We take the security of your data seriously. Here's how we protect it.
All data transmitted between your browser and our servers is encrypted via TLS 1.2+. Data at rest is encrypted using AES-256.
User data is strictly isolated per account. Our staff can only access your data when required for support, and all access is logged.
We host on industry-standard cloud infrastructure with automatic failover, regular backups, and 99.9% uptime SLA.
We continuously monitor for anomalous activity, unauthorized access attempts, and service degradation around the clock.
Our systems undergo regular internal security reviews. We address vulnerabilities promptly following responsible disclosure.
Found a vulnerability? We welcome responsible disclosure. Contact us at security@uxauditpro.com and we will respond within 48 hours.
We support Google OAuth for secure, passwordless sign-in. We never store plaintext passwords. Session tokens are HTTP-only cookies with short expiration windows and are invalidated on logout.
Screenshots and files you upload for audits are stored in isolated, access-controlled object storage. Files are only read by our AI processing pipeline and are not shared with other users or third parties.
Uploaded files are automatically purged after 12 months. You can request earlier deletion by contacting support.
We do not store credit card or payment details on our servers. All payments are processed through PayPal's PCI-compliant infrastructure. We only store transaction IDs and plan status.
If you discover a security issue, please report it to us privately at security@uxauditpro.com before public disclosure. Please include a description of the vulnerability and steps to reproduce.
We commit to acknowledging your report within 48 hours and resolving confirmed critical issues within 7 days. We do not pursue legal action against researchers acting in good faith.