vBrief Demo - Privacy & Local Storage Notice

Last updated: 05/12/2025

This notice explains how vBrief Ltd (“vBrief”, “we”, “us”) handles personal information in connection with the vBrief interactive demo (the “Demo”).

It does not apply to:

  • our main website at vbrief.ai; or

  • our production vBrief platform or any paid / trial service.

For those, please see the separate Privacy Policy available on vbrief.ai.

1. Who we are and how to contact us

  • Controller: vBrief Ltd

  • Registered office: 128 City Road, London EC1V 2NX, United Kingdom

  • Company number: 16079850 (registered in England and Wales)

  • Email for privacy queries: info@vbrief.ai

We do not currently appoint a Data Protection Officer, but you can contact our privacy lead using the email above.

2. What the Demo is, and what it is not

The Demo is a simulation of the vBrief software using placeholder data and dummy accounts.

It is provided solely so that invited organisations can evaluate the look and feel of our software and understand its potential workflows.

The Demo is not designed for:

  • storing or processing real project data;

  • storing or processing personal data (including your staff or your clients);

  • use in live projects, client deliverables or legal/compliance workflows.

3. What information is processed in the Demo

The Demo is intentionally engineered to avoid personal data. In normal use we process:

  • Simulated project data: placeholder texts, dummy accounts and other fictional items that we provide with the Demo.

  • Device-side state: information such as your current step in the workflow, in-demo settings and any test changes you make to the simulated data. This is stored only in your browser’s local storage on that device.

  • Technical logs (hosting/CDN): our hosting and security providers may log your IP address, browser type, pages requested and timestamps for security, availability and fraud prevention purposes.

The Demo does not include any analytics, marketing tracking, or third-party advertising cookies.

4. Situations where personal data might be processed

The Demo is not intended to process personal data. However, personal data may be processed if you choose to use it in a way that we explicitly discourage, for example by:

  • replacing a simulated requirement, user, or project item with information that identifies a real person; or

  • pasting content from a live project that includes client, employee or other personal details.

If you do this, we may process personal data in the following limited ways:

  1. Within your browser: the text you enter is stored in your browser’s local storage so that the Demo can function.

  2. Via the AI API: when you trigger AI-assisted features, the Demo sends the relevant simulated content (and any personal data you have inserted) to our AI provider’s API to generate outputs, then displays the responses back in your browser.

  3. Hosting logs: your IP address and request metadata may appear in our hosting/security logs as described above.

We cannot reliably distinguish dummy data from real data; we therefore treat any such information as personal data and protect it accordingly.

5. Our purposes and lawful bases

When personal data is processed as described in section 4, we rely on:

Purpose: Allowing invited organisations to evaluate the vBrief product through the Demo.

  • Lawful basis: Legitimate interests (UK GDPR article 6(1)(f)) – it is in our legitimate interests, and yours, to provide a realistic evaluation environment while keeping processing minimal and fully under your control.

Purpose: Keeping the Demo secure and reliable (including preventing abuse and diagnosing technical issues).

  • Lawful basis: Legitimate interests – it is in our legitimate interests to protect our systems and services from misuse and security threats.

We do not use personal data from the Demo for:

  • marketing or profiling;

  • training our own or any third-party machine-learning models; or

  • automated decision-making that produces legal or similarly significant effects.

6. Where personal data comes from

  • Directly from you, if you choose to type or paste personal data into the Demo contrary to our instructions; and

  • Indirectly from your device (IP address and technical data) via our hosting and security providers.

7. Where personal data goes: processors and transfers

We use carefully selected service providers acting as our processors for this Demo. These fall into the following categories:

  • AI model provider:

    • We use a third-party AI provider accessed via an API to generate suggested text and other AI-assisted outputs. The provider processes the simulated demo content on our behalf and under our instructions; this would include any personal information if you were to enter it (even though we ask you not to). According to their published documentation, content sent via the API is not used to train their models by default, but may be retained for a limited period to provide the services, detect abuse or comply with legal obligations.

  • Hosting and security providers:

    • These serve the Demo assets and maintain network and application security. This involves processing IP addresses, request metadata and basic logs on our behalf.

These providers may process data on servers outside the UK, including in the European Economic Area and the United States. Where personal data is transferred outside the UK, we rely on appropriate safeguards under UK data protection law (for example, standard contractual clauses or adequacy decisions), as set out in our contracts with these providers.

8. How long data is kept

For the Demo we aim to minimise retention:

  • In your browser’s local storage: data persists only on your device until you clear it or until the Demo is reset. You can usually clear this via your browser’s settings (“clear site data” or equivalent).

  • OpenAI API: we rely on OpenAI’s published retention periods and safeguards.

  • Hosting / security logs: we instruct our providers to retain logs for no longer than 30 days, unless they need a longer period to investigate security incidents or comply with legal obligations.

We do not copy Demo content into our own application databases or long-term backups.

9. Your data protection rights

If personal data relating to you is processed via the Demo, you may have the usual rights under UK data protection law, including:

  • access to your personal data;

  • correction of inaccurate information;

  • erasure, in certain circumstances;

  • restriction of processing;

  • objection to processing based on legitimate interests; and

  • data portability, where applicable.

For data that is stored only in your browser’s local storage, we may not be able to identify or access it directly. In practice, the quickest way to delete such data is to clear your browser’s local storage for the Demo.

To exercise your rights in relation to any data we control, contact us at info@vbrief.ai.

10. Children

The Demo is intended solely for business and professional users. We do not knowingly invite or allow anyone under 18 to use the Demo.

11. How to complain

If you have concerns about how we handle personal data, you can:

  • Email us at info@vbrief.ai in the first instance; and

  • If you remain unhappy, you can complain to the UK Information Commissioner’s Office (ICO), the UK data protection regulator. Details of how to do this are available on the ICO’s website.

12. Changes to this notice

We may update this notice if our Demo or its underlying technologies change, or if the law requires us to. The “Last updated” date at the top will show when it was last revised. Significant changes will be highlighted in the Demo interface where appropriate.