Legal
Privacy Policy
Last updated: April 26, 2026
UXLora is operated by Ard. This Privacy Policy explains how we collect, use, store, and protect your information when you use UXLora at uxlora.app. By using UXLora, you agree to the practices described in this policy. If you disagree with any part, please discontinue use of the service.
1. Information We Collect
Account Information
When you create an account, we collect your name, email address, and password (stored as a secure hash via Supabase Auth). If you sign in via Google OAuth, we receive your name and email from Google.
Usage Data
We collect data about how you use UXLora — including kit generation requests, screen counts, export actions, feature interactions, and session activity. This helps us improve the product and enforce subscription limits.
Generated Content
The UI kits, design systems, and screens you generate are stored in our database linked to your account. This includes the input you provided (plain text descriptions or uploaded documents) and the outputs UXLora produced.
Billing Information
Payments are processed by Lemon Squeezy. We do not store your credit card number or full payment details. We receive and store a customer ID and subscription ID from Lemon Squeezy to manage your subscription status.
Technical Data
We automatically collect IP addresses, browser type, device information, and access logs for security monitoring and abuse prevention. This data is not sold or shared with advertisers.
Referral Data
If you use or share a referral code, we store which code was used and the referral relationship between accounts to apply credits correctly.
2. How We Use Your Information
- →To create and manage your account and verify your identity.
- →To enforce subscription tier limits (generations per month).
- →To send transactional emails — account confirmation, password reset, kit completion notifications — via Resend.
- →To process payments and manage your subscription via Lemon Squeezy.
- →To apply referral credits when referral conditions are met.
- →To monitor for abuse, fraud, and security threats.
- →To improve UXLora's prompts, generation quality, and product features.
- →To communicate important service updates or changes to this policy.
We do not sell your data. We do not use your data for advertising. We do not share your personal information with third parties except as described in Section 3.
3. Third-Party Services
UXLora uses the following third-party services that may process your data:
Supabase
Database, authentication, and file storage. Your account data and generated kits are stored on Supabase infrastructure.
View their privacy policy →Lemon Squeezy
Payment processing and subscription management. Your billing information is handled by Lemon Squeezy and subject to their privacy policy.
View their privacy policy →Resend
Transactional email delivery. Your email address is shared with Resend to deliver account and notification emails.
View their privacy policy →Vercel
Hosting and deployment infrastructure. Vercel processes request logs and technical data as part of serving the application.
View their privacy policy →4. Data Storage and Security
Your data is stored on Supabase infrastructure with row-level security (RLS) policies enforced at the database level — meaning your data is only accessible to your own account. We use HTTPS for all data transmission and enforce secure session management.
Passwords are never stored in plain text. Authentication is handled by Supabase Auth using industry-standard hashing.
Despite these measures, no system is completely secure. We cannot guarantee absolute security and are not liable for unauthorized access beyond our reasonable control. If you believe your account has been compromised, contact us immediately at support@uxlora.app.
5. Data Retention
We retain your account data and generated kits for as long as your account is active. If you delete your account, we will delete your personal data and generated content within 30 days, except where retention is required by law or for legitimate business purposes such as fraud prevention.
Billing records may be retained for up to 7 years to comply with financial regulations, even after account deletion.
6. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- →Access: Request a copy of the personal data we hold about you.
- →Correction: Request correction of inaccurate or incomplete data.
- →Deletion: Request deletion of your account and associated data.
- →Portability: Request your data in a machine-readable format.
- →Objection: Object to processing of your data in certain circumstances.
- →Restriction: Request that we restrict processing of your data.
To exercise any of these rights, email us at support@uxlora.app. We will respond within 30 days.
7. Cookies
UXLora uses cookies solely for authentication session management. We do not use tracking cookies, advertising cookies, or third-party analytics cookies. The session cookie is essential for the service to function and cannot be disabled while using UXLora.
8. Children's Privacy
UXLora is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us at support@uxlora.app and we will delete the information.
9. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and update the "Last updated" date at the top of this page. Your continued use of UXLora after changes are posted constitutes acceptance of the updated policy.
10. Contact
For any privacy-related questions, requests, or concerns, contact us at: