uxsero logo uxsero

Our Privacy Promise

We believe transparency is the foundation of trust. This policy explains exactly what we collect, why we need it, and how you can control your data at every step.

Effective Date
January 21, 2026
Bogotá Studio · Version 2.0

Data We Collect & Process

Legal Basis: Legitimate Interest & Consent

Contact & Identity

  • Name & Email: Required for proposals, invoices, and project communication. Stored encrypted in our CRM.
  • Phone Number: Optional; used only for urgent project escalations or scheduling.
  • Company Role: Helps us tailor UX research recommendations to your stakeholder context.

Technical & Behavioral

  • IP Address: Anonymized for security logging; never used for tracking.
  • Cookie Data: Strictly functional (session management). No third-party ad trackers.
  • File Uploads: Project briefs or wireframes are stored temporarily for review, then purged.

Evidence Tag

Our data processing is mapped to Article 6(1)(b) & (f) of the GDPR. We maintain a processing register available upon request. Request Record

How We Use Your Information

Data is never an abstract asset. For our studio, it's a tool to deliver better UX outcomes. We use contact details to scope design sprints, technical logs to ensure our portfolio loads fast on Bogotá's variable networks, and project files to build accessible interfaces that respect user agency. We do not sell, rent, or trade your personal data to third parties for marketing purposes. Ever.

Client Services

Scope definition, proposal generation, invoice processing, and project handoff documentation.

Improvement

Analyzing anonymized traffic to improve our portfolio's UX, accessibility, and performance.

When we partner with external tools (e.g., cloud storage for file exchange), we ensure they are GDPR-compliant and sign Data Processing Agreements. Your data stays within a tight circle of trust.

Our studio's approach to privacy is documented and transparent
Studio Archive · Data Ethics

Due Diligence: Questions for Partners

Before sharing sensitive project data, these are the questions we ask—and answer for you.

Method Note: Risk & Robustness

Approach Evaluated We benchmarked our privacy handling against ISO 27001 principles and Colombian Habeas Data Law (Law 1581 of 2012). We performed an internal audit focused on data minimization and user control.
Key Constraints Limited budget for external legal review; reliance on standardized contracts. No penetration testing conducted in-house. We do not hold PII for marketing databases.
What Changes Our View A formal external audit or a significant breach event would trigger a full policy revision. Regulatory changes in Colombia or EU GDPR frameworks would also require updates.
Studio Principle
"Privacy is not a feature to add later. It is the foundation of the relationship. If we can't explain our data handling to a client in two minutes, we have failed."
Bogotá · 2024 · Design Lead

Questions about your data?

Our team is happy to clarify any part of this policy.

Contact uxsero