VibeKey processes requests you send to the API gateway (model choice, messages, and metadata such as latency and token counts). We do not store raw prompts in the MVP by default. Customer API keys are stored only as secure hashes with short prefixes.
Authentication uses Supabase. Refer to Supabase and your deployment host for their privacy practices. Contact the operator of your VibeKey deployment for data retention questions specific to your instance.