Last updated: February 2026
UOVA ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal data when you use our website builder platform at uova.io and related services (the "Service").
Account data: Email address, name, and profile information provided during sign-up (via Google, GitHub, or email/password). Usage data: Pages visited, features used, interactions with the editor, and AI generation requests. Content data: Website content you create, including text, images, and design configurations. Payment data: When you make purchases, payment processing is handled by Stripe. We do not store your credit card numbers. Technical data: IP address, browser type, device information, and cookies necessary for the Service to function.
We use your data to: provide and improve the Service; process payments and manage subscriptions; respond to support requests; send important service updates; generate AI content based on your prompts; host and serve your published websites. We do not sell your personal data to third parties.
We use the following third-party services that may process your data: Supabase (authentication and database hosting); Stripe (payment processing); OpenAI (AI text generation — prompts are sent to their API); Replicate (AI image generation); Vercel (hosting and deployment); Crisp (live chat support). Each service has its own privacy policy. We encourage you to review them.
When you use our AI features, your prompts are sent to OpenAI or Replicate for processing. These providers may retain prompts according to their own data policies. We do not use your prompts to train our own models. Generated content is stored as part of your project data.
Project data is stored locally in your browser (localStorage) and, when published, in our Supabase database. We use encryption in transit (HTTPS/TLS) for all data transfers. We implement reasonable security measures but cannot guarantee absolute security. Published websites are publicly accessible by design.
If you are in the European Economic Area, you have the right to: access your personal data; correct inaccurate data; request deletion of your data; port your data to another service; object to processing; withdraw consent at any time. To exercise these rights, contact us at privacy@uova.io.
We use essential cookies for authentication and session management. We use Supabase session cookies to keep you logged in. We do not use advertising or tracking cookies. Third-party services (Crisp chat) may set their own cookies.
Account data is retained for as long as your account is active. Project data in localStorage is controlled by you. Published site data is retained until you unpublish or delete your account. We may retain anonymized usage data for analytics.
The Service is not intended for children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us with personal data, contact us immediately.
We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. The "Last updated" date at the top indicates when changes were last made.
For privacy-related questions or to exercise your data rights, contact us at privacy@uova.io.