Last updated: June 2026 — added connecting third-party AI assistants and tools
Introduction
Lenz (“we”, “us”, or “our”) is a verification service that uses AI, available at lenz.io. This Privacy Policy explains what information we collect, how we use it, and your choices regarding your data.
Information We Collect
Account information
When you create an account (directly or via Google sign-in) we store your email address and display name. If you sign in with Google, we receive your basic profile information (name, email, and profile picture URL) as authorized by you through Google’s OAuth consent screen.
Claim data
When you submit a claim for verification, we store the text you provide and the analysis results generated by our analysis pipeline. By default, new claims are shared with the community (“Public”). You can change the visibility of each individual claim report, or set your preferred default for new reports in your profile settings. Options are “Private” (visible only to you) or “Public”. Public claims are accessible to anyone and may be included in the Library.
Usage data
We collect basic usage information such as page views, votes, and interaction patterns to improve the service. We use cookies to maintain your session and remember your authentication state.
Payment information
Payments are processed by Stripe. We do not store your credit card details. Stripe may collect information necessary to process your transaction in accordance with their own privacy policy.
Contact form
If you contact us through our contact form, we store your email address, subject, and message to respond to your inquiry.
How We Use Your Information
- To provide and operate the verification service
- To authenticate your account and manage your session
- To process payments and manage subscriptions
- To respond to your inquiries and support requests
- To improve and optimize the service
- To detect and prevent abuse or misuse
Data Sharing
We do not sell your personal information. We share data only with:
-
AI model providers (e.g., Google Gemini) — the
claim text you submit is sent to third-party AI models for
analysis. These providers may have their own data retention
policies. If you use the Lenz API, text you POST to
/extractor/verifyis processed the same way — see API Terms section 5. - Stripe — for payment processing.
- Sentry — for error monitoring and service reliability.
- Google Analytics (GA4) — for usage analytics (page views, interactions, conversion events). We use Google Analytics with Google Signals enabled, which supplements our analytics with aggregated data from users who are signed into their Google account and have turned on Ads Personalization. Signals enables cross-device reporting, remarketing audiences, and aggregated demographic and interest insights. If you are signed into Lenz, we also send a pseudonymous, hashed identifier derived from your account for cross-device analytics. This identifier cannot be used to recover your email or personal details. You can opt out of Google Analytics using the Google Analytics opt-out browser add-on, or manage your Ads Personalization settings at Google Ads Settings. Google may process this data in accordance with their privacy policy.
- Google Ads — for advertising measurement and audience building. We use Google Ads conversion tracking with Enhanced Conversions. When you are signed in to Lenz, we send Google a SHA-256 hashed version of your email address alongside conversion events (such as sign-up and return visits). Google uses the hash to match your conversion to your Google account (where one exists) so that ad performance can be measured even when cookies are unavailable. The hash is one-way and cannot be reversed to recover your email. We do not share your raw email with Google. Google may process this data in accordance with their privacy policy.
- User-provided data (Google Analytics) — the same SHA-256 hashed email described above is also provided to Google Analytics via the user-provided data feature, to improve attribution and audience matching between Analytics and Google Ads. No raw personal information is transmitted; only the irreversible hash.
- Microsoft Clarity — for anonymous behavioral analytics (click heatmaps, scroll depth, session recordings) to help us understand and improve the user experience. Clarity collects only anonymous usage data and does not track personal information. Clarity may process this data in accordance with Microsoft’s privacy statement.
- WhatsApp interactions — when you start a conversation with the Lenz WhatsApp bot from a web page, we correlate the click with your WhatsApp activity (claim checks, follow-up questions) and send the same analytics signals (Google Analytics events) we would send for equivalent activity on the website. No message content, phone numbers, or WhatsApp identifiers are sent to Google. This correlation only happens where you have granted analytics consent.
- LinkedIn Insight Tag — for advertising measurement and conversion tracking. We use LinkedIn’s Insight Tag to understand which LinkedIn ads lead to sign-ups and API usage. When you submit your email address (e.g. when signing in), it may be shared with LinkedIn in a protected form to improve conversion matching; LinkedIn does not share it onward and processes it in accordance with their privacy policy.
- Google Cloud — our infrastructure provider.
Connecting Third-Party AI Assistants & Tools
You can connect third-party AI assistants and developer tools (for example, Claude or Cursor) to your Lenz account through our MCP server or using an API key. When you connect such a tool and grant it access:
- It can submit fact-check requests and retrieve results on your behalf, subject to your account’s plan limits and the permissions you grant when connecting.
- Any text or claims you submit through a connected tool are processed in the same way as claims you submit directly on Lenz (see Claim data above).
- We record usage information associated with these requests (such as which tool was used, the time of the request, and your account) for the purposes of enforcing usage limits, securing the service, and preventing abuse.
You remain in control of these connections at all times. You can disconnect a tool at any time:
- For tools connected with an API key, delete or revoke the key in your account settings under API Keys.
- For tools connected via authorization (OAuth), remove the connection in your account settings under Connected apps. When you disconnect, the associated authorization is revoked and the access and refresh tokens are invalidated.
Claims in the Library & Published Claims
When you mark a claim as “Public”, the claim text, analysis, score, and conclusion become publicly visible and may be included in the Library. By default, published claims are completely anonymous — no personal information such as your name, email address, or account details is shared with other users or displayed alongside the claim.
When you create an account, we assign a random anonymous display name (e.g. “Curious Falcon 7a3f”) that does not reveal your identity. By default, this name is shown on your published claims, annotations, challenges, and community leaderboards. You can change your display name or disable visibility entirely by toggling “Show my name on claims” in your profile settings. When disabled, your name will no longer appear on any public pages.
Data Retention & Deletion
You can permanently delete individual claims at any time. Deletion is irreversible — the claim text, analysis, and all associated data are removed from our systems. You can also delete all claims at once from your history page. If you wish to delete your account and all associated data, please contact us at our contact page.
Cookies
We use essential cookies to maintain your authenticated session
and CSRF protection. We also use Google Analytics, which sets
first-party cookies (e.g. _ga) to
collect anonymous usage statistics, and Microsoft Clarity, which
sets cookies (e.g. _clck, _clsk) to
help us understand and improve the user experience through
behavioral analytics such as heatmaps and session recordings.
We also use the LinkedIn Insight Tag, which sets advertising
cookies (e.g. li_fat_id, bcookie) to
measure ad performance and conversions.
International Data Transfers
Your personal data may be processed and stored in the United States, where our infrastructure and several of our service providers (Google, Stripe, Sentry, Microsoft) are located. Where such transfers occur, we rely on appropriate safeguards including the EU-US Data Privacy Framework, Standard Contractual Clauses, or equivalent mechanisms recognised under applicable law.
Children’s Privacy
Lenz is not intended for use by children under 13. We do not knowingly collect personal information from children.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify users of significant changes by posting a notice on the site. Continued use of the service after changes constitutes acceptance of the updated policy.
Contact Us
If you have questions about this Privacy Policy or wish to exercise your data rights, please reach out through our contact page.