Privacy Policy
Last updated July 1, 2026
Focused Lens exists to show you where your digital attention goes. This policy explains what we collect, why we collect it, where it is processed, and how you can ask us to access or delete it.
What we collect
Account information
Email address, authentication identifiers, device names, device tokens, and basic account settings needed to sign in and sync your devices.
Activity records
Active application names, bundle or process identifiers where available, window or tab titles, start and end times, durations, categories shown in your dashboard, and AI-inferred category labels when you enable local AI categorisation.
Sanitised browser URLs
For supported browsers, Focused Lens may store the URL host and path after removing query strings and fragments. Browser-internal pages and non-http(s) URLs are ignored.
Billing status
Stripe customer, subscription, plan, and billing-status identifiers. Payment method and card details are handled by Stripe, not stored by Focused Lens.
Public-site analytics
Aggregate page-view and CTA-click events on public pages, limited to a sanitised route path, fixed event name, CTA surface, CTA ID, destination, or download platform.
What we do not collect
- blockScreenshots or screen recordings
- blockKeystrokes, clipboard contents, or typed form fields
- blockPasswords, secrets, or credential contents
- blockPrivate or incognito browser windows where the platform prevents capture
- blockURL query strings, fragments, browser-internal pages, or local file URLs
- blockPublic-site analytics cookies, heatmaps, replay, raw referrers, full browser URLs, or account identifiers
How we use your data
We use your data to authenticate your account, sync desktop activity, power your web dashboard, calculate categories and trends, operate billing, respond to support or security requests, protect the service, improve product reliability, and understand aggregate interest in public pages and CTAs.
We do not sell your activity data. We do not use it for advertising. Community categorisation features are designed around aggregate patterns, not exposing another user's private activity history.
AI categorisation runs on your device. We do not send raw activity to an AI service for categorisation. If you choose to share inferred app category labels, those labels may be sent with normal account sync and may contribute to aggregate community categorisation.
Third-party services
Supabase
Authentication, database, and account deletion from Supabase Auth.
Railway
Hosting the Focused Lens backend API.
Stripe
Checkout, billing portal, subscriptions, invoices, and payment processing.
Vercel Web Analytics
Privacy-safe public-site analytics for aggregate page views and CTA clicks only. Events exclude account IDs, email addresses, session tokens, desktop activity contents, app names, window titles, browser URLs, query strings, fragments, raw referrers, cookies, heatmaps, and replay.
Retention and deletion
Focused Lens keeps account and activity data while your account is active so your dashboards, history, goals, and device sync continue to work.
You can delete individual activity entries from the dashboard and can request account deletion from Settings. Account deletion removes Focused Lens account/activity records from our application database and deletes the matching Supabase Auth user. Some records may remain where a provider, legal requirement, security investigation, or billing obligation requires retention.
Your rights
You can ask us for access to, correction of, export of, or deletion of personal data associated with your Focused Lens account. We may need to verify your identity before acting on a request.
Send privacy requests to hello@focusedlens.app. For security issues, use the security page.
Changes to this policy
We will update this page when our data practices change. Material updates will be reflected by changing the date at the top of this page.