Terms

1. Provider and contact

VibeMole is provided by Sergej Weber, P.O. Box 1123, 64355 Mühltal, Germany.

For contractual, product, or legal notices, contact info@vibemole.com.

2. Service scope

VibeMole helps review websites, apps, repositories, and submitted evidence for privacy, cookie, tracking, compliance, and security readiness signals. The service may include web scans, CLI and local evidence uploads, worker-backed browser collection, policy and PDF parsing, generated reports, dashboards, saved scan history, billing, and account settings.

Features, scan coverage, models, scoring rules, provider integrations, quotas, and availability may change as the product develops.

3. Accounts and access

You must provide accurate account information and keep login credentials, CLI tokens, browser sessions, and workspace access secure. You are responsible for activity under your account unless the activity results from VibeMole's breach of duty.

You must not share access in a way that bypasses plan limits, security controls, or account restrictions.

4. Scan authorization and submitted content

You may submit only websites, apps, repositories, local evidence, URLs, domains, and other materials that you are authorized to scan, test, process, and upload to VibeMole.

You are responsible for ensuring that submitted content does not violate third-party rights, confidentiality duties, employment or customer agreements, platform rules, or applicable law.

• Do not upload secrets, raw credentials, private keys, authentication tokens, payment card data, or other sensitive values.
• CLI and local evidence packages must remain redacted. VibeMole may reject packages that include unredacted cookie or storage values, raw HTML, inline scripts, or sensitive headers.
• Do not submit special-category, child-related, health, financial, or similarly high-risk personal data unless you have a lawful basis and need the data for the requested scan.

5. Web, CLI, and worker scans

For web scans, VibeMole may crawl publicly reachable targets, read policy and terms pages, inspect consent banners, cookies, browser storage, tracker domains, third-party requests, security headers, scripts, screenshots or evidence snippets, and related metadata.

For CLI and local evidence flows, VibeMole may process project metadata, dependency and configuration signals, runtime observations, local security evidence, scan IDs, and uploaded evidence packages to generate a report.

Worker-backed browser collection may use automated browser technology, including Playwright-style collection, to observe how a target behaves across selected pages, profiles, consent states, and locales.

6. AI-assisted and automated output

VibeMole uses automated rules and may use OpenAI API or similar model infrastructure for AI-assisted classifications, compliance labels, cookie and storage interpretation, policy analysis, transfer review support, security findings, scores, summaries, remediation text, and generated reports.

All AI-assisted classifications, compliance labels, scores, security findings, and generated reports are advisory product output. They may be incomplete, outdated, or wrong. You must review and verify the output before relying on it for legal, security, compliance, business, launch, or customer-facing decisions.

VibeMole does not provide legal, tax, accounting, or security-audit advice, and no generated output replaces qualified professional review.

7. Billing, subscriptions, and quotas

Paid features, subscriptions, plan changes, one-off scan credits if offered, invoices, payment attempts, taxes, and billing portal access are processed through Stripe. Payment card details are handled by Stripe and are not stored by VibeMole.

Current plan limits are 2 scans for free accounts, 10 scans for pro accounts, and 25 scans for business accounts unless the product UI, checkout, or a written agreement states otherwise. Business plans may be treated as unmetered in the product.

Subscription upgrades may take effect immediately. Downgrades or cancellations may take effect at the end of the current billing period. Failed or disputed payments may limit access to paid features.

8. Acceptable use

• Do not scan targets without authorization or use VibeMole for unlawful, deceptive, harmful, or abusive activity.
• Do not attempt to bypass authentication, rate limits, security controls, billing controls, or scan restrictions.
• Do not reverse engineer, overload, disrupt, scrape abusively, resell, or misuse the service or its outputs.
• Do not upload malware, exploit payloads, illegal content, or content that infringes third-party rights.
• Do not use VibeMole to create legal conclusions that you present as verified professional advice without independent review.

9. Service components and providers

The service is built from VibeMole first-party packages and selected third-party services. This is a user-relevant service appendix, not an exhaustive npm dependency list.

• Supabase for authentication, database, storage, sessions, and backend services.
• OpenAI API for selected AI-assisted analysis, classification, and report-support workflows.
• PostHog EU for product analytics and event measurement, routed through VibeMole's /relay proxy path where configured.
• Stripe for checkout, subscriptions, invoices, taxes, billing portal sessions, and payment webhooks.
• Vercel or other hosting and infrastructure providers for application hosting, networking, deployment, logs, and security controls.
• VibeMole worker infrastructure, browser collection, Playwright-style automation, PDF/policy parsing, crawler packages, evidence schemas, redaction, domain-signal, policy-collector, browser-collector, consent-browser, and project-scanner components for scans and reports.

10. Intellectual property

VibeMole software, branding, interfaces, documentation, designs, reports templates, scoring systems, and service materials are protected by intellectual property laws. No rights are transferred except the limited right to use the service under these Terms.

You retain rights in content you submit. You grant VibeMole the rights needed to host, process, analyze, store, display, and transmit submitted content and generated outputs for providing, securing, supporting, and improving the service.

11. Availability, changes, and suspension

VibeMole may be unavailable during maintenance, incidents, provider outages, changes, or capacity constraints. The service is provided without a guarantee of uninterrupted availability unless a separate written agreement says otherwise.

VibeMole may suspend or restrict access if needed to protect the service, users, third parties, legal compliance, billing integrity, or security, or if these Terms are violated.

12. Liability

Nothing in these Terms limits liability for intent, gross negligence, injury to life, body, or health, mandatory statutory liability, or other liability that cannot be limited by law.

To the extent permitted by law, liability for slight negligence is limited to foreseeable damages typical for this type of contract where an essential contractual duty is breached, and is otherwise excluded. Liability for indirect or consequential losses is excluded to the extent permitted by law.

13. Consumer rights

Mandatory consumer protections, withdrawal rights, warranty rights, and other rights that cannot be waived under the law of your country of residence remain unaffected.

14. Governing law and jurisdiction

German law applies, excluding the United Nations Convention on Contracts for the International Sale of Goods (CISG). Mandatory consumer protections of your country of residence remain unaffected where applicable.

Where legally permitted, the courts competent for the provider's place of business have jurisdiction.

15. Changes to these Terms

VibeMole may update these Terms to reflect product, legal, provider, or operational changes. The current version is published on this page.