LinkLoop
Privacy Policy — VibeCMD LLC
Last updated: March 2026
Your profile and circle data is stored securely on our servers and never shared with third parties for advertising or sold in any form.
About LinkLoop
LinkLoop is a social app that lets you share what matters with your circle. Because LinkLoop is a social network, it stores the profile and connection data necessary to provide the service.
What LinkLoop Collects
- Profile data — display name and any profile information you choose to add
- Circle data — your connections and shared content within the app
- Account credentials — to authenticate your account securely
- CGM data (if connected) — glucose readings fetched from Dexcom or your personal Nightscout instance only when you explicitly authorize it and initiate a sync. See the Dexcom Integration and Nightscout Integration sections below.
- AI-processed data (if you use AI features) — when you interact with AI-powered features, your message and relevant context are sent to Groq (our third-party AI provider) for processing. See the AI & Groq Integration section below for full details.
All data is stored on secure servers operated by VibeCMD LLC and is used solely to provide the LinkLoop service.
What We Do Not Do
- We do not sell your data to third parties under any circumstances
- No advertising SDKs — LinkLoop contains no ad networks or tracking pixels
- No behavioral profiling for advertising purposes
- No data brokers — your data is never shared with or sold to data brokers
🩺 Dexcom CGM Integration
LinkLoop offers an optional integration with Dexcom Continuous Glucose Monitors (CGMs). This feature is strictly opt-in and follows the authorization and consent flow described below. No glucose data is ever accessed without your explicit approval.
Authorization & Consent Flow
The user must actively tap "Connect Dexcom" on the CGM screen. Nothing is connected automatically. No data is fetched until this action is taken.
Tapping "Connect Dexcom" opens Dexcom's official OAuth login page in the system browser (https://api.dexcom.com/v3/oauth2/login). The user logs in with their own Dexcom credentials and explicitly approves the requested scope on Dexcom's own interface. LinkLoop never sees your Dexcom password.
After approval, Dexcom redirects to the LinkLoop server callback. Access and refresh tokens are stored only on our server. They are never sent to or stored in the mobile app.
Data is only pulled from Dexcom when you tap "Sync Now". There is no background polling or automatic data retrieval without your action.
You can tap "Disconnect Dexcom" at any time in the app. This immediately nulls all stored tokens server-side and marks the connection as inactive. You can also revoke access directly through your Dexcom account at dexcom.com.
Medical Disclaimer: LinkLoop is not a medical device and is not intended to replace clinical care, professional medical advice, or your Dexcom app. CGM data displayed in LinkLoop is for informational and support purposes only. Always rely on your primary Dexcom device and consult your healthcare provider for medical decisions.
🌐 Nightscout Integration
LinkLoop offers an optional integration with Nightscout, the open-source DIY CGM data platform used widely across the T1D community. Nightscout is self-hosted by you — LinkLoop simply reads from your own Nightscout instance with your permission. LinkLoop does not host, control, or have access to your Nightscout server.
How It Works
On the CGM screen, you enter the URL of your own Nightscout instance (e.g. https://yoursite.ns.10be.de). LinkLoop does not know or store this URL until you deliberately enter it.
Access is authenticated using a read-only API token that you generate from your own Nightscout admin panel. LinkLoop stores this token server-side and only uses it to read glucose data — it never uses it to write, modify, or delete any records on your Nightscout instance.
Just like Dexcom, Nightscout data is only fetched when you tap "Sync Now". There is no background polling or automatic retrieval without your action.
Tapping "Disconnect Nightscout" immediately removes your stored URL and API token from our server. Revoking or rotating the token in your own Nightscout admin panel also immediately cuts off LinkLoop's access.
Note: Nightscout is a third-party open-source project not affiliated with VibeCMD or LinkLoop. You are solely responsible for the security and configuration of your own Nightscout instance. LinkLoop is not a medical device. CGM data displayed is for informational and family support purposes only.
🤖 AI & Third-Party AI Service (Groq)
LinkLoop includes optional AI-powered features to help users understand glucose trends and get contextual support. These features are powered by Groq (groq.com), a third-party AI inference provider. AI features are entirely optional and no data is ever sent to Groq without your explicit action.
What Data Is Sent to Groq
- Your message/prompt — the text you type when interacting with AI features
- Glucose context (if connected) — recent glucose values and trends may be included as context to provide relevant AI responses, only when you have an active CGM connection and use AI features
- Conversation context — prior messages in the current AI conversation to maintain continuity
What is NOT sent to Groq: your email address, password, Dexcom/Nightscout tokens, Care Circle member data, profile information, or any account identifiers.
Who Receives This Data
AI requests are sent to Groq, Inc. via their API (api.groq.com). Groq processes the request and returns a response. According to Groq's data policy:
- Groq does not use API input/output data to train or improve their models
- Groq does not store prompts or completions beyond what is needed to process the request
- Data is transmitted over encrypted HTTPS connections
Groq's privacy policy: groq.com/privacy-policy
User Consent & Control
AI features are not active by default. You must explicitly initiate an AI interaction (e.g., tapping an AI chat feature or sending an AI prompt). No data is sent to Groq unless you take this deliberate action.
Before your first AI interaction, LinkLoop displays a clear notice explaining that your message and relevant context will be sent to Groq, a third-party AI service, for processing. You must acknowledge this disclosure to proceed.
Data is only sent to Groq when you actively send a message in an AI conversation. There is no background processing, no passive data collection, and no automatic AI analysis of your data.
Simply stop using AI features and no further data will be sent to Groq. There is no ongoing data sharing — it only occurs at the moment you send a message.
Important: AI responses are generated by a machine learning model and should not be treated as medical advice. Always consult your healthcare provider for medical decisions. LinkLoop's AI features are for informational and convenience purposes only.
🔧 Technical Details
Expand any section below for a deeper look at how LinkLoop is built and how your data is handled.
01 Technical Architecture
| Layer | Technology |
|---|---|
| Mobile App | React Native / Expo — iOS (iPhone only) |
| Backend | Node.js / Express — hosted on Render.com (US region) |
| Database | MongoDB Atlas (US region, encrypted at rest) |
| Transport | HTTPS / TLS enforced on all endpoints — no HTTP fallback |
| App Auth | JWT tokens (short-lived, validated server-side) |
| Dexcom Auth | OAuth 2.0 Authorization Code flow — server-side only |
| AI Processing | Groq API (groq.com) — server-side only, user-initiated |
The mobile app communicates only with LinkLoop's own backend. It never contacts Dexcom's API directly.
02 How We Use the Dexcom API
| Parameter | Value |
|---|---|
| Endpoint | GET /v3/users/self/egvs (Estimated Glucose Values only) |
| Auth Method | OAuth 2.0 — Authorization Code flow |
| Scope | offline_access |
| Token Storage | Server-side only — never stored in or sent to the mobile app |
| Sync Model | User-initiated ("Sync Now") — no background polling |
| Data Stored | Glucose value (mg/dL), trend direction, trend arrow, timestamp |
| Not Stored | Dexcom username/password, device serial number, raw Dexcom user ID |
| Other Endpoints | None — calibrations, devices, events not accessed |
03 Data Storage & Retention
What is stored in LinkLoop's database (MongoDB Atlas):
| Data | Location | Retention |
|---|---|---|
| Dexcom access_token | Server DB only | Until disconnect or account deletion |
| Dexcom refresh_token | Server DB only | Until disconnect or account deletion |
| Glucose readings (value, trend, timestamp) | Server DB | While account is active |
| User account (name, email) | Server DB | While account is active |
| Care Circle memberships | Server DB | While account is active |
What is never stored:
- ✗Dexcom username or password
- ✗Dexcom device serial numbers
- ✗Raw Dexcom internal user IDs
- ✗Any data not directly needed to display glucose to the user
- ✗Advertising identifiers, behavioral data, or analytics profiles
04 Security Controls
- ✅All traffic — HTTPS / TLS 1.2+ enforced, no HTTP fallback
- ✅App authentication — JWT tokens, short-lived, validated server-side
- ✅Dexcom tokens — stored server-side only, never transmitted to app
- ✅Database — MongoDB Atlas with access controls and encryption at rest
- ✅Server hosting — Render.com managed infrastructure (automatic security patches)
- ✅Auto token refresh — silent, 5 min before expiry, no user interruption
- ✅Disconnect — full token wipe on user request, takes effect immediately
- ✅Care Circle members — read-only access to data the Warrior explicitly shares
05 Care Circle Sharing Model
The T1D "Warrior" controls their Care Circle completely. They generate a private invite code and choose who to admit. Care Circle members can view glucose data but have strictly limited access.
Members CAN:
- ✅View the Warrior's current glucose value and trend
- ✅See recent glucose history
Members CANNOT:
- ✗Modify or delete glucose data
- ✗Access the Warrior's Dexcom tokens or credentials
- ✗Share the Warrior's data further outside the app
- ✗Add or remove other Circle members
The Warrior can remove any Circle member at any time. Removed members immediately lose access.
🛡️ Privacy Program Statement
VibeCMD LLC maintains the following active privacy practices for LinkLoop:
Publicly posted at vibecmd.net/privacy/linkloop. Covers data collection, use, storage, deletion, security, and user rights. Last updated February 2026.
Users may request full account and data deletion at any time by emailing vibetech@vibecmd.net. All data is permanently deleted within 30 days.
LinkLoop does not sell, share, or monetize user data in any form. No advertising SDKs, no tracking pixels, no data brokers.
LinkLoop uses Groq as a third-party AI provider for optional AI features. Users are informed what data is sent, who it is sent to, and must acknowledge this before first use. See the AI & Groq section above.
All data in transit is encrypted via TLS/HTTPS. No unencrypted data transmission.
Privacy inquiries handled directly by the owner of VibeCMD LLC at vibetech@vibecmd.net.
Not yet formally established:
- Formally designated Privacy Officer / DPO title
- HIPAA NPP (not currently operating as a covered entity)
- ISO 27001 / SOC 2 certifications
- Formal written record retention schedule
LinkLoop is a pre-launch application. These formal program elements are on the roadmap as the user base grows.
Deleting Your Account & Data
You can delete your account and all associated data at any time by contacting us at vibetech@vibecmd.net with the subject line "Delete my LinkLoop account". We will permanently delete your account and all associated data within 30 days.
Data Security
All data is transmitted over HTTPS/TLS. Stored data is protected using industry-standard security practices on servers hosted by Render. In the event of a breach that affects your personal data, we will notify you promptly.
Changes to This Policy
If this policy changes materially, we will notify users in-app and update this page with a new revision date.
Contact
Questions about this policy, your data, or the Dexcom integration:
VibeCMD LLC
Email: vibetech@vibecmd.net
Web: vibecmd.net/contact