Privacy policy

Last updated: April 2026 — clarified analytics and advertising data practices

Introduction

Lenz (“we”, “us”, or “our”) is a verification service that uses AI, available at lenz.io. This Privacy Policy explains what information we collect, how we use it, and your choices regarding your data.

Information We Collect

Account information

When you create an account (directly or via Google sign-in) we store your email address and display name. If you sign in with Google, we receive your basic profile information (name, email, and profile picture URL) as authorized by you through Google’s OAuth consent screen.

Claim data

When you submit a claim for verification, we store the text you provide and the analysis results generated by our analysis pipeline. By default, new claims are shared with the community (“Public”). You can change the visibility of each individual claim report, or set your preferred default for new reports in your profile settings. Options are “Private Only” (visible only to you), “Shareable” (accessible to anyone with the URL), or “Public”. Public claims are accessible to anyone and may be included in the Library.

Usage data

We collect basic usage information such as page views, votes, and interaction patterns to improve the service. We use cookies to maintain your session and remember your authentication state.

Payment information

Payments are processed by Stripe. We do not store your credit card details. Stripe may collect information necessary to process your transaction in accordance with their own privacy policy.

Contact form

If you contact us through our contact form, we store your email address, subject, and message to respond to your inquiry.

How We Use Your Information

  • To provide and operate the verification service
  • To authenticate your account and manage your session
  • To process payments and manage subscriptions
  • To respond to your inquiries and support requests
  • To improve and optimize the service
  • To detect and prevent abuse or misuse

Data Sharing

We do not sell your personal information. We share data only with:

  • AI model providers (e.g., Google Gemini) — the claim text you submit is sent to third-party AI models for analysis. These providers may have their own data retention policies.
  • Stripe — for payment processing.
  • Sentry — for error monitoring and service reliability.
  • Google Analytics (GA4) — for usage analytics (page views, interactions, conversion events). We use Google Analytics with Google Signals enabled, which supplements our analytics with aggregated data from users who are signed into their Google account and have turned on Ads Personalization. Signals enables cross-device reporting, remarketing audiences, and aggregated demographic and interest insights. If you are signed into Lenz, we also send a pseudonymous, hashed identifier derived from your account for cross-device analytics. This identifier cannot be used to recover your email or personal details. You can opt out of Google Analytics using the Google Analytics opt-out browser add-on, or manage your Ads Personalization settings at Google Ads Settings. Google may process this data in accordance with their privacy policy.
  • Google Ads — for advertising measurement and audience building. We use Google Ads conversion tracking with Enhanced Conversions. When you are signed in to Lenz, we send Google a SHA-256 hashed version of your email address alongside conversion events (such as sign-up and return visits). Google uses the hash to match your conversion to your Google account (where one exists) so that ad performance can be measured even when cookies are unavailable. The hash is one-way and cannot be reversed to recover your email. We do not share your raw email with Google. Google may process this data in accordance with their privacy policy.
  • User-provided data (Google Analytics) — the same SHA-256 hashed email described above is also provided to Google Analytics via the user-provided data feature, to improve attribution and audience matching between Analytics and Google Ads. No raw personal information is transmitted; only the irreversible hash.
  • Microsoft Clarity — for anonymous behavioral analytics (click heatmaps, scroll depth, session recordings) to help us understand and improve the user experience. Clarity collects only anonymous usage data and does not track personal information. Clarity may process this data in accordance with Microsoft’s privacy statement.
  • Google Cloud — our infrastructure provider.

Claims in the Library & Published Claims

When you mark a claim as “Public”, the claim text, analysis, score, and conclusion become publicly visible and may be included in the Library. By default, published claims are completely anonymous — no personal information such as your name, email address, or account details is shared with other users or displayed alongside the claim.

When you create an account, we assign a random anonymous display name (e.g. “Curious Falcon 7a3f”) that does not reveal your identity. By default, this name is shown on your published claims, annotations, challenges, and community leaderboards. You can change your display name or disable visibility entirely by toggling “Show my name on claims” in your profile settings. When disabled, your name will no longer appear on any public pages.

Data Retention & Deletion

You can permanently delete individual claims at any time. Deletion is irreversible — the claim text, analysis, and all associated data are removed from our systems. You can also delete all claims at once from your history page. If you wish to delete your account and all associated data, please contact us at our contact page.

Cookies

We use essential cookies to maintain your authenticated session and CSRF protection. We also use Google Analytics, which sets first-party cookies (e.g. _ga) to collect anonymous usage statistics, and Microsoft Clarity, which sets cookies (e.g. _clck, _clsk) to help us understand and improve the user experience through behavioral analytics such as heatmaps and session recordings.

International Data Transfers

Your personal data may be processed and stored in the United States, where our infrastructure and several of our service providers (Google, Stripe, Sentry, Microsoft) are located. Where such transfers occur, we rely on appropriate safeguards including the EU-US Data Privacy Framework, Standard Contractual Clauses, or equivalent mechanisms recognised under applicable law.

Children’s Privacy

Lenz is not intended for use by children under 13. We do not knowingly collect personal information from children.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes by posting a notice on the site. Continued use of the service after changes constitutes acceptance of the updated policy.

Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please reach out through our contact page.