Privacy Policy

1. Information We Collect

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our Services
• Process transactions and manage your account
• Enable screenshot sharing and collaboration features
• Verify license activations and manage device limits
• Send transactional communications (account notifications, security alerts)
• Send promotional communications (with your consent, and you can opt out anytime)
• Respond to your inquiries and provide customer support
• Analyze usage patterns to improve user experience
• Detect, prevent, and address technical issues, fraud, and security incidents
• Comply with legal obligations

3. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

• Service Providers: We share information with third-party vendors who assist us in providing the Services, including cloud hosting (Vercel, Supabase), payment processing (Stripe), analytics, and customer support tools. These providers are contractually obligated to use your information only to provide services to us.
• User-Directed Sharing: When you share a screenshot with a public link, anyone with that link can view the content. You control the visibility of your screenshots through our privacy settings.
• Collaboration Features: If you enable comments and reactions, other users can see and interact with your shared content.
• Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred as a business asset.
• Protection of Rights: We may disclose information to protect the rights, property, or safety of our company, users, or others.

4. Data Storage and Security

Your data is stored on secure servers provided by our infrastructure partners. We implement industry-standard security measures, including:

• Encryption of data in transit (TLS/SSL) and at rest
• Secure authentication and access controls
• Regular security assessments and updates
• Limited employee access to personal data on a need-to-know basis

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

5. Data Retention

We retain your information for as long as your account is active or as needed to provide you with our Services. We also retain and use your information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements. When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal or legitimate business purposes.

6. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request that we correct inaccurate or incomplete information.
• Deletion: Request that we delete your personal information, subject to certain exceptions.
• Portability: Request a copy of your data in a structured, machine-readable format.
• Opt-Out: Opt out of promotional communications at any time by clicking "unsubscribe" in our emails or updating your account settings.

To exercise these rights, please contact us at privacy@trylens.sh.

7. International Data Transfers

We are based in Romania, a member state of the European Union. Our primary data processing occurs within the European Economic Area (EEA). However, some of our service providers may process data outside the EEA (for example, in the United States).

When we transfer personal data outside the EEA, we ensure appropriate safeguards are in place, including: (a) transfers to countries with an adequacy decision from the European Commission; (b) Standard Contractual Clauses (SCCs) approved by the European Commission; or (c) other legally recognized transfer mechanisms. By using our Services, you acknowledge these transfers. You may request information about specific safeguards by contacting us.

8. Children's Privacy

Our Services are not directed to children under the age of 16, and we do not knowingly collect personal information from children under 16. This age requirement is in accordance with the General Data Protection Regulation (GDPR) as implemented in Romania. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information promptly. If you believe we may have collected information from a child under 16, please contact us at privacy@trylens.sh.

9. Third-Party Links and Services

Our Services may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access through our Services.

10. Your Rights Under GDPR

As we are based in Romania and operate under EU law, the General Data Protection Regulation (GDPR) applies to all users of our Services. You have the following rights:

• Right of Access: You can request a copy of your personal data we process.
• Right to Rectification: You can request correction of inaccurate or incomplete personal data.
• Right to Erasure: You can request deletion of your personal data ("right to be forgotten").
• Right to Restrict Processing: You can request limitation of how we process your data.
• Right to Data Portability: You can receive your data in a structured, machine-readable format.
• Right to Object: You can object to processing based on legitimate interests or for direct marketing.
• Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time.
• Right to Lodge a Complaint: You can file a complaint with the Romanian Data Protection Authority (ANSPDCP) or another supervisory authority.

To exercise these rights, contact us at privacy@trylens.sh. We will respond within 30 days as required by GDPR.

11. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Performance of Contract: Processing necessary to provide the Services you requested (account management, screenshot storage, sharing features).
• Legitimate Interests: Processing necessary for our legitimate business interests (service improvement, security, fraud prevention), provided these do not override your rights.
• Consent: Processing based on your explicit consent (marketing communications, optional analytics).
• Legal Obligation: Processing required to comply with applicable laws and regulations.

12. Data Protection Authority

If you are not satisfied with how we handle your personal data or respond to your requests, you have the right to lodge a complaint with the Romanian supervisory authority:

If you are located in another EU member state, you may also contact your local data protection authority.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically. Your continued use of the Services after any changes constitutes your acceptance of the updated policy.

14. Data Controller Contact

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about our data practices, please contact us: