Privacy Policy

This policy explains, in simple terms, how Viewer Lens handles the information needed to provide our comment analysis service.

Last Updated: May 2026

1. Information We Collect

Account Information

We may collect details such as your name, email address, login details, plan status, and basic account preferences.

Platform Content

When you use Viewer Lens, we process the platform URLs you submit (e.g. YouTube video links) and the publicly available comments or posts fetched from those URLs. This content is used solely to generate the analysis you request.

Usage Information

We may collect basic usage, device, browser, and session information to keep the service reliable, secure, and easier to improve.

2. Platform Data & Third-Party APIs

We only access publicly available content — never private accounts, inboxes, or personal data beyond what the platform makes public.

Access model depends on the platform

YouTube: You can analyse publicly available videos by URL without connecting an account. If you choose to connect your own YouTube channel, we use Google OAuth read-only access to verify the channel, show your uploaded videos, and generate channel-level analytics for that connected channel.

Reddit: No account connection required. You can analyse publicly available threads — no ownership verification is performed.

Instagram & Facebook: Account connection required via OAuth. You can only analyse your own connected pages and posts — not arbitrary public profiles. This is enforced by the Meta API, not just by our policy.

In all cases you are responsible for ensuring your use of analysis results complies with applicable law and platform rules.

YouTube

Under Google verification

We use the YouTube Data API v3 to fetch public video metadata and comments for video analysis. If you connect your YouTube channel, we also use read-only OAuth access to verify the channel identity, retrieve basic channel metadata, list your uploaded videos, and generate private channel analytics such as audience memory, growth opportunities, content ideas, and relation maps. Data is used solely for your requested analysis and is not shared with advertisers. By using this feature you also agree to the YouTube Terms of Service. Google's collection and use of data is governed by the Google Privacy Policy.

Data fetched: comment text, author display name, like count, timestamp, video title, channel name, published date, comment count, channel ID, channel title, handle, thumbnail, subscriber/view/video statistics, and upload list for connected channels. Author display names are stored internally but masked in the app — only the first character is shown (e.g. @J***) to protect commenter privacy.

Viewer Lens requests read-only YouTube access only. We do not upload, edit, delete, publish, comment, modify playlists, or change YouTube channel settings. The YouTube channel connection and Channel Analytics flow is currently under verification with the Google team.

Instagram & Facebook

Planned
Account connection required. The Meta Graph API requires OAuth authentication. You must connect your Facebook or Instagram account, and Viewer Lens can only access comments on your own posts and pages — not arbitrary public profiles. We request the minimum permissions necessary and never access private messages or personal data beyond what is needed for analysis.

When you connect your Meta account, we receive an OAuth access token scoped to the permissions you approve. This token is stored securely and used only to fetch your content for analysis. You can revoke access at any time from Account Settings or directly via Facebook App Settings. Data processing is governed by the Meta Privacy Policy.

Data fetched: comment text, commenter display name, like count, timestamp, and post metadata for your connected pages/profiles only.

Reddit

Planned
No account connection required. Reddit's public API allows read-only access to comments on public posts and subreddits without OAuth. No ownership verification is performed — you can analyse any publicly accessible thread, similar to YouTube.

Data fetched is limited to public post and comment content. No Reddit account data, private messages, or subreddit membership information is accessed. Use is governed by the Reddit Privacy Policy.

Data fetched: comment text, author username, upvote count, timestamp, and post/thread metadata for public content only.

3. AI Processing

Comment text is sent to a third-party AI provider to generate analysis. No personal account data is included.

Google Gemini

We use Google Gemini to analyse comment text and generate themes, sentiment scores, summaries, and content ideas. To do this, fetched comment text is sent to Google's Gemini API as part of the analysis request.

Data sent

Comment text and video/post metadata only — no account details, email, or payment data

Purpose

Generating analysis results shown in your report

Data location

Google Cloud infrastructure

Google may process this data in accordance with its own terms. We do not use your content to train AI models and do not send any data beyond what is required to complete your requested analysis.

4. How We Use Information

We use information only for reasonable business and product purposes, including:

  • Creating and managing your account.
  • Running comment analysis and showing your results.
  • Managing subscriptions, payments, limits, and feature access.
  • Sending important account, support, and service messages.
  • Improving reliability, security, and the overall product experience.

Your content, analysis results, ideas, and insights remain yours. We do not claim ownership over them.

5. Sharing Information

Service Providers

We share data with trusted service providers who help us run the product. These include:

  • Google GeminiAI analysis — receives comment text to generate insights
  • RazorpayPayment processing — receives billing details only
  • PostHogProduct analytics — receives usage events (with your consent)
  • Microsoft ClaritySession recording — receives anonymised interaction data (with your consent)
  • Email providerTransactional email — receives your email address to send account notifications

Each provider is expected to use data only for the services they provide to us and in compliance with applicable data protection law.

We do not sell your personal information.

We also do not share your private analysis results with other users unless you choose to share them, or we are required to do so by law.

6. Security

How We Protect Data

We use reasonable technical, organisational, and access-control measures to protect account and service data. However, no online service can be guaranteed to be completely secure, so please keep your account credentials safe.

7. Retention & Deletion

Keeping Data Only as Needed

We keep information for as long as needed to provide the service, support your account, meet legal obligations, resolve disputes, and maintain security.

You may request account deletion or data removal by contacting us or using Account Settings. Some records may be retained if required for legal, tax, security, or legitimate business reasons.

8. Your Choices

Depending on your location and applicable law, you may ask us to access, correct, export, or delete your personal information.

  • You can update account details from your account settings.
  • You can delete your account and all associated data directly from Account Settings.
  • You can turn off in-app analytics at any time from Account Settings → Analytics & Privacy.
  • You can change or withdraw your cookie consent at any time via the cookie settings button at the bottom of any page.
  • You can contact us for any other privacy-related requests or questions.

9. Cookies & Consent

Your cookie experience may differ depending on your country. EU, EEA, and UK visitors are always shown an explicit consent prompt before any analytics cookies are set.

Necessary Cookies

Always active. Required for session management, authentication, security tokens, and core site functionality. These cannot be disabled.

Analytics Cookies

Used by Microsoft Clarity (session recordings, heatmaps) and PostHog (product analytics, page views, feature usage).

EU / EEA / UK

Analytics cookies are off by default. A consent banner is shown on your first visit and analytics are only activated after you explicitly accept. This complies with GDPR and UK GDPR.

All other regions

Analytics cookies are on by default to help us improve the service. You can opt out at any time using the cookie settings button at the bottom of any page — your choice is saved for up to 6 months.

Marketing Cookies (currently not in use)

Reserved for future ad retargeting or conversion tracking. No marketing cookies are currently active. We will update this policy and request consent before activating any.

Your consent choice is shared across all Viewer Lens services (marketing site and app) via a shared cookie on .viewerlens.com and stored for up to 6 months. You can review or change your preferences at any time via the cookie icon at the bottom of any page.

10. Analytics Processors

These processors only receive data if you have consented to analytics cookies.

Microsoft Clarity

Analytics

Session recordings, heatmaps, scroll depth, and click analysis. Helps us identify UX friction and improve page layouts. Clarity automatically masks sensitive input fields and does not record passwords.

Data collected

Mouse movements, clicks, scroll, anonymised DOM snapshots

Cookies set

_clck, _clsk, _cltk

Data location

Microsoft Azure (US & EU regions)

Retention

13 months (Microsoft default)

Microsoft Privacy Statement →Opt out of Clarity →

PostHog

Analytics

Product analytics including page views, feature usage, conversion funnels, and user journey analysis. Used to understand which features are most valuable and where users encounter difficulty.

Data collected

Page URLs, click events, session duration, referrer, browser type

Cookies set

ph_* (1st-party)

Data location

PostHog Cloud EU (eu.i.posthog.com)

Retention

1 year (PostHog default)

PostHog Privacy Policy →PostHog GDPR guide →

Neither processor receives data until you consent. You can withdraw consent at any time — both tools will stop collecting new data immediately. Existing data is subject to each processor's own retention and deletion policies.

11. California Residents

Under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), California residents have additional rights regarding their personal information.

We do not sell or share your personal information for cross-context behavioural advertising.

Analytics data collected with your consent is used only for our own product improvement — it is not shared with third-party advertisers for targeting purposes.

You may exercise your rights to know, delete, correct, or limit use of your personal information by contacting us at support@viewerlens.com.

12. Contact Us

If you have questions about this Privacy Policy or how your data is handled, contact us at:

Email

support@viewerlens.com

Simple Summary

We collect what is needed to run Viewer Lens — account details, publicly available platform content you ask us to analyse, and optional usage analytics. We use Google Gemini to process comment text for AI analysis. We do not sell personal information. You can contact us with privacy requests at any time.