

We care about protecting your personal data and this is why we put in place appropriate measures that are designed to secure your personal data. Technical and organizational safeguards details are available at privacy@viberglass.io.

8. Code Security and AI Processing

Viberglass is an agent orchestration platform that uses AI coding agents to analyze and fix bugs. We want to be transparent about how we handle your code:

  • Your code is never stored permanently on our servers
  • Code is only accessed during active agent execution sessions
  • Your code is never used to train AI models
  • All code transfers use encrypted connections
  • Credentials are stored securely in AWS SSM Parameter Store with multi-tenant isolation

9. GDPR Rights

9.1. Data Subject Rights

  • Right of access — Request copies of personal information
  • Right to rectification — Request correction of inaccurate information or completion of incomplete information
  • Right to erasure — Request personal information deletion in certain circumstances
  • Right to restriction of processing — Request processing restriction in certain circumstances
  • Right to object to processing — Object to processing in certain circumstances
  • Right to data portability — Request transfer of provided personal information to another organization or to yourself in certain circumstances

9.2. Exercise of Rights

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

9.3. Request Submission

Contact privacy@viberglass.io to submit requests.

9.4. Complaint Rights

You have the right to lodge complaints with Data Protection Authorities regarding collection and use of personal data. For European Economic Area residents, contact your local data protection authorities.

10. Links to Other Websites

The Service or Website may contain links to non-operated websites. You should review privacy notices for each visited site. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third party sites or services.

11. Privacy Notice Changes

We may update this Privacy Notice periodically. Notification happens through posting on this page. Email notification and/or prominent Service or Website notice occurs before changes become effective, with the "Last updated" date updated. You should review periodically for changes. Changes become effective upon posting.

12. Contact Information

For questions about this Privacy Notice, please contact us at:

Ilities.dev B.V., trading as Viberglass
Broerenstraat 45 41, 6811EB Arnhem, Netherlands
Email: privacy@viberglass.io