← Back to Home

Privacy Policy

Last updated: January 2026

This Privacy Policy explains how Digital Vibes (David Mohl) ("we", "us", or "our") collects, uses, and protects your information when you use the ConfigMesh service.

1. Data Collection

We collect:

  • Basic account information (email, name)
  • Encrypted configuration files you choose to sync
  • File metadata (size, modification times, paths)
  • Usage statistics and performance data
  • Payment information (processed securely through Stripe)

We do NOT collect:

  • Your encryption passphrase or keys
  • Unencrypted contents of your configuration files
  • Personal information beyond what's necessary for the service
  • Data for AI model training

2. Data Usage

We use collected data for:

  • Service operation and file synchronization
  • Performance monitoring and debugging
  • Usage analytics and capacity planning
  • Billing and subscription management
  • Security monitoring and abuse prevention

We will never sell your data to third parties.

3. Zero-Knowledge Architecture

ConfigMesh uses end-to-end encryption. Your encryption passphrase never leaves your device. We store only encrypted data on our servers, which means:

  • We cannot decrypt your configuration files
  • We cannot access the contents of your files
  • Law enforcement cannot compel us to provide unencrypted data
  • Only you, with your passphrase, can decrypt your configuration files

4. Third-Party Services

We use the following third-party services:

  • Stripe: Payment processing and subscription management
  • Firebase: Authentication services
  • Cloud infrastructure: File storage and delivery

Each service has its own privacy policy and data handling practices.

5. Data Storage & Security

  • All data is encrypted in transit using SSL/TLS
  • All configuration files are encrypted at rest with your key
  • File versions are retained indefinitely (encrypted) unless manually deleted
  • Account data is retained until deletion is requested
  • Regular security audits and monitoring

6. Your Rights

You have the right to:

  • Access your personal data
  • Request data correction or deletion
  • Export your encrypted data
  • Delete your account and all associated data
  • File a complaint with data protection authorities

For EU residents (GDPR) and California residents (CCPA), additional rights and protections apply.

7. Children's Privacy

ConfigMesh is not directed at children under 13. We do not knowingly collect information from children under 13. If you believe we have collected such information, please contact us immediately.

8. Updates to This Policy

We may update this privacy policy periodically. We will notify you of significant changes via email or through the service. Continued use after changes constitutes acceptance of the updated policy.

9. Contact Information

For privacy-related questions or requests, contact us at: privacy@configmesh.app