Privacy Policy

Account data. When you sign up, we collect your email address, name, and authentication provider profile (GitHub or Google). We do not store passwords.

Usage data. We log API request counts, embedding quotas, and error rates. We do not log your source code, repository contents, or context pack payloads.

Payment data. Billing information is processed and stored by Stripe. We never see or store your full card number.

We use collected information to:

• Provide and maintain the LENS service
• Enforce usage quotas and rate limits
• Process payments and manage subscriptions
• Send transactional emails (receipts, security alerts)
• Diagnose technical issues and improve reliability

We do not sell your data to third parties.

We use the following third-party services:

• Supabase — Authentication and database hosting
• Stripe — Payment processing
• Cloudflare — CDN, DDoS protection, Workers runtime
• Sentry — Error tracking and performance monitoring
• Voyage AI — Code embedding generation (text sent is code snippets only, not full files)

Each provider processes data under their own privacy policies. We select providers that comply with industry-standard security practices.

Account data is retained while your account is active. Usage logs are retained for 90 days. You can request full deletion of your account and associated data at any time.

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and data
• Export your data in a machine-readable format
• Withdraw consent for optional data processing

For privacy-related questions or data requests, contact us at privacy@lens.dev.