Privacy Policy

1. Who we are

RedLens is a product of Redlens Technologies Ltd, a company incorporated in England and Wales. We can be contacted at privacy@redlens.tech.

2. What data we collect and why

RedLens collects the following data when you use our service:

• Social media viewing history: videos viewed (title, creator, and date of viewing), accessed through official data portability APIs with your explicit consent. This data is used solely to generate content insights, conversation guides, and real-world activity suggestions for your family.
• Search history: search terms from connected social media accounts, used to understand content interests and provide context for conversations.
• Likes and favourites: videos liked or favourited on connected accounts, used alongside viewing history to understand content interests.
• Account information: your name and email address used to create your RedLens account, and your child's first name and birth year, used to set age-appropriate defaults.
• Approximate location (optional): a town or area entered by the parent, used only to suggest real-world activities and events near your family. We never collect precise location and never track or derive location from your child's device or activity.

3. Legal basis for processing

We process your data on the basis of your explicit consent (UK GDPR Article 6(1)(a)) and, where applicable, the legitimate interests of the child's parent or guardian in supporting their child's wellbeing (UK GDPR Article 6(1)(f)). Children's data is processed with the knowledge and consent of both the child and the parent or guardian.

4. How we use your data

We use the data described above to:

• Analyse content against our harm dimension taxonomy and generate insight reports
• Generate conversation guides and talking points for parents
• Suggest real-world activities aligned with a child's interests
• Improve the accuracy of our content analysis

We do not use your data for advertising, profiling for commercial purposes, or any purpose not listed above.

5. Data sharing

We do not sell, rent, or share your personal data with third parties, except:

• With service providers who process data on our behalf under strict data processing agreements (e.g. cloud infrastructure, AI inference services)
• Where required by law, court order, or regulatory authority

6. Data retention

We retain your data for as long as you maintain an active RedLens account. If you close your account, we will delete your data within 30 days, except where we are required by law to retain it for longer. You may request deletion of your data at any time. See Section 8.

7. Social media platform data

RedLens accesses your social media data only through official data portability APIs with your explicit authorisation. We do not store raw social media credentials. Access can be revoked at any time through the relevant social media platform's settings. When you disconnect a platform, all data from that platform is removed from RedLens within 7 days.

8. Your rights

Under UK GDPR, you have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your data ("right to erasure")
• Restrict how we process your data
• Port your data to another service
• Object to processing based on legitimate interests
• Withdraw consent at any time (this will not affect the lawfulness of processing before withdrawal)

To exercise any of these rights, contact us at privacy@redlens.tech. We will respond within 30 days.

9. Children's data

RedLens is designed for use by parents and children together. We do not knowingly collect data from children under 13 without verified parental consent. For children aged 13-17, both parental and child consent is required before any data is processed. Parents may request deletion of their child's data at any time.

10. Security

We use industry-standard security measures including encryption in transit and at rest, access controls, and regular security reviews. In the event of a data breach that is likely to result in a risk to your rights, we will notify the ICO within 72 hours and affected users without undue delay.

11. Contact and complaints

For any privacy-related questions, contact us at privacy@redlens.tech. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

12. Changes to this policy

We may update this policy from time to time. We will notify registered users of material changes by email. Continued use of RedLens after changes are notified constitutes acceptance of the updated policy.