Privacy Policy

Last Updated: 23 November 2025

Company: UX PALS LTD

Registered Office: 71–75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom

Company Number: 16371006

Trading Name: UX Pals

Website: ux-pals.com

Contact Email: hello@ux-pals.com

Jurisdiction: England & Wales

1. Introduction

This Privacy Policy explains how UX PALS LTD (“we”, “us”, “our”) collects, uses, discloses, and protects personal data when you access or use our website, purchase digital products, or interact with our services. We comply with the UK GDPR, the Data Protection Act 2018, the EU GDPR (where applicable), and other global privacy regulations.

We are the Data Controller for all personal data processed through our website unless otherwise stated. By using this website, you acknowledge that you have read and understood this Privacy Policy.

2. Data We Collect

We collect only the data required to operate our website, deliver digital products, process payments, and send marketing communications when permitted.

2.1 Data You Provide Directly

  • Email address (e.g., when subscribing to our newsletter or receiving digital products)
  • Billing information (processed by Stripe; we do not store full card numbers)
  • Information you provide when contacting us (e.g., support inquiries)

2.2 Data Collected Automatically

  • IP address
  • Device information and browser type
  • Cookies (essential and analytics)
  • Website usage data
  • Referrer URLs
  • Time spent on pages and interactions with content

2.3 Data from Third Parties

We receive limited personal data from:

  • Stripe Payments (payment confirmation, transaction ID, country, last 4 digits of card)
  • Google Analytics (aggregated usage data; no identifiable user profiles)
  • Kit (formerly ConvertKit) (your email address if you opt in)

We do not purchase data from external providers.

3. Legal Basis for Processing

  • Contract Performance: To provide digital goods you purchased.
  • Legitimate Interests: For website operation, fraud prevention, analytics, product improvement.
  • Consent: For email marketing (when you voluntarily subscribe) and for non-essential cookies.
  • Legal Obligations: For tax, accounting, and regulatory compliance.

4. How We Use Personal Data

  1. To deliver digital products and confirm purchases
  2. To process payments via Stripe
  3. To manage email marketing communications
  4. To provide customer support
  5. To understand website usage and improve user experience
  6. To comply with legal and regulatory obligations
  7. To prevent and detect fraud or misuse of our services

We do not use your data to make automated decisions with legal or significant effects.

5. Sharing of Personal Data

We do not sell or share personal data with third parties for advertising or resale. We disclose data only to trusted processors necessary for operating our business:

5.1 Payment Processing — Stripe Payments

  • Processes payment information
  • Stores billing details and transaction identifiers
  • Complies with PCI-DSS
  • Privacy Policy: see Stripe’s website for details

5.2 Analytics — Google Analytics

  • Collects aggregated usage data and traffic patterns
  • Uses cookies and similar technologies
  • Data may be processed outside the UK/EU under SCCs or equivalent safeguards

5.3 Email Marketing — Kit (ConvertKit)

  • Stores email addresses you voluntarily submit
  • Sends newsletters and product updates
  • Includes unsubscribe options in every message

5.4 Hosting & Infrastructure

  • Vercel (website hosting)
  • Namecheap (domain services)

These service providers act as Data Processors and only process data according to our instructions.

6. International Data Transfers

Some providers (e.g., Google, Stripe, Kit) may process data outside the UK or EU. Where this occurs, transfers are protected by UK IDTAs, Standard Contractual Clauses (SCCs), and/or relevant adequacy decisions. We ensure all transfers meet UK GDPR requirements.

7. Data Retention

  • Email addresses: Until you unsubscribe
  • Purchase records: Up to 6 years for tax and accounting compliance
  • Analytics data: Per Google Analytics retention settings
  • Support communication: Up to 12 months or until resolved

When data is no longer required, it is securely deleted or anonymised.

8. Your Rights

Under the UK GDPR and EU GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate information
  • Request deletion (“right to be forgotten”)
  • Restrict processing
  • Object to processing based on legitimate interests
  • Withdraw consent at any time (for marketing and cookies)
  • Data portability (receive your data in a structured format)
  • Lodge a complaint with the UK Information Commissioner’s Office (ICO)

To exercise any rights, contact hello@ux-pals.com.

9. Children’s Privacy

Our website and products are not intended for individuals under the age of 18. We do not knowingly collect data from minors.

10. Security Measures

We implement reasonable technical and organisational measures to protect personal data, including HTTPS encryption, access controls, encrypted payment processing via Stripe, regular security updates on hosted infrastructure, and limited access on a need-to-know basis. However, no online transmission is entirely secure, and we cannot guarantee absolute security.

11. Links to External Websites

Our website may contain links to third-party websites. We are not responsible for their content or privacy practices. Please review their policies before providing personal data.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. All changes will be posted on this page with an updated “Last Updated” date. Your continued use of the website constitutes acceptance of the revised policy.

13. Contact Information

UX PALS LTD
Registered Office: 71–75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom