Last updated: May 25, 2026

Privacy Policy

AgencyLens ("AgencyLens", "we", "us", "our") is operated by Auroinfo LLC, a Delaware-registered limited liability company. This policy explains what personal data we collect, what we don't, how we handle it, and what choices you have. It is written to be plain-English readable; if anything is unclear, email privacy@agencylens.app.

1. What we collect

We collect the minimum needed to operate the service.

• Account identifiers. Your email address and your AppSumo license key (or, for off-platform subscribers, your Stripe customer ID). We use these to identify your account when you log in.
• Operational telemetry. Anonymous, privacy-respecting analytics on which pages you visit on agencylens.app, app.agencylens.app, and docs.agencylens.app — provided by Cloudflare Web Analytics. No cookies, no fingerprinting, no cross-site tracking.
• Diagnostic logs. When the application encounters an error, we may receive a redacted error report (via Sentry) to help us fix bugs. We do not transmit your OAuth tokens, your clients' analytics data, or any personally identifying information from your end-clients in these reports.

2. What we never collect or store

• Your OAuth tokens. When you connect Google Analytics, Search Console, Google Ads, Meta Ads, or Google Drive, the resulting tokens are encrypted in your browser and stored in your browser's IndexedDB only. They never reach an AgencyLens server. The encryption key is derived from your login session and never leaves your browser.
• Your client's analytics data. When you generate a report, your browser fetches the data directly from Google or Meta and assembles the PDF locally. The data never touches an AgencyLens server.
• Your client's contact details, lists, audiences, or any other identifying information from inside Google or Meta accounts.
• Passwords. We do not use passwords. AgencyLens authentication is passwordless via magic link to your email address.

3. Scheduled reports (Tier 2 and Tier 3 only)

If you enable scheduled monthly PDF delivery, our scheduled job runs once per day at 02:00 UTC. To deliver a scheduled report, the Cloudflare Worker briefly decrypts your OAuth tokens, fetches the Google or Meta data, generates the PDF, and sends it via the email provider key (Resend) you provided. After delivery, the in-memory copies are discarded. Tokens at rest remain encrypted in our key-value store (Cloudflare KV), and the encryption key is held as a Worker secret that is not accessible from outside the runtime.

4. Third parties we use

• Cloudflare (Pages, Workers, KV, Web Analytics): hosts the application and runs the scheduled-report worker. Located in global edge locations.
• Google (Analytics Data API, Search Console API, Google Ads API, Drive API): you authorize these directly.
• Meta (Marketing API): you authorize directly.
• Resend (email delivery): you provide your own API key.
• Stripe (off-platform subscriptions only): if you upgrade to a monthly direct subscription, Stripe processes the payment.
• Sentry (error tracking): receives redacted error reports.
• PostHog (privacy-respecting product analytics): if enabled, sends anonymized usage events.

We do not sell or share your personal data with third parties for advertising or marketing purposes. Ever.

5. Google API Services User Data Policy compliance

AgencyLens's use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, regarding the Google scopes AgencyLens requests:

• analytics.readonly, webmasters.readonly, and adwords are used only to display your own analytics data inside the AgencyLens dashboard and inside PDF reports you download. The data is not transmitted to AgencyLens servers.
• drive.file is used only to write a nightly configuration backup to a folder we create in your own Google Drive (the drive.file scope is restricted to files the AgencyLens app creates). We never read or list files outside that folder.
• We do not transfer Google user data to third parties, use it for advertising, or use it to train AI models.

6. Data retention and deletion

• OAuth tokens: stored only in your browser's IndexedDB. You can wipe them by clicking "Disconnect" in the dashboard, by clearing your browser's site data for app.agencylens.app, or by revoking access at Google Account Permissions or Meta Business Integrations.
• Account record (email + license key): retained as long as your AppSumo or direct subscription is active. Email privacy@agencylens.app to request deletion; we delete within 30 days.
• Diagnostic logs: retained for 30 days, then auto-deleted by Sentry.
• Scheduled-job records: retained for 90 days for debugging purposes; auto-deleted after.

7. Your rights

Regardless of where you live, you have the right to:

• Request a copy of the personal data we hold about you.
• Request correction of inaccurate data.
• Request deletion of your account.
• Withdraw any consent you previously gave.
• Lodge a complaint with a data-protection authority.

Email privacy@agencylens.app to exercise any of these rights.

8. Children

AgencyLens is a B2B tool. It is not intended for use by, and we do not knowingly collect personal information from, anyone under the age of 16.

9. Changes to this policy

If we materially change how we handle data, we will notify active users by email and update the "Last updated" date at the top of this page. Continued use of AgencyLens after notification constitutes acceptance.

10. Contact

Auroinfo LLC
Privacy contact: privacy@agencylens.app