Last Updated: 17/06/25

At Useit.Design, the security and privacy of our users' data is our top priority. As a company built by designers for designers, we understand the importance of trust when it comes to managing creative workflows, sensitive project files, and collaborative tools. This policy outlines our approach to protecting your data across all levels of our platform.

1. Data Protection Standards

We follow industry best practices and compliance frameworks to safeguard user information. Our security protocols align with globally recognised standards, including but not limited to:

• Encryption: All data in transit and at rest is encrypted using industry-standard protocols (e.g., TLS 1.2+ and AES-256).

• Access Control: Role-based access and strict authentication measures are enforced across internal and external systems.

• Regular Audits: We regularly conduct internal security reviews and vulnerability assessments.

2. File Management Security

Your files - whether design assets, research documents, or internal notes — are securely stored and protected from unauthorized access.

• Files are encrypted both at rest and during transfer.

• File access is strictly limited to authorized users within your workspace.

• We do not access, share, or use your content for any purpose outside of the service functionality.

We currently utilise backblaze.com to manage and store files securely.

3. Personal and Private Data

We collect only the data necessary to deliver a seamless and personalised product experience.

• Personally Identifiable Information (PII) is processed in compliance with GDPR and other applicable regulations.

• Data access is logged, monitored, and restricted to essential personnel.

• Users may request access, export, or deletion of their data at any time.

Our user data is processed and stored via contabo.com and vercel.com .

4. Third-Party Services

To operate effectively, we rely on trusted third-party services. We ensure all vendors meet our security requirements through due diligence and agreements.

Current services in use include (but are not limited to):

• Vercel

• Contabo

• Backblaze

• openAI

5. Incident Response

We maintain a clear and documented Incident Response Plan (IRP) to address any security breach or data exposure. In the event of an incident, we will:

• Notify affected users promptly (within 72 hours of detection).

• Take immediate action to contain and resolve the issue.

• Conduct post-incident reviews and apply long-term fixes.

6. Employee Practices

All team members undergo security training and adhere to strict internal protocols regarding user data handling and system access.

• Two-factor authentication is required for internal systems.

• Access to sensitive data is granted on a least-privilege basis.

• Devices used by team members comply with company-enforced security settings.

7. Contact & Questions

If you have any questions about our security practices, feel free to reach out to us at:

Email: info@useit.design

Subject: Security Inquiry

We’re committed to protecting your data with transparency and care. As we grow, we’ll continue to adapt and improve our security practices in line with evolving industry standards and threats.