Privacy Policy

SHOPPBAG LLC provides the VisionFabrik website, dashboard, and related software, automation, media, billing, and support services. This Privacy Policy applies to information processed in connection with those services unless a separate agreement states otherwise.

VisionFabrik is a service brand operated by SHOPPBAG LLC.

For website, account, billing, and support data, VisionFabrik generally acts as the controller or business responsible for deciding how the information is used. When a customer uses the service to process personal data about other people in customer content or connected channels, VisionFabrik may act as a processor or service provider on the customer's behalf under the Data Processing Addendum.

We collect information directly from you, automatically from your browser and device, from payment and infrastructure providers, and from platforms that you choose to connect to VisionFabrik.

• Account and identity data, such as name, email address, authentication method, password hash, language, timezone, role, and account settings.
• Workspace and content data, such as channel information, prompts, scripts, media assets, reusable visual references, generation history, publishing settings, support messages, and product preferences.
• Transaction and billing data, such as plan selection, subscription status, invoices, Stripe customer identifiers, Stripe subscription identifiers, and billing events. Full payment card details are collected and stored by Stripe, not by VisionFabrik.
• Integration and platform data, such as OAuth tokens, refresh tokens, scopes, expiry timestamps, connected channel identifiers, and publishing metadata for services like YouTube or TikTok when you authorize those connections.
• Device, log, and security data, such as IP address, browser type, app events, rate-limit events, audit logs, crash and abuse-prevention data, and password reset activity.
• Website, waitlist, and marketing data, such as email address, referrer, user agent, page views, cookie identifiers, and attribution data associated with landing pages, trial signups, or checkout journeys.

We use personal information to provide and improve VisionFabrik, authenticate accounts, generate and manage content workflows, process billing, detect abuse, maintain infrastructure, respond to support requests, communicate product updates, and comply with legal obligations.

Where the GDPR or UK GDPR applies, our legal bases typically include contract performance, legitimate interests, consent, and legal obligation. We rely on consent where required for non-essential cookies, advertising pixels, or similar marketing technologies.

• Contract performance: creating accounts, operating workspaces, generating outputs, storing assets, maintaining integrations, and delivering paid plan entitlements.
• Legitimate interests: service security, incident response, fraud prevention, product reliability, troubleshooting, analytics about service performance, and internal reporting about adoption and capacity.
• Consent: non-essential cookies, advertising attribution, promotional communications where required, and other optional tracking or preference choices that you control.
• Legal obligation: tax, accounting, fraud, sanctions screening, law-enforcement requests, and other duties imposed by applicable law.

VisionFabrik uses essential cookies and local storage to keep authentication, security, checkout continuity, and core product functionality working. We may also use optional analytics or advertising technologies, including TikTok Pixel, for campaign measurement and attribution.

Optional advertising or measurement technologies are intended to load only after you grant consent where such consent is required. You can review or change your preferences from the cookie banner, our Cookie Notice, or the cookie preferences control in the site footer.

We disclose information only as reasonably necessary to run VisionFabrik, complete transactions, comply with law, protect rights and security, or carry out instructions that you authorize through the product.

• Service providers and subprocessors that help us with infrastructure, storage, billing, email delivery, AI features, and related operations.
• Payment providers, invoicing tools, and fraud-prevention vendors involved in billing or subscription administration.
• Connected platforms and publishing partners, such as YouTube or TikTok, when you choose to connect an account or send content to those services.
• Professional advisers, auditors, insurers, or acquirers in connection with corporate transactions, financing, legal claims, or due diligence.
• Government authorities, regulators, or law enforcement when disclosure is required by law or necessary to protect VisionFabrik, our users, or the public.

VisionFabrik does not sell personal information for money. If we use advertising or attribution partners, we aim to do so only with consent where required and with user controls that allow opting out.

VisionFabrik may process information in the United States and in other countries where we or our service providers operate. Those countries may have data protection laws that differ from the laws in your home jurisdiction.

When we transfer personal data subject to the GDPR, UK GDPR, or similar regimes across borders, we use appropriate safeguards that may include contractual protections, data-processing terms, and supplementary security measures. Where required for a particular customer relationship, those safeguards are addressed in our Data Processing Addendum.

We retain information for as long as reasonably necessary to provide the service, maintain legitimate business records, resolve disputes, enforce agreements, and comply with tax, accounting, security, and legal obligations.

• Account, billing, and contract records are typically retained for the duration of the relationship and for an additional period needed for finance, compliance, and dispute-resolution purposes.
• Workspace content, generated assets, and integration records are generally retained until you delete them, close the account, or they are removed under internal lifecycle and backup processes.
• Security, audit, and abuse-prevention data may be retained longer where necessary to investigate incidents, prevent fraud, or document access and changes inside the platform.
• Waitlist and marketing records are kept until they are no longer needed for the campaign, you opt out, or applicable law requires a different outcome.

Depending on where you are located, you may have rights to request access, correction, deletion, restriction, portability, objection, or withdrawal of consent. VisionFabrik will not discriminate against you for exercising applicable privacy rights.

You can also manage certain information directly in your account, disconnect integrations, cancel subscriptions in Stripe, and request account deletion through the product. For privacy requests, contact support@visionfabrik.com.

• Access and know what personal information we hold about you and how we use it.
• Correct inaccurate or incomplete account information.
• Delete your account or request deletion of information when retention is no longer required.
• Port or receive a copy of certain data in a usable format where applicable.
• Object to or limit certain processing, including marketing uses that depend on consent or legitimate interests.
• Withdraw consent for optional cookies, marketing technologies, or similar choices at any time.
• Opt out of targeted advertising or similar sharing where such rights are available under U.S. state privacy laws.

EEA and UK users may also have the right to lodge a complaint with a supervisory authority in the country where they live, work, or believe an infringement occurred. Where VisionFabrik is legally required to appoint an EU or UK representative for a specific offering model, the applicable representative details will be published in this Policy or in the relevant customer paperwork.

California and other U.S. state privacy laws may grant additional rights, including rights to know, delete, correct, and opt out of targeted advertising or certain profiling. Cookie-based advertising controls on the website are intended to support those choices for web tracking contexts.

Australia and New Zealand users should note that VisionFabrik may disclose information overseas to providers in other jurisdictions. Privacy complaints or correction requests may be submitted to the contact listed below, and we will investigate and respond in a commercially reasonable timeframe.

VisionFabrik is intended for business, professional, and commercial creator use and is not directed to children. We do not knowingly collect personal information from children under 13, and where a higher minimum age applies under local law, we expect users to meet that standard before using the service.

We use administrative, technical, and organizational safeguards designed to protect personal information, including encryption for sensitive credentials where applicable, role-based controls, and monitoring for abuse or unauthorized access. No system can guarantee absolute security.

We may update this Privacy Policy from time to time. If we make material changes, we will revise the effective date and may provide additional notice in the product, on the website, or by email where appropriate.

SHOPPBAG LLC

7 Avenida Vista Grande Ste B7 #1312, Santa Fe, New Mexico 87508, USA

Privacy and legal inquiries: support@visionfabrik.com