Privacy Policy

How uxLens handles data.

Last updated July 14, 2026. This describes two separate things: what this website and dashboard collect from you, and what the uxLens SDK records on behalf of an app that embeds it.

1. This website and dashboard

Creating an account requires an email address, a password (stored as a salted hash, never in plain text), and an organization name. If you submit a request for access, we also collect the contact details and project information you provide in that form. We do not sell this information or share it with third parties for their own marketing.

The dashboard session itself is stored in an httpOnly cookie that browser JavaScript cannot read. We do not run any client-side analytics or ad tracking inside the dashboard, admin portal, or replay player.

2. Analytics on the marketing site

The public marketing pages (this page, the homepage, and similar) use Google Analytics (GA4), governed by Google Consent Mode v2. Nothing is loaded, and no analytics cookie is set, until you explicitly accept the cookie banner; rejecting or ignoring it means the analytics script is never fetched at all for that visit. You can withdraw consent at any time by clearing your browser's local storage for this site. Analytics is also disabled entirely on local development builds.

3. What the uxLens SDK records for an integrated app

If you are an end user of an app built with uxLens, this section describes what that app's uxLens integration may record. The SDK is designed to record how an app is used without identifying who is using it:

  • Screen recordings.Periodic screenshots of the app's UI. Sensitive fields (passwords, payment forms, and anything an app developer marks as private) are blacked out on the device before a screenshot is ever saved or sent, not afterward. A screenshot identical to the previous one is never captured again.
  • Gestures. Tap, swipe, and scroll coordinates and timing. Never the content typed into a field, only that an interaction happened.
  • Navigation. Which screens were visited and when.
  • Device information. Platform, OS version, screen size, and a random identifier generated on first install, not derived from any hardware identifier and not usable to track a person across different apps.

The SDK never collects a name, email address, account identifier, location data, keystrokes, or device logs. It has no capability to log what was typed into a text field, whether or not that field is marked sensitive.

4. Data retention and deletion

Recorded session data is automatically and permanently deleted after a retention period that depends on the integrating app's plan (30 to 90 days), removed hourly by an automated sweep. Deleting an app from the dashboard immediately deletes all of its recorded sessions, devices, and events.

5. Security

The SDK authenticates with a per-app key; only a one-way hash of that key is ever stored, never the key itself. Recorded frame images are only ever served back through an authenticated request, never from a public URL. Production deployments are required to run behind TLS.

6. Changes to this policy

If how uxLens handles data changes materially, this page will be updated and the date at the top revised.

7. Contact

Questions about this policy, or a request to access or delete your data, send us a message below with your email and we'll reply to you personally.