theuxbites

Privacy Policy

Last updated: November 11, 2025

1. Introduction

theuxbites ("we", "our", or "us") is committed to protecting your data. This Privacy Policy ("Policy") informs you about how we collect, use, store, and protect your personal data when you use theuxbites services.

This Policy has been prepared in compliance with the European Union's General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable data protection laws.

2. Data Controller

Data Controller: DRLX Ltd
'theuxbites' is a trading name of DRLX Ltd ('we', 'our' or 'us'), a limited company registered in England and Wales under company number 14243681
Registered Office: 128 City Road, London, United Kingdom, EC1V 2NX
Email: hello@theuxbites.com
Website: theuxbites.com

3. What Data Do We Collect?

3.1. Registration Data

  • Email address
  • Password (stored in encrypted form)
  • Name (optional)

3.2. Usage Data

  • IP address
  • Browser type and version
  • Operating system
  • Referrer URL
  • Visit timestamps and duration
  • Actions performed on the site

3.3. Audit Data

  • URLs of audited websites
  • Audit results and reports
  • Audit history

3.4. Payment Data

Payment data (credit card number, expiration date, etc.) is processed directly through the Stripe payment platform. We do not store or have access to full credit card details.

  • Stripe Customer ID
  • Subscription status
  • Billing information (name, address, if provided)
  • Payment history

4. How Do We Use Your Data?

We use your data for the following purposes:

  • Service Provision: Account creation and management, website analysis execution
  • Payment Processing: Subscription management and billing
  • Communication: Sending service-related notifications
  • Development: Improving our service and developing new features
  • Security: Fraud prevention and security issue detection
  • Legal Obligations: Compliance with legal requirements
  • Analytics: Website usage analysis using Vercel Analytics to understand how visitors interact with our service

5. Legal Basis

Under GDPR, the legal basis for data processing is:

  • Consent: With your consent (e.g., for marketing cookies)
  • Contract Performance: Data necessary for providing our service
  • Legal Obligation: Compliance with legal requirements
  • Legitimate Interest: Ensuring security and development of our service

6. Data Storage and Security

6.1. Data Storage

Data is stored through the Supabase platform, which uses PostgreSQL databases and operates in data centers located in the European Union.

6.2. Security Measures

To protect data, we implement the following measures:

  • SSL/TLS encryption for all data transmission
  • Password storage using bcrypt hashing
  • Regular security audits and updates
  • Restricted access to data
  • Regular data backups

6.3. Data Sharing

We share data with third parties only in the following cases:

  • Stripe: For payment processing
  • Supabase: For data storage and authentication
  • Vercel: For website hosting and analytics (Vercel Analytics)
  • Service Providers: With trusted partners necessary for operating our service
  • Legal Obligation: When required by law

7. Cookies and Similar Technologies

Our website uses cookies and similar technologies. For detailed information, please see our Cookie Settings page.

7.1. Cookie Types

  • Essential Cookies: Necessary for website operation
  • Analytics Cookies: For analyzing website usage (only with consent)
  • Marketing Cookies: For personalized advertising (only with consent)

7.2. Analytics Services

We use Vercel Analytics to collect anonymous usage statistics, including page views, unique visitors, and general website traffic patterns. Vercel Analytics is privacy-friendly and GDPR compliant, and does not use cookies or collect personally identifiable information.

We only use Analytics and Marketing cookies after your explicit consent.

8. Your Rights

You have the following rights regarding your data:

8.1. Right of Access

You may request information about what personal data we process.

8.2. Right to Rectification

You may request correction of inaccurate data.

8.3. Right to Erasure ("Right to be Forgotten")

Under certain conditions, you may request deletion of your personal data. Note: If you have a subscription, you must cancel it first.

8.4. Right to Restriction of Processing

You may restrict processing of your data under certain circumstances.

8.5. Right to Data Portability

You may request your data in a structured, commonly used format.

8.6. Right to Object

You may object to processing of your data under certain circumstances.

8.7. Right to Withdraw Consent

You may withdraw your consent to data processing at any time if consent was the legal basis for processing.

To exercise your rights, please contact us at hello@theuxbites.com.

9. Data Retention

We retain data only for as long as necessary:

  • Active Account: While your account is active
  • Deleted Account: 30 days after deletion (for restoration purposes)
  • Payment Data: According to Stripe's data retention policy
  • Audit Data: Depending on subscription tier (30 days - 1 year)
  • Legal Obligation: When required by law

10. International Data Transfers

Data is stored in data centers located in the European Union. If we transfer data outside the EU, we ensure appropriate protective measures are in place (e.g., Standard Contractual Clauses).

11. Children's Privacy

Our service is not intended for children under 16 years of age. If we become aware that we have collected data from a child under 16, we will immediately delete such data.

12. Changes to This Policy

We reserve the right to modify this Policy at any time. We will notify you by email of significant changes. Continued use of the Service after publication of changes constitutes acceptance of the modified Policy.

13. Right to Complain

If you believe we have violated your data protection rights, you may file a complaint with the competent data protection authority:

  • United Kingdom: Information Commissioner's Office (ICO)
  • EU: The data protection authority of your member state

14. Contact

If you have questions about this Privacy Policy or data processing, please contact us:

DRLX Ltd
Trading as: theuxbites
128 City Road
London, EC1V 2NX
United Kingdom
Email: hello@theuxbites.com
Website: theuxbites.com