Legal

Privacy Policy

Last updated: July 5, 2026

This Privacy Policy describes how Invictus Logic LLC (“Vubio,” “we,” “us”) collects, uses, shares, and protects information in connection with the Vubio service, websites, and applications (the “Service”). Please do not use the Service if you are not comfortable with the practices described here.

1. Information we collect

We collect information directly from you, automatically when you use the Service, and from third parties such as the social platforms you connect and our payment provider.

2. How we use information

2a. AI processing of your content

To generate content, the Service sends your inputs (such as screen recordings, reference images, and text) to third-party artificial-intelligence providers that process them on our behalf to produce output, under their own service terms. We do not use your content to train AI models of our own. Do not upload content you are not permitted to share or process, or that you do not want processed by AI providers.

2b. Reference images and personas

To create a synthetic persona, you upload a reference face image. Our AI providers process that image on our behalf to generate images and video frames depicting the persona. That processing may involve the detection or analysis of facial features that some laws treat as biometric data. We handle this data as follows.

Where your local law treats face images as sensitive data and requires consent, you provide that consent by uploading the image and creating a persona, and you can withdraw it at any time by deleting the persona or profile or by closing your account; withdrawal stops future processing but does not affect processing that already occurred or content already generated or published.

2c. Marketing showcase

As described in our Terms of Service, we may identify our customers and feature content that has been published publicly through the Service in our own marketing. For example, we may display a customer’s name and logo on our website, link to or embed published posts, and cite performance results such as view counts. We only feature content after it has been made public on your connected platforms, and we do not use unpublished drafts, raw uploads, reference face images, or private messages in marketing. Where the GDPR or UK GDPR applies, we rely on our legitimate interest in promoting the Service. You can opt out at any time by emailing support@vubio.ai from the email address on your account; within 30 days we will stop creating new marketing materials that feature you and will remove your name, logo, and content from our website and social media accounts, though materials already distributed outside our control may persist.

3. How we share information

We do not sell your personal information. We share information only as described here:

3a. Data we process on your behalf

Some features, such as the unified inbox, comment and direct-message automation, and analytics, involve personal information about people who interact with your connected social accounts, such as commenters and message senders. We process that information as your service provider (processor), only at your direction and only to provide the features you enable. For that information, you act as the controller or business: you are responsible for having a lawful basis to collect and use it, for providing any notices required to those individuals, and for honoring their privacy rights. If someone contacts us directly about information we hold on your behalf, we may forward the request to you or act on your documented instructions. This Policy describes the processing we carry out for our own purposes and does not replace your own privacy obligations to your audience.

4. Data retention

We retain information for as long as your account is active and as needed to provide the Service, and afterwards as needed to comply with our legal obligations, resolve disputes, and enforce our agreements. When you delete content or your account, we delete or de-identify the associated data within a reasonable period, except for content already published to third-party platforms, limited backup copies, and records we must retain by law. In particular: reference images and persona data are deleted as described in Section 2b; uploaded source media may be deleted earlier once it is no longer needed for a draft or scheduled post, as described in the Service; backup copies are purged on a rolling cycle of limited duration; and we keep limited billing, security, and audit records for as long as the law requires or a claim could reasonably arise. We may also delete or de-identify content and data associated with accounts that have no active subscription and have been inactive for an extended period, as described in our Terms.

5. Security

We use reasonable administrative, technical, and organizational measures designed to protect information, including access controls, encryption in transit, and tenant isolation. No method of transmission or storage is completely secure, however, and we cannot guarantee absolute security. You are responsible for keeping your account credentials safe. If we become aware of a security incident affecting your personal information, we will notify you and any relevant regulator as required by applicable law; to the extent permitted by law, we may provide notice by email or through the Service, and our obligations in connection with any incident are those required by applicable law.

6. Your rights and choices

Depending on where you live, you may have rights to access, correct, export, delete, or restrict the processing of your personal information, and to object to certain processing. You can update much of your information in the Service, delete profiles and content, and close your account. To make a request or ask a question, contact us at the address below; we may need to verify your identity before acting.

7. International data transfers

We are based in the United States and process information in the United States and in other countries where we and our providers operate. These countries may have data-protection laws different from those in your region. Where the GDPR, UK GDPR, or Swiss law applies to a transfer of your information outside your region, we use appropriate safeguards where required, such as the European Commission’s Standard Contractual Clauses (with the UK Addendum or the UK International Data Transfer Agreement where applicable), adequacy decisions, or a provider’s certification to the EU-U.S. Data Privacy Framework. You may request more information about these safeguards at the contact below.

8. Cookies and analytics

We use cookies and similar technologies that are necessary to sign you in and keep the Service secure, and we use a product-analytics provider to understand and improve usage. You can control cookies through your browser settings, though disabling some may affect how the Service works. Some browsers transmit Do Not Track signals; because there is no common standard for interpreting them, the Service does not respond to Do Not Track signals. Where the law requires, we treat Global Privacy Control signals as a request to opt out of the sale or sharing of personal information, although we do not sell or share personal information.

9. Children’s privacy

The Service is not directed to, and may not be used by, anyone under 18. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.

10. Changes to this Policy

We may update this Policy from time to time. If we make material changes, we will notify you in advance by email or by prominent notice in the Service, and where applicable law requires your consent to a change, we will obtain it. Each version applies from its effective date, and your continued use of the Service after that date constitutes acceptance.

11. Contact

Invictus Logic LLC, a District of Columbia limited liability company, is the data controller for the personal information described in this Policy, except for the information we process on your behalf as described in Section 3a, for which you or your organization is the controller. For privacy questions or requests, contact us at support@vubio.ai.