Home / Privacy Policy

Privacy Policy

Last updated: May 7, 2026

Lensfolio ("Lensfolio", "we", "us") is a portfolio tracking application. This Privacy Policy explains what data we collect, how we use it, and the choices you have. We've kept it short and human-readable on purpose.

The short version: We collect the minimum needed to run the service — your email, an encrypted password, and the portfolio data you choose to enter. We don't sell your data, we don't show ads, and we don't track you around the web.

1. Information we collect

Account information

When you create an account, we collect your email address and a password. Passwords are hashed and stored by our authentication provider — we never see or store your password in plain text.

Portfolio data

Lensfolio stores the data you choose to enter, including holdings, transactions, dividend payments, recurring contributions, scenarios, and snapshots. This data is associated with your account and synced to our cloud database so you can access it from any device.

Local device data

UI preferences (sidebar state, active dashboard, dismissed banners) and any third-party API keys you configure for optional live-data providers are stored in your browser's local storage and stay on your device. We do not upload your API keys to our cloud. When you are signed in, your portfolio data automatically syncs to your private Supabase row on every change so you can pick up on another device — sign-out leaves only the local cache, and demo mode keeps everything on your device.

What we do not collect

We do not collect your real-name identity, address, phone number, or government IDs.
We do not collect bank account or brokerage credentials.
We do not connect directly to your brokerage. You enter holdings manually or via bulk import.
We do not use third-party analytics or advertising trackers.

2. How we use your information

To authenticate you and keep you signed in across devices
To store and sync the portfolio data you create
To send critical service communications (security alerts, major changes)
To diagnose and fix bugs

3. Service providers we use

Lensfolio is built on top of trusted infrastructure providers who process data on our behalf. By using Lensfolio, you agree that your data may be processed by:

Supabase — handles authentication and stores your portfolio database. Their privacy practices: supabase.com/privacy
Cloudflare — hosts the website and provides DNS/CDN. Their privacy practices: cloudflare.com/privacypolicy

Optional integrations (only active if you provide your own API key):

Finnhub — live stock prices
Twelve Data — dividend schedules

When you connect one of these optional providers, the API requests are made directly from your browser to their servers. Lensfolio does not proxy or store the requests.

4. Sharing your data

We do not sell, rent, or share your personal information with third parties for their own marketing purposes. We share data only with the service providers listed above, and only to the extent necessary to operate Lensfolio.

We may disclose information if required by law (subpoena, court order) or to protect against fraud or security threats.

5. Your rights and choices

Export: You can export a complete copy of your data at any time from Settings → Export Backup in the app.
Delete: You can request deletion of your account and all associated data by emailing hello@lens-folio.com. We will process deletion within 30 days.
Access: The data Lensfolio holds about you is the data you see in your dashboard — nothing is hidden. You can review, correct, or remove it directly in the app.

6. Data security

We use industry-standard security practices: HTTPS for all traffic, hashed passwords, row-level security so users can only access their own data, and encrypted data at rest via our database provider. No system is perfectly secure, but we treat your data with the same care we'd want for our own.

7. Cookies and local storage

Lensfolio uses your browser's local storage to remember your session and preferences. We do not use third-party tracking cookies, advertising cookies, or analytics cookies that follow you across the web.

8. Children's privacy

Lensfolio is not intended for users under the age of 18. We do not knowingly collect data from children. If you believe a child has created an account, please contact us so we can delete it.

9. International users

Lensfolio is operated from the United States. If you use the service from outside the US, your data will be transferred to and processed in the US. By using Lensfolio you consent to that transfer.

10. Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we'll notify registered users by email and update the "Last updated" date above. Continued use of Lensfolio after changes means you accept the updated policy.

11. Contact us

Questions, requests, or concerns? Email us at hello@lens-folio.com.