uGetFix.com (“we”, “our”, “the Site”) is an independent technology research and troubleshooting guide website. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your personal data. By using this Site, you agree to the practices described below.
1. Data Controller
The data controller responsible for your personal data is the operator of uGetFix.com, reachable at [email protected]. For general inquiries use our contact page.
2. What Data We Collect
2.1 Account Registration
When you create an account, we collect:
- Username and display name
- Email address
- Password (stored as a one-way cryptographic hash — never in plain text)
- Profile photo (optional, uploaded voluntarily)
- Short biography and website URL (optional, visible on your public profile)
2.2 Account Activity
We record activity linked to your account for service operation purposes:
- Guides you publish (title, content, publication date)
- “This fixed it” votes you cast on guides
- Problem bounties you submit
- Newsletter pitches you make (Pro/VIP members only)
- Reputation score derived from guide and vote activity
2.3 Payments (Pro and VIP subscribers)
Subscription payments are processed by Stripe, Inc. We do not store your card number, CVV, or full billing details on our servers. Stripe provides us with a non-sensitive customer token, subscription status, and tier level. Stripe’s privacy policy is available at stripe.com/privacy.
2.4 URL Security Scanner
If you use our free URL/domain security scanner, the URL you submit is sent to third-party threat intelligence services (including VirusTotal and Google Safe Browsing) solely to return a safety verdict. We do not log submitted URLs against your identity. Results are cached anonymously for 24 hours to reduce redundant lookups.
2.5 Newsletter
If you subscribe to our newsletter, your email address is stored with Brevo (Sendinblue), our email service provider. Each email contains an unsubscribe link. Brevo’s privacy policy is at brevo.com/legal/privacypolicy.
2.6 Analytics
We use Google Analytics 4 to understand how visitors use the Site — pages viewed, session duration, referral sources, and device type. This data is aggregated and does not identify you personally. Analytics cookies are only set after you give consent via our cookie banner. You can opt out at any time by clicking “Essential only” in the banner or by adjusting your browser’s cookie settings.
2.7 Log Data
Our hosting provider automatically collects standard server logs: IP address, browser type, operating system, referring URL, pages visited, and timestamps. Logs are retained for up to 30 days for security and performance monitoring, then deleted.
3. Cookies
We use two categories of cookies:
- Essential cookies — required for the Site to function. These include your login session cookie (set only when you log in), security nonces, and your cookie consent preference. These cannot be disabled.
- Analytics cookies — set by Google Analytics 4 only after you click “Accept all” on our cookie banner. These help us understand traffic patterns. You can withdraw consent at any time.
We do not use advertising, tracking, or third-party profiling cookies.
4. How We Use Your Data
| Purpose | Data used | Legal basis (GDPR) |
|---|---|---|
| Provide and operate your account | Username, email, password hash, activity | Contract (Art. 6(1)(b)) |
| Process subscription payments | Email, Stripe customer token | Contract (Art. 6(1)(b)) |
| Send newsletter digests | Email address | Consent (Art. 6(1)(a)) |
| Analyse Site usage | Analytics cookies, log data | Consent (Art. 6(1)(a)) |
| Security and fraud prevention | IP address, log data | Legitimate interests (Art. 6(1)(f)) |
| Comply with legal obligations | As required by law | Legal obligation (Art. 6(1)(c)) |
5. Third-Party Services
The following services receive data as part of Site operations:
- Stripe — payment processing (Pro/VIP subscriptions)
- Brevo — email delivery and newsletter management
- Google Analytics — anonymised traffic analytics (consent-gated)
- VirusTotal / Google Safe Browsing — URL threat lookups (no personal data sent)
- Cloudflare — CDN, DDoS protection, image optimisation (processes requests on our behalf)
We may include affiliate links to products we recommend (e.g. Malwarebytes, VPN services). Clicking an affiliate link does not transmit your personal data to us; the linked retailer’s own privacy policy governs any data they collect.
6. Data Retention
- Account data — retained while your account is active and for 30 days after deletion, then permanently erased.
- Payment records — retained for 7 years as required by financial regulations.
- Newsletter subscription — retained until you unsubscribe.
- Server logs — deleted after 30 days.
- Analytics data — retained for 14 months in Google Analytics, then automatically deleted.
7. Your Rights (GDPR)
If you are in the European Economic Area or United Kingdom, you have the following rights:
- Access — request a copy of the personal data we hold about you.
- Rectification — correct inaccurate or incomplete data.
- Erasure — request deletion of your data (“right to be forgotten”), subject to legal retention obligations.
- Restriction — ask us to limit processing of your data in certain circumstances.
- Portability — receive your data in a machine-readable format.
- Objection — object to processing based on legitimate interests.
- Withdraw consent — withdraw analytics or newsletter consent at any time without affecting prior processing.
To exercise any right, email [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority.
8. Children
uGetFix.com is not directed at children under 16. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us data, contact us and we will delete it promptly.
9. Security
We use HTTPS encryption for all data in transit, bcrypt hashing for passwords, and access controls limiting who can access personal data. No internet transmission is 100% secure; we cannot guarantee absolute security but take reasonable precautions.
10. International Transfers
Some third-party processors (Stripe, Google, Brevo) may process data outside the EEA. These transfers are covered by Standard Contractual Clauses or equivalent safeguards approved by the European Commission.
11. Changes to This Policy
We may update this policy from time to time. The “Last updated” date at the top will reflect any changes. Significant changes will be notified to registered users by email.
12. Contact
Questions or requests regarding this policy: [email protected] or use our contact form.