Privacy Policy

Last updated: February 27, 2026

1. Introduction

VibeTensor Private Limited ("VibeTensor", "we", "us", or "our") operates the Attestix website (attestix.vibetensor.com) and the Attestix open-source software. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

This policy is drafted in compliance with the Information Technology Act, 2000 and the IT (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, the Digital Personal Data Protection Act, 2023 (DPDP Act), and the General Data Protection Regulation (GDPR) for users in the European Economic Area.

2. Data Controller

VibeTensor Private Limited is the data controller responsible for your personal data.

• Contact: info@vibetensor.com
• Grievance Officer: Pavan Kumar Dubasi, info@vibetensor.com

3. Information We Collect

3.1 Information you provide

• Contact information (name, email) when you contact us via email or forms
• Enterprise inquiry details submitted through our contact form

3.2 Information collected automatically

• Standard server logs (IP address, browser type, operating system, referring URL, pages visited, date/time of access)
• Cloudflare analytics data (anonymized, no cookies required)

3.3 Information we do NOT collect

• The Attestix software runs locally on your machine. We do not collect, transmit, or store any data processed by the Attestix MCP tools
• We do not collect Sensitive Personal Data or Information (SPDI) as defined under IT Rules 2011

3.4 Blockchain Anchoring Disclosure

When you use the optional blockchain anchoring features, Attestix sends cryptographic hashes (not raw data) to the Base L2 blockchain via the Ethereum Attestation Service (EAS). These hashes are publicly visible and permanently immutable on the blockchain. No personal data or raw credential content is sent to the blockchain. You control whether to use this feature.

4. Lawful Basis for Processing (GDPR)

• Legitimate interest: Website analytics to improve user experience
• Consent: When you voluntarily submit your contact information
• Contractual necessity: Processing enterprise support inquiries

5. How We Use Your Information

• To respond to your inquiries and support requests
• To improve our website and documentation
• To comply with legal obligations

6. Data Sharing and Transfers

We do not sell your personal data. We may share data with:

• Cloudflare: For website hosting, CDN, and DDoS protection (data processed in multiple jurisdictions under Cloudflare DPA)
• GitHub: For open-source project collaboration (governed by GitHub Privacy Statement)

For transfers to countries outside India or the EEA, we rely on Standard Contractual Clauses (SCCs) or equivalent safeguards.

7. Data Retention

We retain personal data only as long as necessary for the purposes described above. Contact inquiries are retained for up to 2 years. Server logs are retained for up to 30 days.

8. Your Rights

Under GDPR (EEA residents)

• Right of access
• Right to rectification
• Right to erasure
• Right to restrict processing
• Right to data portability
• Right to object

Under DPDP Act (Indian residents)

• Right to access information about personal data
• Right to correction and erasure
• Right to grievance redressal
• Right to nominate

To exercise any of these rights, contact us at info@vibetensor.com. We will respond within 30 days.

9. Cookies

Our website uses only strictly necessary cookies for basic functionality (such as theme preference). We do not use analytics cookies, tracking cookies, or third-party advertising cookies. See our Cookie Policy for details.

10. Children's Privacy

Our services are not directed at individuals under 18. We do not knowingly collect personal data from children. If you believe we have collected data from a minor, contact us immediately.

11. Security

We implement reasonable security practices and procedures to protect your data, including HTTPS encryption, security headers, and access controls, consistent with Rule 8 of the IT Rules 2011.

12. Grievance Redressal

If you have any concerns about our data practices, please contact our Grievance Officer:

• Name: Pavan Kumar Dubasi
• Email: info@vibetensor.com

We will acknowledge your complaint within 48 hours and resolve it within 30 days.

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date.