Lens Finance
The core of this policy in one sentence:
Your financial data never leaves your device. Lens does not collect it, store it on servers, sell it, or share it. What you enter stays on your phone.
Edniroya Ltd ("Lens", "we", "us") operates the Lens Finance mobile application (the "App").
To contact us, email hello@edniroya.com or use the Share Feedback option in Settings → Support.
Lens is engineered so that your financial data never reaches a Lens server. There is no Lens cloud database. All financial information is stored in a local database on your device only, protected by iOS Data Protection at rest.
This means:
The following data is stored exclusively on your device. It is never transmitted to Lens:
While Lens itself does not collect your data, the App uses a small number of third-party services that process limited, non-financial information to function.
RevenueCat — Subscription and in-app purchase management. Receives a pseudonymous device ID and your App Store purchase receipt. No financial data. No name or email.
Firebase (Google) — Push notifications for bill reminders (if you opt in). Receives a pseudonymous device notification token. No financial data. Notifications are off by default.
Google Gemini API — AI receipt parsing and Ask AI (Pro only). Receives only receipt OCR text or a downscaled image for parsing, or your Ask AI question and the financial snapshot for answering. Lens uses the paid Gemini tier. Google states that prompts and responses submitted through the paid Gemini API are not used to train Google's models. See Google's API terms at ai.google.dev/gemini-api/terms for the full data handling policy.
Firebase Cloud Functions (Google) — All AI requests (both Ask AI and AI receipt parsing) are sent first to a Lens-operated Cloud Function which verifies your Pro entitlement, counts your monthly AI usage, and forwards the request to the Gemini API on your behalf. The Gemini API key is held server-side; it does not exist in the app binary. Lens does not log prompt content, image bytes, or responses.
Bank Sync provider (TBD) — Automatic transaction sync from UK bank accounts (paid add-on, coming later). Details will be confirmed when the provider is selected and this policy is updated.
Apple — App distribution and in-app purchases. Governed by Apple's own terms. Lens receives only subscription entitlement status.
Lens does not sell, rent, or share any data with third parties for advertising or marketing purposes.
If you enable bill reminders or other push notifications in Settings, the App registers a pseudonymous device token with Firebase Cloud Messaging (Google). This token is used solely to route notifications to your device. It is not linked to your identity or your financial data.
Notifications are disabled by default. You can turn them off at any time in Settings or in your device's notification settings.
If you enable Face ID, Touch ID, or fingerprint lock, all authentication is handled by your device's operating system. Lens does not have access to your biometric data. The App receives only a pass or fail result from the OS.
The backup feature exports a file of your App data to a location you choose (typically iCloud Drive on iOS). This file is transferred directly between your device and your chosen storage service. Lens does not receive or store copies of your backups.
The security of your backup depends on the security of your chosen cloud storage account; iCloud Drive encrypts files at rest by default.
CSV files are processed entirely on your device. Exported CSV files are shared via your device's native share sheet to wherever you choose to send them. Lens does not receive copies.
Receipt scanning uses two paths depending on your tier:
Ask AI (Pro only) follows the same routing: your question and a snapshot of your financial data are sent through the same Lens-operated Cloud Function to Google's Gemini API. Lens does not log prompt content, image bytes, or responses. The snapshot includes only the data needed to answer your question, never raw transactions or account credentials.
Receipt images are not stored after processing.
10. Bank Sync add-on (coming later)
The Bank Sync add-on is not yet live. When it launches, this policy will be updated to cover the specific open banking provider selected, the data they access, and how the token exchange works. The core principle will remain the same: transaction data is fetched, passed to your device, and stored locally. The server component acts as a pass-through only.
Lens Finance is not directed at children under 13. If you believe a child under 13 has provided data through the App, please contact us at hello@edniroya.com and we will address it promptly.
Lens is a tracking tool, not a financial adviser. The data displayed in the App reflects only what you have entered. It is not financial advice. See the Terms of Service for more detail.
Because Lens does not collect or hold your financial data, most data subject rights (access, deletion, rectification) are exercised directly on your device by editing or deleting the App. For data held by our third-party processors (RevenueCat, Firebase), please refer to their respective privacy policies. To exercise rights regarding any limited data we may hold, contact hello@edniroya.com.
We will update this policy if our practices change. Material changes will be notified within the App. We will also update it when the Bank Sync provider is confirmed.
The "Last updated" date at the top reflects the most recent version.
Questions about this policy? Email us at hello@edniroya.com or use the Share Feedback option in Settings → Support.