VibeBI is free to use but not free to fork. And because it processes your data on your premises, here's exactly what that means under the major privacy frameworks.
VibeBI is closed-source free software. You may download, install, and use it inside your organization at no cost, with no license fees, seat fees, usage metering, or hidden terms. "Free" here means free of charge and free of buried conditions — not open source.
The software is licensed, not sold. VibeBI retains all intellectual property rights in the application, its binaries, models, prompts, and documentation. Your right to use the software is a non-exclusive, non-transferable license granted under these terms.
Because VibeBI is closed-source, the following are not permitted:
VibeBI is provided "as is" and "as available," without warranties of any kind, express or implied, including merchantability, fitness for a particular purpose, and non-infringement. To the maximum extent permitted by law, VibeBI and its contributors are not liable for any indirect, incidental, or consequential damages arising from use of the software. You are responsible for validating outputs before acting on them.
Specifically:
In short: VibeBI is free software with no warranty. Test it thoroughly, trust your own judgment, and proceed at your own risk.
This is the most important section if you process personal data. The roles are defined precisely:
| Party | Role | Means |
|---|---|---|
| You (the customer) | Controller | You determine the purposes and means of processing personal data. You own the data, the lawful basis, and the compliance duty. |
| VibeBI | Processor | We only process personal data on your behalf, on your infrastructure, under your instructions. We never determine purposes of our own. |
VibeBI runs on your premises. Your warehouse credentials and LLM keys never leave your network, and personal data does not flow to VibeBI as a company. We are strictly a Processor — and in most deployments, a Processor whose software you operate yourself.
As your Processor, here is what the software does with personal data — so that you, as Controller, have sufficient information to meet your own compliance obligations:
| Processing aspect | What happens |
|---|---|
| Where | Entirely within your on-premise environment. No personal data is transmitted to VibeBI-operated servers. |
| What | Whatever warehouse fields you expose. VibeBI reads them read-only to build semantics, models, and reports. |
| Why | Only to deliver the analytics functions you instruct — profiling, modeling, querying, reporting. |
| Access control | Every field is tagged with a data domain and classification level. Reports inherit entitlements from the data they touch; access cannot be widened by sharing. |
| Sub-processors | LLM inference runs through your configured gateway. If you route to an external model provider, that provider becomes a sub-processor you select and govern. |
| Retention | Determined by you. Report artifacts and audit logs live in your control-plane storage; you set retention and deletion. |
| Audit | Login, access, share, view, deny, and admin-change events are logged so you can produce an access-grant matrix for compliance review. |
Personal-data obligations vary by jurisdiction. VibeBI's Processor posture is designed to support your Controller duties under each major framework. This is informational, not legal advice — confirm specifics with your own counsel.
The same Processor / entrusted-party posture and on-premise model are intended to support comparable frameworks (e.g. UK GDPR, Brazil LGPD, Canada PIPEDA). Where a framework requires a specific agreement, VibeBI's terms can be supplemented by a jurisdiction-appropriate data processing addendum.
Questions about licensing, restrictions, or data processing? Reach us through the feedback form and select Contact / other. For a formal data processing agreement appropriate to your jurisdiction, note your framework in the message.
