PRIVACY POLICY

Last updated: March 2026

Overview

VIBErip is a Chrome extension that captures the visual styles of web elements and generates AI prompts. This policy explains what data we collect, how we use it, and your rights.

When scripts are injected

VIBErip does NOT inject scripts on every page you visit. Content scripts are only injected into the active tab when you explicitly activate rip mode, use the keyboard shortcut, or open the Vibe Library. No code runs on any page until you take action.

What VIBErip collects when you capture

When you click to capture an element, VIBErip reads the following from the current page:

• The element's computed CSS styles (colors, fonts, spacing, layout, borders, shadows)
• The element's tag name, text content (first 200 characters), and dimensions
• The page hostname and title (not the full URL)
• Child element summary (images, icons, buttons detected within the captured element)
• Hover styles if detectable from the page's stylesheets

This data is sent to our API server to generate your AI prompt. It is not stored on our servers unless you explicitly save a capture to your Vibe Library.

What VIBErip does NOT collect

• No browsing history — we do not track which sites you visit
• No cookies or session tokens from other sites
• No form data, passwords, or input field contents
• No personal data beyond your email address (used only for sign-in)
• No data is sold to third parties

Local storage

VIBErip uses Chrome's local storage (chrome.storage.local) to store:

• Your selected output format preference (Cursor, Claude, v0, or Lovable)
• Rip mode activation state
• Your authentication token (JWT) if signed in
• Local rip count for the current month
• Your last 3 capture prompts for quick re-copy
• Onboarding completion state

This data stays on your device and is not transmitted to our servers.

Third-party data sharing

When you capture an element, the visual style data is sent to:

• Our API server (Cloudflare Workers) — receives element data to construct the AI prompt request
• OpenRouter (via our server, not directly from your browser) — the AI provider that generates the prompt. OpenRouter processes requests in real-time and does not store them. See OpenRouter's privacy policy.

Your browser never communicates directly with the AI provider. All AI requests are proxied through our server.

Authentication

VIBErip uses Google OAuth for sign-in. We only request access to your email address and basic profile. We do not access your Google Drive, contacts, calendar, or any other Google services. Your Google credentials are never stored — we exchange the Google token for our own JWT.

Saved captures (Vibe Library)

If you save a capture to your Vibe Library, the following is stored in our database (Cloudflare D1):

• The generated prompt text
• The output format used
• The source page hostname and element tag
• The capture mode (element, section, or full page)
• Element data (for re-rip functionality)
• Your custom title and favorite status (if set)

You can delete any saved capture at any time from the Vibe Library sidebar. You can export all your captures as a CSV file.

Prompt feedback

When you rate a prompt (thumbs up/down), the following is sent to our server: the rating, output format, capture mode, source hostname, and a snippet of the prompt text. This data helps us improve prompt quality. It is associated with your user ID if you are signed in.

Payments and merchant of record

All payments are processed by Creem.io, which acts as the merchant of record for all transactions. Creem handles payment processing, tax collection, and compliance. VIBErip does not store your credit card or payment information at any time.

By making a purchase, you agree to Creem's Terms of Service and Creem's Privacy Policy in addition to our own terms.

Data retention

Account data (email, plan status) is retained as long as your account exists. Saved captures are retained until you delete them. Usage tracking data (monthly rip counts) is retained for billing and limit enforcement. You can request full account deletion by emailing us.

Your rights

You can request access to, correction of, or deletion of your personal data at any time by contacting us. If you are in the EU, you have additional rights under GDPR including the right to data portability and the right to withdraw consent.

Changes to this policy

We may update this policy from time to time. Significant changes will be communicated via the extension or our website. The "last updated" date at the top reflects the most recent revision.

Contact

Questions about this policy? Email hey@viberip.app.