you x you i logo

Privacy Policy

Effective Date: October 1, 2025

Last Updated: October 1, 2025

YOU X YOU I LTD ("Company", "we", "our", or "us") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, and share information when you use our website analysis services (the "Service").

1. Information We Collect

We may collect the following types of information:

  • Account Information: Name, email address, business size, industry, and login credentials.
  • Payment Information: Billing details collected and processed securely by our payment provider (we do not store full credit card numbers).
  • Website Data: Information about websites you submit for analysis, including URLs and analytical data we generate.
  • Usage Data: Information about how you interact with our Service, such as log files, IP addresses, browser type, and device information.

We do not process any "special category" data (such as health data, ethnicity, or other sensitive personal information).

2. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve our Service.
  • Deliver website UX/UI audit reports and insights.
  • Set up and manage your account.
  • Process payments and manage subscriptions.
  • Communicate with you regarding your account, updates, or support requests.
  • Improve our services and develop new features.
  • Send marketing communications (with your consent).
  • Ensure security, prevent fraud, and comply with legal obligations.

3. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Consent: Where you have given clear consent for us to process your personal data for specific purposes (e.g., marketing communications).
  • Contract Performance: To fulfill our contractual obligations to you and provide the Service you requested.
  • Legitimate Interests: For our legitimate business interests, such as improving our Service, ensuring security, and preventing fraud, provided these interests do not override your rights.
  • Legal Obligation: To comply with legal and regulatory requirements.

4. How We Share Information

We do not sell your personal data.

We may share information in these limited cases:

  • Service Providers: With trusted third parties that help us operate, including CRM systems, payment processors, and analytics tools. These providers are contractually obligated to protect your data.
  • Legal Compliance: If required by law, regulation, legal process, or governmental request, or to protect rights, property, or safety.
  • Business Transfers: If we undergo a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

5. Data Retention

We retain personal data only as long as necessary to provide our services and meet legal obligations:

  • Account Data: Deleted within 90 days of account closure.
  • Billing Records: Retained for up to 6 years (UK) / 7 years (EU) to comply with tax and financial regulations.
  • Support and Usage Data: Deleted or anonymized within 24 months.

Data that is no longer needed is securely deleted or anonymized.

6. Your Rights

Depending on your location, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete personal data.
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your personal data in certain circumstances.
  • Right to Data Portability: Request transfer of your data to another service provider in a structured, commonly used format.
  • Right to Restriction of Processing: Request that we limit how we use your data in certain situations.
  • Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Withdraw your consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at privacy@youxyoui.io. We will respond to your request within one month.

7. Cookies & Tracking

We use essential cookies and similar technologies to:

  • Maintain your login session and authenticate your access.
  • Remember your preferences and settings.
  • Ensure proper functionality of our Service.

We do not use analytics or advertising cookies. The cookies we use are essential for the Service to function properly. You can manage cookies through your browser settings, but disabling essential cookies may affect your ability to use certain features.

8. Data Security

We protect user data with industry-standard security measures, including:

  • Encryption: Data is encrypted in transit (TLS) and at rest (AES-256).
  • Access Controls: Strict access controls with multi-factor authentication (MFA) and role-based permissions.
  • Monitoring: Comprehensive logging and monitoring of systems.
  • Regular Reviews: Periodic security reviews and vulnerability assessments.
  • Secure Backups: Regular, encrypted backups of critical data.

However, no system is 100% secure, and we cannot guarantee absolute security. We encourage you to use strong passwords and protect your account credentials.

9. International Data Transfers

All our data is hosted in the United Kingdom. We can accommodate hosting in the EU or other regions upon request to meet specific regulatory requirements.

If you access the Service from outside the UK, your information may be transferred to and processed in the UK. By using our Service, you consent to such transfers. We ensure appropriate safeguards are in place to protect your data in accordance with applicable data protection laws.

10. Children's Privacy

Our Service is not intended for children under 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child under 16 without parental consent, we will take steps to delete that information as quickly as possible. If you believe we have collected information from a child, please contact us immediately at privacy@youxyoui.io.

11. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: Request information about the personal data we collect, use, and share.
  • Right to Delete: Request deletion of your personal data.
  • Right to Opt-Out: Opt-out of the sale of your personal data (though we do not sell personal data).
  • Right to Non-Discrimination: You will not be discriminated against for exercising your privacy rights.

Do Not Sell or Share My Personal Information

We do not sell or share your personal information as defined by the CCPA.

To exercise your CCPA rights, contact us at privacy@youxyoui.io.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

  • Update the "Last Updated" date at the top of this page.
  • Notify you via email if you have an account with us.
  • Display a notification in the account section of the platform.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

YOU X YOU I LTD

Company Number: 16483401

Email: privacy@youxyoui.io

Address: 124 City Road, London, United Kingdom, EC1V 2NX

Contact Form: youxyoui.io/contact