Lensby New RebellionBack to Audit

Privacy Policy

Last updated: 21 March 2026

Also see our Terms of Service and the New Rebellion Privacy Policy.

What Lens Is

Lens is a free marketing audit tool built and operated by New Rebellion Pty Ltd (ABN 19 688 435 985). It lives at newrebellion.network/lens. You have a conversation about your marketing. We generate a scored report with benchmarks and a clear action plan. This policy supplements the New Rebellion Privacy Policy with details specific to Lens.

What We Collect

Information you share directly

/Your first name
/Your website URL
/Business details, marketing channels, budget ranges, goals and challenges shared during the conversation
/Contact details if you choose to book a call or send a message

Uploaded files

/Analytics exports, spreadsheets or other files you upload during the session (4MB limit per file)
/Files are processed in memory to extract marketing-relevant data for your report. Not permanently stored on our servers

Google Analytics data (optional)

/If you connect your GA4 account we pull read-only data (traffic, sources, pages, devices, events) for the previous 30 days
/We request only the analytics.readonly scope and cannot modify your Google Analytics configuration
/Access tokens are stored temporarily (up to 24 hours) then automatically deleted

Google Search Console data (optional)

/If you connect your Search Console account we pull read-only query and page performance data
/We request only the webmasters.readonly scope and cannot modify your Search Console configuration

Google Ads data (optional)

/If you connect your Google Ads account we pull read-only campaign performance data
/We cannot modify, create or delete campaigns, ads or settings in your account

Usage data

/We use GA4 on Lens itself to understand how the tool is used (session flow, feature adoption, drop-off points)
/Standard web analytics only. No personally identifiable information is sent to Google Analytics

How We Use Your Information

/Generate your personalised marketing audit report
/Provide benchmarks and recommendations relevant to your industry
/Enable you to book a call or send a message if you choose to
/Improve Lens and understand how it is used
/Build anonymised industry benchmarks across Australian businesses (no individual business data is published or shared)

We do not sell your information. We do not use your business data to train AI models. Your data is not shared with third parties beyond the service providers listed below.

Third-Party Services

/Anthropic (Claude API) processes the conversation and generates your report. Conversation content and analytics data are sent to Anthropic's API. Anthropic does not use API inputs to train models. Their usage policy is at anthropic.com/policies
/Vercel hosts the application. May log standard server information (IP addresses, request timestamps)
/Upstash (Redis) stores your audit report so you can revisit it via your report link. Google OAuth tokens expire within 24 hours
/Google Analytics collects anonymised usage data about how Lens is used
/Google OAuth handles authentication when you connect GA4, Search Console or Google Ads. We receive read-only access tokens only
/Clearbit is used to display your business logo on the report (public logo lookup by domain)
/Calendly handles call bookings under their own privacy policy
/Zapier processes webhooks when you send a message or share a report

Google API Integrations (OAuth)

When you connect your Google Analytics, Search Console or Google Ads account you are redirected to Google's OAuth consent screen. You grant Lens read-only access to the relevant data. We only request read-only scopes and cannot modify your Google configurations.

You can revoke access at any time from your Google Account at myaccount.google.com/permissions.

Lens's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Data Retention

/Audit reports are stored for 30 days so you can access them via your report link. After 30 days they are automatically deleted. Reports may contain your business name, URL, industry and marketing data as discussed during your session
/Conversation data lives in your browser's session storage (cleared when you close the tab) and local storage (persists for session recovery if you return). Not stored on our servers beyond the generated report
/Google OAuth tokens expire and are automatically deleted within 24 hours
/Uploaded files are processed in memory and not permanently stored
/Session export files (.txt) are saved to your device only if you choose to export your session. We do not retain a copy

Cookies and Local Storage

Lens uses browser session storage to maintain your conversation during your visit. We also use local storage to enable session recovery if you accidentally close the tab or your browser crashes. This data lives in your browser only.

Google Analytics may set cookies as part of standard web analytics. No advertising or tracking cookies are used by Lens.

Data Security

All data in transit is encrypted via TLS. Server-side data is stored in access-controlled environments. OAuth tokens are encrypted at rest. However, no method of electronic transmission or storage is 100% secure and we cannot guarantee absolute security.

Your Rights

Under the Australian Privacy Act 1988 you have the right to access, correct or request deletion of your personal information. To request deletion of a stored report or ask questions about your data, contact us below. We will respond within 30 days.

Children

Lens is a business tool. Not intended for anyone under 18.

Changes

We may update this policy from time to time. The date at the top of this page reflects the most recent revision.

Contact

New Rebellion Pty Ltd
ABN 19 688 435 985
Melbourne, Victoria, Australia
filip@newrebellion.network
newrebellion.network