Legal
Privacy Policy
Effective: July 5, 2026
01
Overview
Lenz ("we", "our", "us") is a phone app that connects to your Gmail and pulls out the important stuff — bills, coupons, subscriptions, and insurance emails — so you can see it all in one tidy place. This page explains, in plain language, what information we collect, how we use it, and how we keep it safe.
Lenz can only read your Gmail — it can never send, delete, or change your emails.
02
What Information We Collect
When you sign in with your Google account, we receive and store:
- Your email address and your Google account ID (a number Google uses to identify you)
- A secure access key from Google that lets Lenz read your inbox on your behalf (you can take this away at any time — see "Your Choices" below)
- Basic details about each email: who sent it, its subject line, the date it arrived, and which conversation it belongs to
- The text inside an email — stored securely (encrypted) so our AI can pull out the useful details, and so you can open the original email inside the app
- The names and types of any files attached to an email — but not the files themselves
Once the AI has read an email, we also keep these key details:
- What kind of email it is (a bill, coupon, insurance, or subscription)
- The company name, the amount, the due date, and any expiry date
- A short, one-line summary in everyday words
03
How We Use Your Information
- To show your bills, coupons, and subscriptions in your own personal dashboard
- To help you keep track of your spending and spot charges that come back every month
- To send you reminders about overdue bills or coupons that are about to expire (only if you turn these on)
We never sell, share, or hand over your information to anyone else for advertising or for anything unrelated to running Lenz.
04
Other Services We Rely On
To do its job, Lenz works with a few trusted outside services:
- Google Gmail API — lets Lenz read your emails. This is read-only access (called gmail.readonly), which means we can look at your emails but never send, delete, or change them.
- Google Gemini API — this is Google's AI that reads the text of an email and picks out the useful details like amounts, dates, and company names. The email text is sent to Google's Gemini AI just to be read, and Google does not keep it once that's done.
- Expo Push Notifications — delivers the optional reminders to your phone.
05
Keeping Your Information Safe
Here's what we do to protect your information:
- The secure access key from Google is scrambled while it's stored (using strong encryption called AES-256-GCM), so it can't be read even if someone managed to steal it
- The full text of your emails is encrypted the same way while it's stored (AES-256-GCM, with its own separate key), so it can't be read even if someone got hold of our database
- When you open an email inside the app, its content is cleaned on our servers first — scripts and other active content are stripped out — so nothing harmful hidden in an email can run on your device
- Everything travels between your phone and our servers over a secure, encrypted connection (the same HTTPS/TLS technology that protects online banking)
- Your sign-in stays active for only a short time and is switched off the moment you log out, so no one can stay signed in as you
- Your Google access key is never shown anywhere in the app or in our records
06
How Long We Keep It
We keep your information for as long as your account is open. The key details we pull from your emails — summaries, amounts, and due dates — are kept so your dashboard and spending history keep working.
The full text of an email is stored (encrypted) so our AI can read it and so you can open the original email inside the app whenever you like. It's never shared with anyone else, and it's permanently erased when you delete your account.
Attachment files themselves — like PDF bills — are never stored on our servers. When you open one inside the app, we fetch it straight from your Gmail at that moment using the same read-only access. (For PDF bills, our AI does read the text inside to pick out amounts and dates, and that extracted text is kept, encrypted, alongside the rest of the email's details.)
07
Your Choices
You're in control, and you can do any of these whenever you like:
- Delete your account — one tap in Settings wipes all your information from our servers and cuts off Lenz's access to your Google account
- Take away access — you can remove Lenz from your Google account yourself at myaccount.google.com/permissions
- Get a copy of your data — just contact us and we'll send you a copy of what we've stored
When you delete your account, we permanently erase everything tied to it — your emails, the recurring charges we spotted, our usage records, and any feature requests you sent. Once it's gone, it can't be brought back.
08
Children's Privacy
Lenz isn't meant for children under 13, and we don't knowingly collect any information from them. If you think a child has shared their information with us, please get in touch and we'll delete it.
09
Changes to This Policy
We may update this policy now and then. If we do, we'll post the new version on this page with a fresh date at the top. If you keep using Lenz after a change, that means you're okay with the updated policy.
Contact
Questions?
If anything here is unclear, or you have a question about your information, we're happy to help — just email us at support@lenz.app.