Privacy Policy
Last updated: November 6, 2025
​
INTRODUCTION
UserTest Pro ("we," "us," "our"), a company registered in India, describes how and why we collect, store, use, and share your information when you use our platform at usertestpro.com.
Read this policy to understand your privacy rights. Contact us at support@usertestpro.com with any concerns.
​
SUMMARY OF KEY POINTS
What personal information do we collect?
We collect personal information you provide (name, email, passwords, company details, payment info) and information collected automatically when you use our platform (video recordings, session data, device information, IP address).
​
Do we process sensitive personal information?
We do not intentionally collect sensitive personal information (health data, biometric data beyond video/audio recording). If you upload it, you are fully liable for consequences.
​​
Do we receive information from third parties?
We only receive payment information from payment processors (Razorpay, PayPal) and emails are sent through Postmark.
​
How do we process your information?
We process your information to provide our platform services, improve our product, ensure security, comply with Indian law, and—with your consent—for marketing purposes.
​
Who do we share information with?
We share information only with essential service providers (AWS for storage, Razorpay/PayPal for payments, Postmark for email) who are contractually bound to protect your data.
​
How do we keep your information safe?
We use 256-bit AES encryption, AWS infrastructure, access controls, and regular security monitoring.
​
What are your privacy rights under Indian law?
Under the Digital Personal Data Protection Act, 2023 (DPDPA), you have rights to access, correct, delete, and request portability of your personal data.
​
How do you exercise your rights?
Contact us at support@usertestpro.com. We'll respond within 30 days. For test data deletion, you can do one-click export/deletion from your account settings.
​
1. WHAT INFORMATION DO WE COLLECT?
Personal information you provide:
-
Account information: name, email, company name, job title, phone number
-
Payment information: billing address, payment card details (processed by payment processors, not stored by us)
-
Test data: test designs, participant responses, video/audio recordings, survey answers
-
Communication: messages sent through support channels for feedback
Information collected automatically:
-
Session data from participants: Video/audio recordings (with consent), clicks, scrolls, mouse movements, eye-tracking data, timestamps, device type, browser version
-
Technical data: IP address, geolocation (city/country level), device information, browser type, operating system
-
Usage data: Pages visited, tests created/launched/deleted, time spent on platform, search queries
-
Cookies: We use essential cookies for functionality and analytics cookies to improve our platform
Do we use cookies? Yes. Essential cookies keep you logged in; analytics cookies help us improve the platform. You can disable cookies in your browser settings, but some features may not work.
​
2. HOW DO WE PROCESS YOUR INFORMATION?
We process your information for:
-
Providing services: Hosting tests, storing video recordings, generating reports, enabling team collaboration
-
Improving our platform: Analyzing how you use the platform, fixing bugs, developing new features
-
Communication: Sending account confirmations, billing notifications, support responses, and platform updates
-
Security and compliance: Detecting fraud, preventing abuse, complying with Indian law
-
Marketing (with your consent): If you've opted in, we may send you product updates, tips, industry insights, webinars, and special offers.
Legal basis for processing under DPDPA:
We process your personal data because:
-
You have consented (e.g., opted in to marketing)
-
It is necessary to perform our services contract with you
-
We have a legal obligation under Indian law
-
It is necessary to protect your vital interests or those of others
-
It is necessary for our legitimate business interests (security, fraud prevention, platform improvement)
​
3. WHERE DO WE STORE YOUR DATA AND WHY?
Data storage location: All your data—including test videos, transcripts, responses, and team member information—is stored on Amazon Web Services (AWS) infrastructure.
You own your data; we securely host it on infrastructure designed for security and reliability.
Encryption standards:
-
At rest: All data in AWS is encrypted using 256-bit AES encryption
-
In transit: All communications between your device and our servers use TLS 1.2+ encryption
-
Encryption keys: Managed by AWS KMS.
Security measures:
-
24/7 automated monitoring for suspicious activity
-
Multi-Factor Authentication (MFA) available on all accounts
-
Role-based access control—team members see only data you grant them access to
-
UserTest Pro staff access to your data is restricted to only those who need it for operations; all staff sign NDAs
-
Quarterly penetration testing and security audits
-
We're actively pursuing SOC 2 Type II and ISO 27001 certifications (expected Q1 2026)
​
4. WHO DO WE SHARE YOUR DATA WITH?
We do NOT sell your data. We do NOT share your data with competitors or unauthorized third parties.
We DO share data with:
-
Amazon Web Services (AWS): Cloud infrastructure provider that hosts all our data; AWS is bound by strict data protection obligations
-
Razorpay & PayPal: Payment processors for billing; they receive only billing information (name, email, payment method), never test data
-
Postmark: Email service provider for transactional emails (password resets, billing notifications, account confirmations); does not access your test data
-
Regulatory authorities: If legally required by Indian government bodies (court orders, subpoena), we will comply and typically notify you unless legally prohibited
​​
5. DATA RETENTION AND DELETION
How long do we keep your data?
-
Test data: Retained for 90 days from when the test completes.
-
Account information: Retained as long as your account is active
-
After account cancellation: Data is retained for 90 days to allow you to download it. After 90 days, all data is permanently deleted.
-
Backups: Kept for 30 days before being permanently destroyed
How do you delete your data?
-
One-click deletion: From your account settings, select test(s) and click "Delete." Data is removed from active systems immediately and from backups within 30 days.
-
One-click export: Export all your data in PDF, PowerPoint, and MP4 video formats anytime. No limits on frequency.
-
Participant deletion requests: If a participant requests deletion of their recorded session, you can submit the request through the Platform. We delete within 5 business days.
-
Account cancellation: Cancel anytime in account settings. You have 90 days to download your data; after that, it's permanently deleted.
Anonymized data: We may retain anonymized, aggregated data indefinitely for improving our platform (e.g., "63% of participants prefer mobile prototypes"). This cannot be re-identified to you or participants.
​
6. WHAT ARE YOUR RIGHTS UNDER INDIAN LAW?
Under the Digital Personal Data Protection Act, 2023 (DPDPA), you have the following rights:
Right to Access: Request a copy of all personal data we hold about you.
Right to Correct: Update inaccurate or incomplete information in your account.
Right to Erase: Request deletion of your personal data (subject to legal retention requirements).
Right to Data Portability: Download your data in machine-readable formats (PDF, PowerPoint, MP4, JSON) at any time.
Right to Object: Object to specific uses of your data, including marketing communications.
Right to Withdraw Consent: If we're processing your data based on consent, you can withdraw it anytime.
How to exercise your rights:
-
Email: support@usertestpro.com
-
Provide: Your name, email, account email, and specific request details
-
Timeline: We'll respond within 30 days
​
7. WHAT ABOUT MINORS AND SENSITIVE DATA?
Minors: We do not knowingly collect personal data from anyone under 18. If we discover we have, we'll delete it immediately.
Sensitive data: Please do NOT upload or collect the following on the platform:
-
Financial information (credit card numbers)
-
Healthcare/medical records
-
Biometric data beyond video/audio recording
If you upload prohibited data:
-
You assume full liability for consequences
-
We are not responsible for breaches of this data
-
We may delete it without notice
-
Your account may be suspended or terminated
​
8. HOW DO WE KEEP YOUR INFORMATION SAFE?
Technical security:
-
256-bit AES encryption for all stored data
-
TLS 1.2+ encryption for all data in transit
-
AWS security infrastructure (VPC isolation, WAF protection, multi-AZ redundancy)
-
Automated security monitoring 24/7
-
Quarterly penetration testing by third-party security firms
Organizational security:
-
All staff sign NDAs and data protection agreements
-
Background checks for employees with data access
-
Staff training on data protection and confidentiality
-
Access restricted to employees who need it (least privilege principle)
-
Quarterly access reviews; unused access is revoked
Breach response: If we discover a data breach, we'll notify you within 24 hours with details on affected data and recommended actions. For UserTest Pro Panel participants, we'll notify them directly. You're responsible for notifying your research participants if required by law.
​
9. PRIVACY CHOICES AND CONTROLS
Marketing Communications:
-
By default, your account is opted in to receive marketing emails (product updates, tips, webinars, special offers)
-
Opt out anytime: Email us at support@usertestpro.com
-
Or click "Unsubscribe" at the bottom of any marketing email
-
You'll still receive transactional emails (password resets, billing, support responses)
Cookies: Disable cookies in your browser settings (Settings → Privacy → Cookies). Note: Some platform features may not work properly.
Do Not Track (DNT): If your browser has DNT enabled, we will not set marketing cookies. You can verify this in your privacy settings.
Account Access: You can review, update, or delete your account information anytime:
-
Email us at support@usertestpro.com
​
10. HOW LONG DO WE KEEP COOKIES?
Essential cookies: Kept for the duration of your session (until you log out)
Analytics cookies: Kept for up to 2 years to track Platform usage trends
Marketing cookies: Kept for up to 1 year (you can opt out anytime)
You can clear cookies from your browser anytime. See your browser's privacy settings for instructions.
​
11. CHANGES TO THIS PRIVACY POLICY
We may update this policy to comply with law, reflect changes in our practices, or clarify provisions.
Notification: Changes will be posted here with an updated date. Material changes will be emailed to you 30 days before becoming effective. Your continued use of the platform after 30 days constitutes acceptance of the new policy. If you disagree, you can cancel your account without penalty during this 30-day period.
​
12. CONTACT US
Regarding privacy, legal/compliance or support questions or data subject requests:
-
Email: support@usertestpro.com
-
Response time: 24-48 hours
-
Mailing address: S1 Gruhalakshmi Apt #73A, 4th Main 1st Cross, G.M. Palya - 560075
​​
13. DATA OWNERSHIP AND INTELLECTUAL PROPERTY
For Clients: The test responses, videos, and insights delivered to clients are the intellectual property of the clients. However, UserTest Pro reserves the right to anonymize and use non-identifiable data for service improvement, internal analytics, or marketing/promotional materials by default; clients may opt out by emailing support@usertestpro.com.
For Testers: Testers acknowledge that the responses they provide during tests are the intellectual property of the client commissioning the test. UserTest Pro will never share or use personally identifiable information beyond the scope of the test without explicit consent from the tester. By default, testers consent to anonymized usage for marketing; testers may opt out via support@usertestpro.com.
Governing Law and Jurisdiction: This Privacy Policy is governed by Indian laws, and any disputes arising from it will be subject to the jurisdiction of courts located in Bangalore, India.