LetterLens helps you understand letters, but it is not a lawyer and does not provide legal advice.

LetterLens

Privacy policy

Last updated: May 2026

Privacy is a priority for us. This policy describes what data we process and how.

We do not store letter content

Your document is processed only in server memory during the analysis. We do not save the original text or the uploaded file — not even when the analysis fails, errors out, or times out. We only save the structured analysis result (summary, deadlines, actions) according to the configured retention period — in ephemeral mode, for up to 24 hours.

We do not train models on your letters

Where the provider (Anthropic, OpenAI) allows it, we send zero-retention headers. We do not share your letters for model training.

Account and credentials

Running a full analysis requires an account with an active package. We store the email address, the email verification state, and a bcrypt password hash. Verification tokens are stored only as SHA-256 hashes — we never see the plaintext. We also store your active packages/credits and metadata about their usage. You can request deletion of your account at any time.

Administrator access

A LetterLens administrator can manually grant you a package or credits (for example in response to a support request) and can block accounts that violate the terms. Administrators only see account metadata and packages — never the content of your letters or the analysis results.

Payments

LetterLens does not process payments automatically inside the app. Paying for a credit package happens through an external PayPal or Revolut link. Payment confirmation and credit activation are performed manually by an administrator. We do not store card data or any other user financial information in our database; that data is handled by PayPal or Revolut respectively.

Usage metadata

We store minimal metadata for each analysis (time, jurisdiction, locale, status, AI provider). Letter contents and AI results are never written to these logs. Administrators can see account metadata and packages, never document contents.

Logs and audit

We keep a minimal event log (analysis time, document type, context, duration, escalation flags). We do not log letter content. IP addresses and user agents are hashed with a daily-rotating salt; they are not stored in plain text.

Deletion

Every analysis result has a "Delete analysis" button. Results are also deleted automatically after 24 hours.

External providers

We use language models from Anthropic or OpenAI for the analysis. Selection and configuration are described in the README. The letter text is sent to the provider only for the duration of the analysis.

Website analytics and performance

LetterLens uses Vercel Web Analytics to collect basic visit and page-view statistics for the public website, and Vercel Speed Insights to measure technical performance and Core Web Vitals (page load, responsiveness, layout stability). Both tools are privacy-friendly and do not use cookies — visitors are counted via anonymized daily hashes. We do not send document content, analysis results, your account email, payment details, or any user identifiers to analytics or Speed Insights. The data helps us understand traffic and improve the page speed and reliability of the public website.

Contact

To exercise your GDPR rights, write to us at: hello@letterlens.eu.

Privacy — LetterLens