Privacy Policy
Last updated: April 2026. This policy explains how FlipLens collects, uses and protects your personal data under UK data protection law (UK GDPR and the Data Protection Act 2018).
Plain-English summary
- We collect only the information we need to run FlipLens and keep your account working.
- We do not sell your personal data.
- You can ask us to access, correct or delete your personal data at any time.
- If you are unhappy with how we handle your data, you can complain to the ICO.
1. Who is responsible for your data
FlipLens is the trading name of [Jamie Blanthorn], a business operating from the United Kingdom.
- Business address: [INSERT REGISTERED ADDRESS OR BUSINESS ADDRESS]
- Data protection contact: privacy@fliplens.co.uk
For the purposes of UK data protection law, we are the “data controller” for the personal data described in this policy.
2. What personal data we collect
- Account data — your name, email address, password (stored as a one-way hash), and the plan you are on.
- Usage data — scan history, keywords searched, condition and platform selections, favourites, Saved Searches, Flip of the Day interactions, and optional weekly report or alert preferences.
- Billing data — subscription plan, status, billing timestamps, and a payment-processor customer identifier. We do not see or store your full card number; that is held by our payment processor (Stripe).
- Technical data — IP address, browser type, device information, and server log entries used to secure and debug the service.
- Communications — if you contact support, we keep the contents of that correspondence to help resolve your query.
3. Why we process your data and our lawful bases
| Purpose | Lawful basis |
|---|---|
| Create and maintain your account, authenticate you, run scans, show pricing and history | Performance of a contract (providing the service you signed up for) |
| Process subscription payments and manage billing | Performance of a contract |
| Enforce usage limits, detect abuse, protect the service | Legitimate interests (keeping the service secure and fair for all users) |
| Understand how features are used, fix bugs, decide what to improve (using aggregated or anonymised data where possible) | Legitimate interests (improving the product) |
| Send transactional emails (billing confirmations, password resets) | Performance of a contract |
| Optional analytics or improvement cookies | Consent (you can accept or decline via the cookie banner) |
| Comply with legal obligations (tax, fraud prevention, law enforcement requests) | Legal obligation |
4. Cookies and local storage
We use a small number of cookies and browser local-storage items to operate FlipLens:
- Strictly necessary — authentication token (keeps you signed in) and cookie-consent preference. These are required for the service to work and cannot be declined.
- Optional / analytics — if you accept cookies via the banner, we may use lightweight analytics to understand overall usage patterns. These are only set after you click “Accept”.
You can change your cookie preference at any time by clearing your browser storage or using your browser’s cookie settings. See our Terms for more on how the service operates.
5. Who we share data with
We do not sell your personal data. We share limited information with the following categories of service provider, solely to operate FlipLens:
- Hosting and infrastructure — cloud providers that run our servers and databases (e.g. Railway, or equivalent).
- Payment processing — Stripe, which handles subscription billing and card payments on our behalf.
- Transactional email — an email delivery provider (e.g. Resend) used for account-related emails such as billing confirmations and password resets.
Each provider processes data only for the tasks we specify and is required to protect it appropriately. We may also disclose data where required by law or to respond to a valid legal request.
6. International transfers
Some of our service providers operate outside the United Kingdom. Where personal data is transferred outside the UK, we rely on appropriate safeguards recognised under UK data protection law, such as standard contractual clauses or an adequacy decision, to ensure your data continues to receive adequate protection.
7. How long we keep your data
- Account data — retained while your account is active and for a reasonable period after closure to handle any outstanding issues.
- Scan history and favourites — retained while your account is active so you can review past results.
- Billing records — retained for up to 7 years after the end of a subscription to meet UK tax and accounting obligations.
- Technical logs — retained for up to 90 days for security and debugging purposes, then deleted or anonymised.
- Flip of the Day cache — summarised data retained for up to 30 days for display purposes.
If you delete your account and request erasure, we will remove or anonymise your personal data unless we are legally required to keep it (for example for tax records or fraud prevention).
8. Your rights
Under UK data protection law, you have the right to:
- Access — request a copy of the personal data we hold about you.
- Rectification — ask us to correct inaccurate or incomplete data.
- Erasure — ask us to delete your personal data, where appropriate.
- Restriction — ask us to limit how we use your data in certain circumstances.
- Objection — object to processing based on legitimate interests.
- Portability — receive your data in a structured, commonly used, machine-readable format.
- Withdraw consent — where processing is based on consent (e.g. optional cookies), you can withdraw it at any time.
To exercise any of these rights, email us at privacy@fliplens.co.uk. We aim to respond within one month.
If you are not satisfied with how we handle your request, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s data protection supervisory authority.
9. Security
We use reasonable technical and organisational measures to protect your data, including encryption in transit (HTTPS), hashed passwords, and access controls. No internet service is completely secure, so you should also protect your own account by using a strong, unique password.
10. Changes to this policy
We may update this Privacy Policy as FlipLens evolves. The latest version will always be available on this page and will show the date it was last updated. If we make a significant change that affects your rights, we will make reasonable efforts to notify you (for example by email or a notice in the app).