Privacy Policy

Last Updated: December 27, 2025

Introduction

UX/UI Principles ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at uxuiprinciples.com and use our services. We are committed to GDPR and CCPA compliance.

Data Controller

The data controller responsible for your personal information is:

UXUI Principles, 18117 Biscayne Blvd, Suite #4080, Aventura, FL 33160, United States

For privacy inquiries: privacy@uxuiprinciples.com

Information We Collect

We collect different types of information depending on how you interact with our services:

Account Information

Email address (required for authentication via magic link)
Authentication tokens and session data

Payment Information

Email address associated with purchase
Transaction ID and purchase date

Payment processing is handled by Polar.sh. We do not store credit card numbers or banking details on our servers.

Analytics Data

Pages visited and time spent on pages
Device type, browser, and operating system
General geographic location (country/region level)
Referral source

Security Logs

IP addresses (for security monitoring)
Access timestamps

How We Use Your Information

We use your information for the following purposes:

Purpose	Legal Basis (GDPR)
Process purchases and provide access	Contract performance
Send transactional emails	Contract performance
Improve our services	Legitimate interest
Prevent fraud and abuse	Legitimate interest
Comply with legal obligations	Legal obligation

Third-Party Services

We use the following third-party services to operate our platform:

Service	Purpose	Data Shared
Supabase	Authentication & Database	Email, session data
Polar.sh	Payment Processing	Email, transaction data
Google Analytics 4	Analytics	Anonymized usage data
Cloudflare	CDN & Security	Access logs, IP addresses

Each service has its own privacy policy. We encourage you to review them.

ChatGPT App Integration

When you use UX/UI Principles through ChatGPT:

Data We Receive

Search queries you submit (e.g., "form design principles")
Design descriptions for validation
No personal information is collected or stored

Data Returned in Responses

Principle names, categories, and definitions from our curated catalog
Source citations and references
Responses contain only educational content — no user identifiers, no session data, no telemetry, and no timestamps are included

Session Management

An ephemeral transport session ID (UUID) is generated for each connection to manage the communication protocol
Session IDs expire automatically after 30 minutes of inactivity
Session IDs are not linked to your identity, OpenAI account, or any personal information
No session data is persisted to disk or shared with third parties

Data We Do NOT Collect

Your ChatGPT conversation history
Your OpenAI account information
Any persistent user identifiers
Analytics, telemetry, or usage tracking data

Processing

Queries are processed in real-time to return relevant principles
No query data is logged or stored after the response is sent
All communication occurs via OpenAI's secure infrastructure
No internal identifiers or server metadata are exposed in responses

OpenAI (ChatGPT) governs the ChatGPT platform. See OpenAI's privacy policy for more information.

Data Retention

We retain your data for the following periods:

Data Type	Retention Period
Account data	Until account deletion request
Purchase records	7 years (legal requirement)
Analytics data	26 months
Security logs	90 days

Your Rights (GDPR - EU Users)

If you are located in the European Economic Area, you have the following rights:

Right of Access: Request a copy of your personal data
Right to Rectification: Request correction of inaccurate data
Right to Erasure: Request deletion of your data
Right to Restriction: Request limited processing of your data
Right to Portability: Request your data in a machine-readable format
Right to Object: Object to processing based on legitimate interests

To exercise these rights, contact us at privacy@uxuiprinciples.com

California Privacy Rights (CCPA)

If you are a California resident, you have the following rights:

Right to Know: What personal information we collect and how it's used
Right to Delete: Request deletion of your personal information
Right to Opt-Out: Opt-out of the sale of personal information
Right to Non-Discrimination: Equal service regardless of exercising privacy rights

We do not sell your personal information. We have not sold personal information in the preceding 12 months.

International Data Transfers

Your data may be transferred to and processed in the United States. For EU users, we ensure appropriate safeguards are in place, including Standard Contractual Clauses with our service providers.

Data Security

We implement industry-standard security measures to protect your data:

TLS/SSL encryption for all data transmission
Secure authentication via magic links (no passwords stored)
Regular security audits and monitoring
Access controls and employee training

Children's Privacy

Our services are not directed to individuals under 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by posting the new policy on this page and updating the "Last Updated" date. Continued use of our services after changes constitutes acceptance.

Contact Us

For privacy-related questions or to exercise your rights:

UXUI Principles

18117 Biscayne Blvd, Suite #4080, Aventura, FL 33160, United States

Email: privacy@uxuiprinciples.com

Legal Information

This privacy policy is provided for informational purposes.

Jurisdiction: State of Florida, United States
Governing Law: Laws of the State of Florida
Disputes: Any disputes shall be resolved in the courts of Miami-Dade County, Florida