Back to home

Privacy Policy

Last updated: 3 May 2026

This Privacy Policy explains how Vibestack Ltd ("Vibestack", "we", "us", "our") collects, uses, and protects personal data when you visit vibestack.uk, communicate with us, or use our products and services. We are committed to handling your data lawfully and transparently in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

Vibestack Ltd is a private limited company registered in England and Wales (company number 17167709), with its registered office at Office 12, Initial Business Centre, Wilson Business Park, Manchester, M40 8WN, United Kingdom. For the purposes of UK data protection law, we are the data controller of your personal data.

If you have any questions about this policy or how your data is handled, please contact legal@vibestack.uk or call +44 7735 379810.

2. What data we collect

We collect only the data we need to operate, improve, and support our services. The categories of data we collect include:

  • Contact information — your name, email address, phone number, and company, when you contact us or sign up for our products.
  • Account data — login identifiers, profile information, and preferences for the products you use.
  • Communications — emails, messages, and support tickets you send us.
  • Technical data — IP address, device type, browser, operating system, and approximate location, collected through standard server logs and cookies.
  • Usage data — pages viewed, features used, time spent, and other interactions with our website and products.
  • Payment data — when you transact with us, our payment processors (such as Stripe) handle your payment details directly. We receive only the transaction confirmation, not your full card information.

3. How we use your data

We process personal data for the following purposes and on the following lawful bases:

  • To provide our services (contractual necessity) — operating your account, delivering features, and processing payments.
  • To support you (contractual necessity / legitimate interest) — answering enquiries and providing customer service.
  • To improve our products (legitimate interest) — analysing usage, debugging issues, and developing new features.
  • To communicate with you (legitimate interest / consent) — sending service updates, security notices, and, where you have opted in, marketing communications.
  • To comply with our legal obligations (legal obligation) — including tax, accounting, and regulatory requirements.
  • To protect our services (legitimate interest) — preventing fraud, abuse, and security incidents.

4. How we share your data

We do not sell your personal data. We share data only with trusted service providers who help us run our business, and only to the extent necessary. These include:

  • Cloud and infrastructure providers (e.g. Cloudflare, hosting providers).
  • Payment processors (e.g. Stripe, Wise, Payoneer).
  • Email and communications providers.
  • Analytics and product-monitoring providers.
  • Professional advisors, such as accountants and lawyers, where required.

We may also disclose data where required by law, court order, or to protect our rights and the safety of others.

5. International transfers

Some of our service providers are located outside the United Kingdom. Where we transfer personal data internationally, we rely on appropriate safeguards such as the UK International Data Transfer Agreement, Standard Contractual Clauses, or transfers to jurisdictions covered by an adequacy decision.

6. How long we keep your data

We retain personal data only for as long as necessary for the purposes set out above, or as required by law. Account data is retained while your account is active and for a reasonable period afterwards. Transaction and accounting records are retained for at least six years to comply with UK statutory requirements.

7. Your rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate or incomplete data.
  • Request deletion of your data, subject to legal exceptions.
  • Restrict or object to certain processing.
  • Request portability of data you provided.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

To exercise any of these rights, contact legal@vibestack.uk. We will respond within one month.

8. Security

We use industry-standard technical and organisational measures to protect personal data, including encrypted transport (TLS), encrypted storage where appropriate, access controls, and regular security reviews. No method of transmission or storage is completely secure, but we work continuously to safeguard your information.

9. Cookies

This website uses a small number of cookies for essential functionality and analytics. See our Cookie Policy for details.

10. Children

Our services are not directed to children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time. The "last updated" date at the top reflects the latest revision. Material changes will be communicated through our website or by email where appropriate.

12. Contact

For privacy-related questions or to exercise your rights, contact:

Vibestack Ltd
Office 12, Initial Business Centre, Wilson Business Park
Manchester, M40 8WN, United Kingdom
Email: legal@vibestack.uk
Phone: +44 7735 379810