Skip to content
uux

Privacy Policy

Last updated: June 22, 2026

UUX.co (“we”, “our”, or “us”) operates this website to describe and sell our unlimited UX design subscription service. This Privacy Policy explains what information we collect when you visit uux.co, why we collect it, how we use it, and the choices you have. We keep data practices minimal by design: we are a design service, not an ad network. If you have a question that this document does not answer, reach us at [email protected].

1. Introduction & Scope

This policy applies to all pages under the uux.co domain, including the marketing site, blog, and any embedded forms. It does not govern the practices of third-party websites we link to — once you leave uux.co, their own privacy policies apply. By using this site you acknowledge you have read and understood this policy.

We operate under the legal entity behind the DEV.co brand portfolio. Our registered contact for privacy matters is [email protected].

2. Data We Collect

We collect two categories of data:

Information you provide directly

  • Contact form submissions — name, email address, company name, website URL, and the message body you write.
  • Booking inquiries — any additional details you include when requesting a UX Fit Call (project scope, timeline, etc.).

Data collected automatically

  • Usage data — pages visited, referral source, approximate geographic region (country/city level), browser type, and device category. This data is aggregated and not tied to an individual identity.
  • Cookies — a small number of essential and analytics cookies as described in Section 5 below.

We do not collect payment card numbers, government-issued ID, or sensitive personal categories (health, race, political views, etc.).

3. Contact Forms

When you submit a contact or inquiry form on uux.co, the data you enter (name, email, company, website, message) is transmitted via our email delivery processor (Resend — see Section 7) to an internal inbox managed by the UUX.co team. We use this information solely to respond to your inquiry and, if you proceed to become a client, to provide the design service you requested.

We do not add form submitters to marketing lists without explicit opt-in, and we do not sell or share contact details with third-party marketers. You may request deletion of your submission data at any time by contacting [email protected].

4. Analytics

We use privacy-respecting, aggregate web analytics to understand which pages are most useful and how visitors navigate the site. Analytics data is collected at the session level and does not build individual behavioral profiles. IP addresses are truncated or anonymised before storage, and no cross-site tracking occurs.

The aggregate metrics we review include page views, traffic sources, approximate visitor location (country), browser/device distribution, and average time on page. This data informs content and UX improvements to the site.

5. Cookies

We use a minimal set of cookies. There are no advertising, retargeting, or cross-site tracking cookies on this domain. The cookies we set fall into two categories:

  • Strictly necessary cookies — session identifiers required for the site to function correctly (e.g., form anti-CSRF tokens). These cannot be disabled without breaking site features.
  • Analytics cookies— a first-party or privacy-first analytics cookie that stores an anonymised session identifier to distinguish unique visits. No personal data is stored in this cookie. You can opt out by enabling “Do Not Track” in your browser or by blocking cookies for this domain.

We do not use Google Analytics, Meta Pixel, or other surveillance-advertising trackers on this site.

6. Storyblok Content Delivery

Blog articles and content pages on uux.co are delivered through Storyblok, a headless CMS platform. When your browser loads a page whose content is sourced from Storyblok, asset files (images, fonts) may be served from Storyblok's CDN infrastructure. Storyblok acts as a data processor on our behalf and is contractually bound to handle content data in accordance with GDPR and applicable data protection law.

The Storyblok CDN does not place tracking cookies on end users and does not receive personally identifiable information beyond standard HTTP request metadata (IP address, browser agent) that any CDN receives to route traffic. Storyblok's own privacy policy is available at storyblok.com/privacy-policy.

7. Email Handling (Resend)

Contact form submissions are routed to our team via Resend, a transactional email delivery service. When you submit a form, the field values (name, email, company, message) are transmitted to Resend's API to construct and send the notification email. Resend processes this data as a data processor on our behalf.

Resend retains email logs for a limited period for delivery tracking and debugging purposes. We do not use Resend to send unsolicited marketing email. Resend's privacy policy is available at resend.com/legal/privacy-policy.

8. Third-Party Processors

The following third-party sub-processors handle data on our behalf. Each is engaged under a data processing agreement and may not use your data for their own commercial purposes:

  • Storyblok GmbH (Austria) — headless CMS and CDN for blog and content pages.
  • Resend, Inc. (USA) — transactional email delivery for contact form notifications.
  • Hetzner Online GmbH (Germany) — cloud hosting and server infrastructure for the production application.
  • Cloudflare, Inc.(USA) — DNS, DDoS mitigation, and edge network. Standard HTTP request metadata passes through Cloudflare's network.

We do not share your data with advertising networks, data brokers, or any other parties not listed above.

9. Data Security

All data in transit is encrypted using TLS 1.2 or higher. Our hosting infrastructure (Hetzner) is located in ISO 27001-certified data centres. Access to production systems is limited to authorised team members and protected by SSH key authentication and multi-factor authentication on management interfaces.

Despite these measures, no system connected to the internet can guarantee absolute security. In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected individuals and relevant supervisory authorities within 72 hours of becoming aware of the breach, as required by applicable law.

10. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you.
  • Correction — ask us to correct inaccurate or incomplete data.
  • Deletion— request erasure of your personal data where we have no lawful basis for continued retention (“right to be forgotten”).
  • Restriction — ask us to stop actively processing your data while a dispute is resolved.
  • Portability — receive your data in a structured, machine-readable format.
  • Objection — object to processing based on legitimate interests.
  • Withdraw consent — where processing is based on consent, withdraw it at any time without affecting prior processing.

To exercise any of these rights, email [email protected] with the subject line “Privacy Request”. We will respond within 30 days. We may ask you to verify your identity before fulfilling a request. There is no fee for reasonable requests.

11. Data Retention

We retain contact form submissions for as long as the associated client relationship is active, plus a reasonable period thereafter for legitimate business purposes (e.g., resolving disputes, honouring contractual commitments). Once that period has passed, form data is deleted from our primary systems and from Resend's logs.

Anonymised, aggregate analytics data may be retained indefinitely as it contains no personal identifiers. You may request deletion of any personally identifiable submission data at any time (see Section 10).

12. Children's Privacy

UUX.co is a B2B design service directed exclusively at business owners, founders, and product teams. We do not knowingly collect personal data from individuals under the age of 16. If you believe we have inadvertently collected data from a minor, please contact [email protected] and we will delete it promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or site functionality. When we make material changes we will update the “Last updated” date at the top of this page. We encourage you to review this page periodically. Continued use of uux.co after a policy update constitutes acceptance of the revised terms.

14. Contact

For privacy-related inquiries, data subject requests, or concerns about how we handle your information, contact us at:

Related policies: Terms of Service · Contact Us