Vibecoders Institute

Est. 2025 · Independent Certification Authority

Privacy Policy

Effective Date: November 24, 2025 Last Updated: November 26, 2025

The Vibecoders Institute ("The Institute," "we," "us") is committed to protecting the confidentiality of applicants while maintaining the integrity of our certification process. This document outlines how we collect, process, and retain data submitted for the purpose of professional assessment.

1. Information We Collect

To conduct the manual assessment described in our Assessment Protocol, we collect two distinct categories of data:

A. Identity Data (Registry Information)

• Full Name
• Email Address
• Professional Designation (if applicable)

B. Examination Artifacts (Assessment Data)

• Raw Logs: JSON/TXT/MD exports of interaction histories with AI agents (e.g., Claude, Cursor, Replit).
• Visual Evidence: Screen recordings/video captures of development sessions.
• Contextual Statements: Textual descriptions of the "Architectural Context" and "Intervention Strategy."

2. Purpose of Data Processing

We process your data solely for the following purposes:

1. Verification: To confirm the identity of the applicant.
2. Assessment: To allow the Examination Board to manually review artifacts against the Competence, Fluency, and Mastery standards.
3. Consensus Resolution: To facilitate structured dialogue between examiners in cases of diverging scores (as defined in our Consensus Model).
4. Certification: To maintain a permanent Registry of certified practitioners.

We do not sell, rent, or trade applicant data to third parties.

3. The "Human-Only" Review & Data Privacy

Unlike automated platforms, The Institute employs a Human-Only Evaluation Standard.

• Disclosure: By submitting artifacts, you acknowledge that your logs and videos will be viewed by at least two (2) human examiners.
• Confidentiality: All examiners are bound by strict Non-Disclosure Agreements (NDAs) regarding the content of submissions.
• No AI Training: The Institute does not use your submitted artifacts to train, fine-tune, or improve public Artificial Intelligence models.

4. Applicant Responsibilities (Anonymization & Secrets)

While The Institute employs a Blind Review process to separate your Identity Data from your Artifacts, the content of the Artifacts is the sole responsibility of the applicant.

You are responsible for sanitizing your logs and videos prior to upload. The Institute is not responsible for any sensitive data voluntarily uploaded within your artifacts, including but not limited to:

• API Keys or Secrets
• Proprietary Corporate Code
• Hardcoded Passwords
• Personally Identifiable Information (PII) embedded in code comments or file paths.

If an artifact is found to contain compromised credentials (e.g., active AWS keys), the submission will be immediately rejected and deleted for security reasons.

5. Data Retention Policy

A. For Certified Applicants

• Identity Data: Retained indefinitely to maintain the validity of the Certificate in the public/private Registry.
• Artifacts: Retained for a period of 24 months for audit and dispute resolution purposes, after which they are permanently deleted.

B. For Rejected Applicants

• Identity Data & Artifacts: Retained for 90 days to allow for the appeals process. After this period, all data is permanently deleted from our servers.

6. Data Security

We employ industry-standard encryption (TLS/SSL) for data in transit and at rest. Access to Examination Artifacts is restricted strictly to active members of the Examination Board on a need-to-know basis.

7. Your Rights

Under applicable data protection laws (GDPR/CCPA), you have the right to:

• Request a copy of the personal data we hold about you.
• Request the deletion of your data (Withdrawal of Application). Note: Deletion of data results in the immediate revocation of any active Certification.

8. Contact

For inquiries regarding data privacy or to request data deletion, please contact the Registrar: [email protected]

Home