Privacy

Privacy Policy

Updated March 2026

Official Lensart document

This policy explains what data Lensart collects, why it is processed, how AI-generation providers are involved, and how we handle retention, deletion, and LGPD rights.

Section 01

1. Data We Collect

We collect the following information when you use Lensart:

  • Account data: full name, email address, and password, stored as a secure hash through Supabase Auth.
  • Biometric images: photos submitted for training your personalized AI model. These images are treated as sensitive data under the LGPD.
  • Payment data: processed by Stripe. Lensart does not store credit card data.
  • Usage data: image generation logs, selected style, and generated portrait history.
  • Cookies and sessions: used for authentication and browsing preferences.

Section 02

2. Why We Process Data

We process personal data only as needed to operate, secure, and improve Lensart.

  • Account and login data: to create your account, authenticate you, communicate about the service, and provide support.
  • Uploaded photos and generated portraits: to process your requests, generate portraits, store results in your account, and respond to deletion or support requests.
  • Payment and transaction data: to process purchases, prevent fraud, issue invoices or receipts, and comply with tax and accounting obligations.
  • Usage and technical data: to monitor reliability, prevent abuse, investigate failures, and improve service operations.

Section 03

3. Images and AI Processing

The photos you submit are used to provide the portrait generation service linked to your account.

  • Uploaded reference images are stored so we can validate inputs, generate portraits, and support your account experience.
  • Generated portraits are stored so you can access them in your account until they are deleted under our retention practices or at your request.
  • To deliver the service, we may send your images and prompts to third-party processors, including Replicate, that help us run AI generation.
  • Lensart does not use customer images to train its own foundation models.

Section 04

4. Sharing and International Transfers

We share personal data only with service providers that help us operate Lensart.

  • Supabase: authentication and database infrastructure
  • Storage providers: secure file storage for uploaded and generated images
  • Replicate: AI processing for image generation
  • Stripe: payment processing
  • Resend: transactional email delivery

Some providers may process data outside Brazil. When international transfers occur, we use contractual and operational safeguards where appropriate.

Section 05

5. Storage and Security

Your data is stored using providers selected to support security and service reliability.

  • We use encryption in transit (TLS/HTTPS) for communications with our services.
  • Access to personal data is limited to authorized personnel and systems that need it to operate the service.
  • We apply access controls and infrastructure protections designed to reduce unauthorized access, misuse, or disclosure.
  • No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

Section 06

6. Cookies

We use strictly necessary cookies and similar session technologies for authentication, security, and core product functionality.

Section 07

7. Your Rights (LGPD)

Under Brazil's General Data Protection Law, you may request confirmation, access, correction, portability, deletion, and withdrawal of consent where applicable.

To exercise your rights, contact us at privacidade@lensart.ai.

Section 08

8. Data Retention and Deletion

We keep personal data only for as long as needed for the purposes described in this policy, subject to legal and operational requirements.

  • Account profile data is generally retained while your account remains active.
  • Uploaded reference images and generated portraits are generally retained while needed to operate your account.
  • Transaction logs may be kept to comply with tax, security, and dispute-resolution obligations.

Section 09

9. Minors

Lensart is intended for users aged 18 or older. We do not intentionally collect data from minors.

Section 10

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you by email or in-app notice of significant changes.

Section 11

11. Contact and DPO

For privacy questions or to exercise your rights, contact us at privacidade@lensart.ai.

Last updated: March 2026