HeroUI Pro

Legal

Privacy Policy

Last updated: March 19, 2026

This Privacy Policy ("Policy") outlines how NextUI Inc. ("HeroUI", "we", "us", or "our") collects, safeguards, and uses the personally identifiable information ("Personal Information") you ("User", "you", or "your") may provide on the HeroUI Pro website (heroui.pro) and during the purchase of HeroUI Pro products ("Website"). This Policy also details your choices regarding our use of your Personal Information and how you can access and update this information. This Policy does not extend to the practices of entities we do not own or control, or to individuals not employed or managed by us.

1. Data Controller

The data controller responsible for your personal data is:

NextUI Inc.
28 Geary St STE 650 Suite #180
San Francisco, California 94108
United States
support@heroui.pro

2. Personal Information Collection

We collect the following categories of personal data:

2.1 Account Information (via GitHub or Google OAuth)

  • GitHub username or Google account identifier
  • Email address
  • Profile information (name, avatar)
  • GitHub user ID or Google user ID

2.2 Payment Information

Payment processing is handled by Stripe. We do not store your credit card details. Stripe may collect payment card information, billing address, and transaction details. Please refer to Stripe's Privacy Policy for more information.

Stripe shares with us certain non-personal details related to transactions, such as the purchase date, amount, and product. This non-personal purchase data may be associated with your Personal Information (primarily your email address). Stripe does not share any other Personal Information with us.

2.3 Usage Data

  • License activation and usage statistics
  • Team management activity (invitations, seat assignments)
  • Component and template access patterns

2.4 Technical Data

  • Error and crash logs
  • Browser type and version
  • Operating system and language preferences
  • IP address
  • Pages visited on our Website and time spent

3. Non-personal Information Collection

When you visit our Website, our servers automatically log information sent by your browser. This data may include your device's IP address, browser type and version, operating system, language preferences, the webpage you visited prior to ours, pages visited on our Website, time spent on those pages, search queries, and other usage statistics.

4. Analytics

We use Vercel Analytics and PostHog to understand how visitors use our Website and to improve our Services. This may include page views, referral sources, feature usage, and general usage patterns.

  • Vercel Analytics— Privacy-friendly web analytics that does not use cookies for tracking individual users.
  • PostHog— Product analytics used to track events, feature usage, and errors on both client and server. PostHog may collect your IP address, browser information, and usage events. See PostHog's Privacy Policy.

5. How We Use Your Data

We use your personal data for the following purposes:

  • Service Delivery: To provide, maintain, and improve HeroUI Pro, including license management, team administration, and component access.
  • Account Management: To create and manage your account, authenticate your identity, and provide customer support.
  • Payment Processing: To process purchases and manage billing through Stripe.
  • Communication: To send important service updates, security alerts, and respond to your inquiries.
  • Usage Monitoring: To track license usage, prevent abuse, and ensure compliance with license terms.
  • Improvement: To identify and fix technical issues and improve our products.
  • Legal Compliance: To comply with applicable laws, regulations, and legal processes.

6. Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide you with the Service you purchased.
  • Legitimate Interests: Processing necessary for our legitimate interests, such as improving our Service, preventing fraud, and ensuring security.
  • Legal Obligation: Processing necessary to comply with legal obligations, such as tax and accounting requirements.
  • Consent: Where you have given explicit consent for specific processing activities.

7. Data Sharing and Third Parties

We may share your personal data with the following categories of recipients:

  • Stripe (USA) — Payment processing. See Stripe's Privacy Policy.
  • GitHub(USA) — Authentication via OAuth.
  • Google(USA) — Authentication via OAuth.
  • Vercel(USA) — Website hosting and analytics.
  • PostHog(USA) — Product analytics and event tracking.

We may also disclose your data if required by law, court order, or governmental authority, or when necessary to protect our rights, property, or safety.

We do not sell your personal data to third parties.

8. International Data Transfers

Your personal data may be transferred to and processed in countries outside your jurisdiction, including the United States. When we transfer data internationally, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) and Data Processing Agreements with our service providers.

9. Managing Your Personal Information

You can view and update your Personal Information in the account settings section of our Website. Note that deleting your email address or account may prevent access to purchased products.

We may retain a copy of your previous information in our records for a specific retention period required by law, after which it will be deleted. Aggregated data derived from your Personal Information may be used after deletion, but it will not reveal your identity.

10. Data Retention

We retain your personal data for as long as your account is active or as needed to provide you with our Services. After account closure or subscription expiration, we may retain certain data for:

  • Legal and Tax Requirements: Billing and transaction data as required by applicable law.
  • Dispute Resolution: Data necessary to resolve disputes or enforce our agreements.
  • Legitimate Business Interests: Anonymized or aggregated data for analytics and service improvement.

You may request deletion of your personal data at any time by contacting us at support@heroui.pro. We will delete or anonymize your data unless we have a legal obligation or legitimate interest to retain it.

11. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Right of Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure: Request deletion of your personal data.
  • Right to Restriction: Request that we restrict processing of your data in certain circumstances.
  • Right to Data Portability: Request to receive your data in a structured, commonly used format.
  • Right to Object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time.

To exercise any of these rights, please contact us at support@heroui.pro. We will respond to your request within 30 days.

12. Children's Privacy

We do not intentionally gather Personal Information from children under 13. If you believe a child under 13 has provided us with Personal Information, please contact us and we will take steps to delete such information.

13. Cookie Usage

Our Website uses essential cookies necessary for the operation of the Service, such as authentication and session management cookies. These cookies are strictly necessary and do not require consent. We use Vercel Analytics and PostHog for website and product analytics. Vercel Analytics does not use cookies for tracking individual users. PostHog may use cookies for session tracking and analytics purposes.

We do not use third-party advertising or marketing cookies.

14. Newsletter Subscriptions

You can voluntarily subscribe to our newsletters. Unsubscribe options are provided in these emails. Essential transactional emails regarding your account and license will still be sent.

15. External Website Links

Our Website may contain links to other websites, including Stripe, GitHub, and Google. We are not responsible for the privacy practices of these external sites. We encourage you to review the privacy policies of any external site you visit.

16. Information Security

We implement appropriate technical and organizational measures to protect your Personal Information against unauthorized access, alteration, disclosure, or destruction. These include encryption of data in transit (HTTPS/TLS), secure authentication via GitHub and Google OAuth, and access controls. While we strive to protect your data, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

17. Legal Disclosure

We may disclose your information if required by law, to protect our rights, or to ensure the safety of others. In the event of a business transition (e.g., merger, acquisition), your data may be transferred to the successor entity.

18. Policy Amendments

We reserve the right to modify this Policy at any time. If we make material changes, we will notify you by email or by posting a notice on our Website before the changes take effect. Continued use of the Services after changes constitutes acceptance of the updated Policy.

19. Contact Us

If you have any questions or concerns regarding this Privacy Policy, please contact us at support@heroui.pro.

NextUI Inc.
28 Geary St STE 650 Suite #180
San Francisco, California 94108
United States