Last updated: June 4, 2026
This Privacy Policy explains how Anna Moore (sole trader) trading as PageLens AI (“we”, “us”, “our”) collects, uses, stores, and protects your personal data when you use the PageLens AI service (pagelensai.com).
We are committed to protecting your privacy and complying with the UK General Data Protection Regulation (UK GDPR), the EU GDPR (where applicable), and the Data Protection Act 2018.
Data Controller
Name: Anna Moore (sole trader)
Trading as: PageLens AI
Address: 6 Farm Lane, Send, Surrey, GU23 7AT, United Kingdom
Contact: privacy@pagelensai.com
When you create an account we collect:
Authentication is handled via email/password, passwordless magic links, Google OAuth, or GitHub OAuth. If you create a password, we store a one-way bcrypt hash of that password, not the raw password.
When you submit a URL or route list for scanning, our automated worker accesses the pages you ask us to scan. This may include authenticated application routes where you create an auth profile for a verified domain and provide a dedicated test account. Scans run from Amazon Web Services (AWS) infrastructure in the scan region selected at submission time. The default scan region is AWS London (eu-west-2).
For authenticated scans, we also store the auth profile label, login URL, allowed route scope, username preview, and encrypted references to the username and password. The raw password is not returned through normal customer APIs. Authenticated scan reports, screenshots, page text, HTML, metrics, summaries, and exports may contain private application data.
If you verify a domain or configure ongoing site management features, we store the domain name, verification method, verification timestamps, badge settings, recurring Health Watch schedule state, alert-channel settings, competitor domains, AI citation prompts, deploy hooks, API keys, domain folders, archived/starred preferences, and related setup metadata.
If you connect Google Search Console, we store the connected site, connection metadata, and an encrypted refresh token so we can fetch Search Console data you request. If CrUX enrichment is configured, we may request field data from Google's CrUX API for the URLs or origins being analysed. We do not sell this data or use it for unrelated marketing.
Payment processing is handled by Stripe. We do not store your full credit card details. We only store:
If you choose to leave feedback (NPS, sentiment, written comments), we store it against your account. If you opt in, we may publish your testimonial on our website with a display name and company you provide. You can revoke this consent at any time by emailing privacy@pagelensai.com.
We automatically collect:
We use strictly-necessary cookies for authentication and session management. With your consent we also use Google Analytics for aggregate usage analysis (with IP anonymisation enabled), PostHog for product analytics such as page views, feature usage, and basic funnel diagnostics, and Reddit Ads measurement to understand whether Reddit campaigns lead to visits and conversions. See our Cookie Policy for full details and to manage your preferences.
If you use the PageLens AI ChatGPT app without linking a PageLens account, ChatGPT sends us the public URL you ask to scan and any optional launch context you provide, such as the builder platform or launch moment. We fetch and crawl that public URL, create an anonymous launch-readiness scan, and store the scan metadata, page evidence, findings, launch verdict, and public report link needed to show the result.
Anonymous ChatGPT app scans are not attached to a logged-in PageLens customer account and cannot access saved customer reports, private scans, verified domains, finding feedback, or customer decision history. We use rate limits, budget controls, abuse detection, and server logs to operate and protect this public scan flow. To request deletion of a ChatGPT app scan or report link, contact privacy@pagelensai.com with the report URL or scan details.
We process your account data, scan submissions, and payment data to deliver the Service you signed up for, including one-off scans, account plans, recurring Health Watch, alerts, developer automation, and integrations you configure. This is necessary for the performance of our contract with you.
We process usage data to:
We may process data where required by law (e.g. responding to lawful requests from authorities, retaining tax records).
For non-essential cookies, analytics, marketing emails, and public display of testimonials, we rely on your explicit, freely-given consent. You can withdraw consent at any time without affecting services that depend on contract or legitimate interest.
When you create an account, submit a free trial scan, run an audit, verify a domain, or configure monitoring, we may send relevant onboarding, reminder, report, Health Watch, and service-update emails. Transactional messages are sent so we can deliver and support the Service. Product updates, trial nurture, newsletters, and similar proactive messages are marketing emails and can be stopped at any time using the unsubscribe link in the email footer or via your account settings.
You may separately opt in to our newsletter for web quality tips, vibe coding guides, and product updates. We will only send marketing newsletters if you have explicitly opted in. You can manage this preference in your account settings or unsubscribe via the link in any newsletter email.
We use your data to:
We do NOT
Your data is stored with the following trusted sub-processors:
/api/screenshots.eu-west-2) by default.When data is transferred outside the UK/EU, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) or adequacy decisions.
We share data with the sub-processors listed in section 5, strictly for the purpose of operating the Service.
Reports are private by default. If you choose to share a report link, anyone with that unique tokenised URL can view it. You can revoke share links from your dashboard at any time.
Authenticated scan reports are treated as private organization data and public share links are disabled by default because they may include private screenshots, page text, and application state.
We may disclose data where required by law, court order, or to protect our legal rights.
If the PageLens AI business is sold or merged, your data may be transferred to the new owner. You will be notified.
Self-service deletion
You can delete your account and all associated data instantly from Account Settings. No need to contact support or wait for manual processing.
You have the following rights:
Request a copy of all personal data we hold about you. You can self-serve this from Account Settings via the “Export my data” button, which downloads a JSON file containing your profile, all scans, all findings, all payments, and all feedback.
Update incorrect or incomplete data via your account settings or by emailing privacy@pagelensai.com.
Delete your account and all associated data at any time from Account Settings. This permanently deletes:
Important: account deletion is permanent and cannot be undone. We recommend exporting your data first.
Export all your data in JSON format from Account Settings. Machine-readable, ready to transfer to another service.
You can ask us to stop processing your data in specific circumstances by emailing privacy@pagelensai.com.
You can object to processing based on legitimate interests or for marketing purposes.
Where processing is based on consent (analytics cookies including Google Analytics, PostHog, and Reddit Ads measurement, marketing emails, public testimonials), you can withdraw consent at any time without affecting the lawfulness of prior processing.
How to exercise your rights
Most rights can be self-served from Account Settings. For everything else, email privacy@pagelensai.com. We will respond within 30 days.
We implement appropriate technical and organisational measures to protect your data:
However, no system is 100% secure. We cannot guarantee absolute security but we take all reasonable steps to protect your data and will notify affected users within 72 hours of becoming aware of a personal-data breach, in line with UK GDPR Article 33.
PageLens AI is not intended for use by anyone under the age of 18. We do not knowingly collect data from children. If you believe a child has provided us with personal data, please contact privacy@pagelensai.com and we will delete it.
We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the Service. The “Last updated” date at the top indicates the most recent revision.
If you believe we have not handled your data properly, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):
Information Commissioner's Office (ICO)
Website: ico.org.uk
Phone: 0303 123 1113
Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
If you have questions about this Privacy Policy or how we handle your data:
Data Controller: Anna Moore (sole trader)
Trading as: PageLens AI
Address: 6 Farm Lane, Send, Surrey, GU23 7AT, United Kingdom
Email: privacy@pagelensai.com
© 2026 Anna Moore trading as PageLens AI. All rights reserved.