Last updated: June 15, 2026
This privacy policy describes which data Vibe (the macOS app VibeDesk, the iOS app VibeRemote and the related developer tools that run on your machine) processes, for what purpose and on what legal basis. It complements the general privacy policy for davedinapoli.de.
Dave Di Napoli
(Address: see imprint)
Email: info@davedinapoli.de
Vibe connects running Claude Code sessions on your machine with your iPhone. When a session asks a decision question, it appears in the Mac panel (VibeDesk) and — if enabled — as a push on your iPhone (VibeRemote). You answer remotely (option, free text or voice); the answer flows back into the waiting session. This includes an MCP tool, hooks and a VS Code extension that run on your own machine.
Vibe collects no advertising IDs, no analytics, no crash reporters and bundles no tracking SDKs. Data is stored owner-isolated (Row Level Security) in an EU data center.
Sign-in uses Sign in with Apple. Apple provides an anonymized identifier; a real email address or name is only passed if you explicitly consent at login.
When one of your sessions asks a question, the following is stored: the question text and options, your answer (chosen option or free text) and session metadata — project name, working directory (a path on your machine), timestamps, status and a history (e.g. an excerpt of the text Claude last produced).
Important: this content can contain fragments of your work (paths, project names, question and answer text). All rows are strictly tied to your account via Row Level Security — nobody but you can read or write them.
For push notifications Vibe stores your iPhone’s push token (APNs) and a device label (model name, e.g. „iPhone 15 Pro“). Without a registered device there are no push messages.
So the tools on your machine can attach written rows to your account, Vibe issues a personal access token. Only a hash of it is stored in the database, not the token itself. You can revoke it at any time.
If you use dictation, your speech is converted to text on the device (Apple’s on-device speech recognition). No audio is transmitted to third parties; only the finished text is processed as an answer/prompt.
If a session uses the screenshot tool, the generated image is stored in a private storage area (EU) tied to your account and shown only to you.
Sign in with Apple is used for sign-in and the Apple Push service (APNs) for notifications. Apple is an independent controller in that respect.
Accounts, sessions, questions/answers, history, devices and tokens are synced to a Supabase instance operated by me. Supabase is a processor within the meaning of Art. 28 GDPR; the data resides in an EU data center.
No transfer to other third parties takes place — no ad networks, no analytics providers. Vibe does not send your question/answer data to an AI model; Claude runs in your own Claude Code environment on your machine.
You have the following rights under GDPR:
Requests please to info@davedinapoli.de.
This policy may be updated when functionality changes or the legal situation evolves. The current version is always available at this URL; the date above shows its state.