Privacy Policy
Campbell Labs LLC operates VAIBot. This policy explains how we collect, use, and protect your data.
Information we collect
We collect information you provide directly, such as your email address when you sign up or subscribe to updates. We also collect usage data automatically, including governance decision counts, API request metadata (agent IDs, tool names, risk classifications), and account activity. We do not collect or store the content of the commands your agents attempt to execute — only the governance decision metadata.
How we use your information
We use your information to provide and improve the VAIBot service, send you important account notifications and product updates (only if you opted in), calculate your quota usage, generate governance receipts and audit trails, and comply with legal obligations. We do not sell your personal data to third parties.
Data retention
Governance receipts are retained for the duration specified by your plan (30 days for Free, 1 year for Govern and Audit). Account data is retained for as long as your account is active. You may request deletion of your account and associated data at any time by contacting us.
On-chain data
If you use the Audit plan, governance receipt hashes are anchored to the Base blockchain via Merkle roots. This on-chain data is public, permanent, and cannot be deleted — this is by design, as it provides the tamper-proof guarantees the product is built on. No personally identifiable information is included in on-chain records.
Third-party services
VAIBot uses the following third-party services: Supabase (authentication and database), Stripe (payment processing), Resend (transactional email). Each service has its own privacy policy governing their use of data. We share only the minimum data necessary for each service to function.
Security
We use industry-standard security practices including encryption in transit (TLS), encrypted at-rest storage, and scoped API keys. Governance receipts are integrity-protected via SHA-256 content hashing. If you discover a security vulnerability, please disclose it responsibly by contacting us directly.
Your rights
Depending on your jurisdiction, you may have the right to access, correct, or delete your personal data; object to or restrict certain processing; and data portability. To exercise these rights, contact us at the address below. We will respond within 30 days.
Contact
Campbell Labs LLC For privacy inquiries: briantacampbell@gmail.com This policy was last updated April 2026.