Lensically logoLensically

Public Privacy Policy

Privacy policy

This page explains what information Lensically collects, how that information is used, how it is stored within the application, and how users can delete their data.

Effective date: March 14, 2026

Deleting your Lensically account permanently removes associated user data from the system. This action cannot be undone.

Official public review URL

The canonical public privacy policy for provider review is available at https://lensically.com/privacy.

What Lensically collects

  • Account information, including email address and password hash (for password-based accounts)
  • OAuth identity linkages for supported sign-in providers (Google, GitHub, Discord)
  • Session and cookie records used to authenticate requests and protect account access
  • Connected Threads account identifiers, access tokens, and profile metadata needed for product functionality
  • Feature usage records, limit counters, and operational metadata used for reliability and abuse prevention
  • Profile discovery, keyword search, insights, publish, and scheduling request/response data needed to perform requested actions
  • Scheduled posts and related publishing status records created by the user
  • Email delivery metadata for verification and password reset workflows (via configured provider infrastructure)

How Lensically uses data

  • Create and secure your account
  • Authenticate and maintain active sessions for authorized users
  • Provide Threads connection, profile discovery, keyword search, insights, publishing, and scheduling functionality
  • Operate and secure account settings, account deletion, and lifecycle workflows
  • Maintain service integrity, prevent abuse, and enforce feature usage limits
  • Process support requests, deletion requests, and provider-required compliance callbacks

How data is stored

Lensically stores application data in production infrastructure used to operate the service (including hosted database and API runtime components). Authentication uses server-managed sessions and secure cookies. Requests to third-party platforms are made only as needed to execute user-requested product actions and connected account features.

Lensically also uses third-party services where applicable for product operation, including Threads/Meta APIs, OAuth provider APIs (Google, GitHub, Discord), Cloudflare hosting/runtime infrastructure, and email delivery infrastructure.

Cookies and sessions

Lensically uses secure authentication cookies and server-side session records to keep users signed in and to authorize protected API routes. Session cookies are required for account access and authenticated functionality.

Data retention and deletion

Lensically retains account and feature data while your account is active and as needed to provide product functionality. You can initiate permanent deletion from authenticated account settings.

After account deletion, Lensically removes account-linked application records. For security and abuse prevention, limited identity tombstones may be retained for up to 7 days before expiring.

How users can delete data

Signed-in users can delete their account from the account settings page. That deletion flow permanently removes the Lensically account and associated application records tied to the user, including sessions, OAuth linkages, reset and verification tokens, usage tracking records, Threads linkage records, and scheduled posts.

Public deletion instructions are available at https://lensically.com/data-deletion.

If you cannot access your account, contact support@lensically.com for assistance.

Children and sensitive data

Lensically is not intended for children under 13. Please do not submit sensitive personal data that is not required for account authentication or core service use.