Privacy Policy

UX4E is operated by Heavy Fish Inc., Brooklyn, New York, United States. This policy explains how we collect, use, store, and share information when you use the UX4E AI visibility audit.

Contact: hello@thefish.studio

Last updated: June 10, 2026

Who We Are

UX4E provides a free ecommerce AI visibility audit. The service analyzes public information about the website, brand, category, and competitors you submit, then emails the audit result to the address you provide.

Information We Collect

When you run an audit, we collect and store:

Your email address and consent status.
The domain, brand or store name, category, business type, and competitors you submit.
The generated audit output, score, technical crawl findings, and AI visibility results.
A timestamp showing when the audit or lead was created.
A hashed version of your IP address for abuse prevention and rate limiting. We do not store raw IP addresses.

We may also process limited technical information automatically, such as request headers, device/browser characteristics, approximate usage events, and error logs needed to keep the service secure and reliable.

How We Use Your Information

We use the information we collect to:

Generate, store, and deliver your UX4E audit result.
Send the audit result and resend it if you request another copy.
Operate rate limits, prevent spam, detect abuse, and protect the service.
Improve the accuracy, reliability, and usability of UX4E.
Measure aggregate product usage and performance.
Comply with legal obligations and enforce our rights.

We do not sell your personal information. We do not use your email for marketing unless you separately opt in where that option is offered.

Email and Communications

By submitting your email and consent checkbox, you authorize UX4E to send you the requested audit result and service-related messages about that audit. Transactional emails may include the audit score, findings, prompts, AI-generated answers, and unsubscribe or deletion instructions.

You can request deletion or unsubscribe from future emails at any time by using the unsubscribe endpoint linked in our emails or by contacting hello@thefish.studio.

AI Processing and Public Website Crawling

To produce an audit, UX4E may send the submitted brand/store name, category, competitors, business type, and generated prompts to AI service providers. The audit measures how an AI model responds based on its training knowledge and current service behavior; it is not a guarantee of how every AI engine will answer.

UX4E also performs a limited technical crawl of the public domain you submit, including checks such as robots.txt, llms.txt, sitemap availability, JSON-LD, and public homepage signals. Do not submit domains or information you are not authorized to test.

Cookies, Local Storage, and Analytics

UX4E may use cookies, local storage, or similar technologies to operate the website, remember your interface preferences, measure usage, and improve performance. For example, the theme toggle stores your light/dark mode preference in your browser's local storage.

We use analytics tools, including Vercel Analytics, to understand aggregate site usage and performance. Analytics data helps us see which pages are used, whether the product is working correctly, and where errors may occur. Your browser settings may allow you to block or delete cookies and local storage, but some features may not work as expected.

Service Providers

We use trusted third-party providers to operate UX4E. These providers process information only as needed to deliver their services to us:

Supabase for database storage of leads, audits, and related records.
Resend for transactional email delivery.
OpenAI for AI-generated visibility answers and parsing.
Upstash Redis for rate limiting, caching, abuse prevention, and operational metrics.
Vercel for hosting, deployment, performance monitoring, and analytics.

These providers may process data in the United States and other countries where they or their subprocessors operate.

Legal Bases

Where privacy laws such as the GDPR apply, we process personal information based on one or more of the following legal bases: your consent, performance of the service you request, our legitimate interests in operating and securing UX4E, and compliance with legal obligations.

Data Retention

We keep audit and lead records for as long as needed to provide the service, maintain cached results, prevent abuse, analyze aggregate usage, resolve disputes, and comply with legal obligations. You may request deletion of your email and associated records by contacting hello@thefish.studio.

Your Rights and Choices

Depending on where you live, you may have the right to request access, correction, deletion, portability, restriction, or objection to certain processing of your personal information. You may also withdraw consent where processing is based on consent.

To exercise these rights, contact hello@thefish.studio. We may need to verify your identity before processing certain requests.

Children

UX4E is not intended for children under 13, and we do not knowingly collect personal information from children. If you believe a child has provided personal information to us, contact hello@thefish.studio and we will take appropriate steps to delete it.

Security

We use reasonable technical and organizational measures to protect personal information, including storing IP addresses only as hashes. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will update the date above and take additional steps where required by law.