Privacy Policy

1. Who We Are

SpotTheUI ("we," "us," or "our") is a design-education web application operated by Ruben Cespedes. Our website is located at www.spottheui.com. If you have questions about this policy, contact us at support@spottheui.com.

2. Information We Collect

We collect only what is necessary to provide our service:

Account information: When you sign up, we collect your name and email address. If you sign in with Google, we receive your name, email, and profile picture from Google's authentication service.

Payment information: Payments are processed securely by Stripe. We never see, store, or have access to your credit card number, CVV, or full billing details. We receive only a transaction confirmation (including a session ID and payment status) to activate your account.

Usage data: We store your challenge progress, scores, XP, badges earned, and streak data to provide personalized learning experiences.

Cookies: We use essential cookies to keep you logged in (authentication session cookies). We do not use advertising or tracking cookies.

3. How We Use Your Information

We use the information we collect to:

Provide and maintain the SpotTheUI service, including your account, progress tracking, badges, and premium access. Process payments and activate purchases. Communicate with you about your account or respond to support requests. Improve the service based on aggregate usage patterns. We do not sell, rent, or share your personal information with third parties for marketing purposes.

4. Third-Party Services

We rely on the following third-party services to operate SpotTheUI:

Supabase — Database hosting and authentication. Your account data and progress are stored on Supabase's infrastructure. Stripe — Payment processing. Stripe handles all payment data under their own privacy policy. Vercel — Website hosting. Google — OAuth sign-in (only if you choose to sign in with Google).

Each of these services has their own privacy policy governing how they handle data.

5. Data Security

We take reasonable measures to protect your information. All data is transmitted over HTTPS. Authentication tokens are stored in secure, encrypted cookies. Passwords are hashed by Supabase and never stored in plain text. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

6. Data Retention

We retain your account data and progress for as long as your account is active. If you wish to delete your account and all associated data, please contact us at support@spottheui.com and we will process your request within 30 days.

7. Your Rights

Depending on your location, you may have the right to access, correct, or delete the personal information we hold about you. You may also have the right to object to or restrict certain processing. To exercise any of these rights, contact us at support@spottheui.com.

8. Children's Privacy

SpotTheUI is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact us and we will promptly delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the "Last updated" date at the top of this page. Your continued use of SpotTheUI after changes are posted constitutes acceptance of the updated policy.

10. Contact

If you have any questions about this Privacy Policy, please contact us at support@spottheui.com.