Legal

Privacy Policy

Last updated: March 23, 2026

1. Who We Are

LabLens (lablens.co) is an AI-powered health education service. This Privacy Policy explains how we collect, use, store, and protect your information when you use our Service.

2. Information We Collect

Information you provide

  • Mobile phone number (used for OTP-based authentication)
  • Name and email address (optional, provided during onboarding)
  • Lab report PDFs that you upload
  • Family member names and relations you add to your account

Information collected automatically

  • Device fingerprint (used to prevent free report abuse)
  • IP address (used to prevent free report abuse)
  • Usage data including pages visited and features used
  • Report upload history and analysis results

3. How We Use Your Information

  • To authenticate your identity via phone OTP
  • To process and analyze your uploaded lab reports
  • To store your report history and health trends
  • To deliver analysis results to your email if provided
  • To prevent abuse of the free report offer
  • To improve our AI models using anonymized, aggregated data
  • To communicate service updates, maintenance, or changes
  • To process payments via Razorpay

4. Lab Report Data

We treat your health data with the highest care:

  • Uploaded PDFs are processed in memory and deleted from our servers immediately after analysis
  • Extracted marker data and AI-generated analysis are stored securely in your account
  • Raw PDF files are never stored permanently on our servers
  • Health data is never sold to third parties, advertisers, or insurance companies
  • We do not share your identifiable health data with any third party without your consent
  • Anonymized, aggregated health trends may be used internally to improve the Service

5. Third-Party Services

We use the following third-party services to operate LabLens:

  • Firebase (Google) — authentication, database, and hosting
  • Anthropic Claude — AI analysis of lab reports. Your report data is sent to Anthropic's API for processing. See Anthropic's privacy policy at anthropic.com
  • Razorpay — payment processing. We do not store card or UPI details
  • Resend — transactional email delivery
  • Google Cloud Run — API hosting
  • FingerprintJS — device fingerprinting to prevent free report abuse

Each third party operates under their own privacy policy. We share only the minimum data necessary for each service to function.

6. Data Storage and Security

  • All data is stored on Google Firebase infrastructure with encryption at rest
  • All data transmission uses HTTPS/TLS encryption
  • Access to user data is restricted to authenticated account holders
  • We do not store passwords — authentication is via OTP only
  • Payment information is handled entirely by Razorpay and never touches our servers
  • Despite our security measures, no system is 100% secure. We cannot guarantee absolute security of your data

7. Data Retention

  • Account data is retained for as long as your account is active
  • Report analysis and marker history is retained indefinitely unless you request deletion
  • Uploaded PDF files are deleted immediately after processing
  • You can request complete account deletion at any time

8. Your Rights

You have the right to:

  • Access all data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your account and all associated data
  • Withdraw consent for optional data uses
  • Receive a copy of your data in a portable format

To exercise any of these rights, email us at govindmh14@gmail.com. We will respond within 30 days.

9. Children's Privacy

LabLens is not intended for use by children under 18. We do not knowingly collect personal data from minors. If you believe a minor has used our Service, contact us and we will delete the data promptly. Parents may create family member profiles for minors within their own account.

10. Cookies and Tracking

  • We use Firebase authentication cookies necessary for account sessions
  • We do not use advertising cookies or third-party tracking pixels
  • Device fingerprinting is used solely to enforce the one-free-report policy
  • We do not serve advertisements and do not allow advertisers to track you

11. Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised "Last updated" date. For material changes affecting how we handle your health data, we will notify you via email if you have provided one.

12. Contact Us

For privacy-related questions, data requests, or concerns, contact us at:

govindmh14@gmail.com

We aim to respond to all privacy inquiries within 7 business days.