Effective 10 July 2026
This policy explains how LensInvoice collects, uses and protects personal information, in line with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).
Account data: your name, email, password (hashed) and business details (name, ABN, address, branding). Client records you enter:your clients’ business and contact details, invoices, quotes and licence terms — you are responsible for having a lawful basis to enter this information. Payment data: handled by Stripe; we store payment status and amounts, never card numbers. Usage data: logs needed to operate and secure the Service (IP address, actions, email delivery events).
To provide the Service (creating and delivering invoices, processing payments, sending reminders and receipts on your behalf), to secure and improve the Service, and to contact you about your account. We do not sell personal information, and we do not use your clients’ details for marketing.
Service providers who process data on our behalf: Supabase (database and authentication, hosted in AWS Sydney, ap-southeast-2), Vercel (application hosting), Stripe (payments) and Resend (transactional email). Each provider is bound by its own security and privacy commitments. Some providers process data outside Australia (e.g. the United States); we take reasonable steps to ensure they handle it consistently with the APPs. We disclose information to authorities only where required by law.
Invoice, quote, reminder and receipt emails are sent to your clients at your direction. Reply addresses point to you, not us. We log delivery status so you can see what was sent.
Data is encrypted in transit and at rest, access is restricted by row-level security, and secrets are never exposed to browsers. We retain your data while your account is active. Deleting your account permanently deletes your business, clients, invoices and payment records — export anything you need for tax purposes first.
You can access and correct almost everything directly in the app. For anything else — access, correction, deletion requests or privacy complaints — email privacy@lensinvoice.appand we’ll respond within 30 days. If you’re unsatisfied with our response you can complain to the Office of the Australian Information Commissioner (oaic.gov.au).
We use essential cookies only: session authentication. No advertising trackers.
We’ll post any changes here and note the new effective date; material changes will be notified in-app or by email.
See also our Terms of Service.