DailyLens treats guest and logged-in users differently. Guests keep all their data on their own device — nothing is sent to our servers. Logged-in users sync their progress via our secure database.
1. Introduction
Welcome to DailyLens ("we," "us," or "our"). We are committed to being transparent about how we collect, use, and protect your information. This Privacy Policy applies to all users of the DailyLens website and game (the "Service").
By using the Service, you agree to the practices described here. Contact us at with any questions.
2. Who This Policy Applies To
This policy covers two types of users:
- Guest Users — Players who play without an account.
- Logged-In Users — Players who authenticate via Google OAuth.
3. Data We Collect and How
3.1 Guest Users (No Account)
If you play without logging in, we do not collect, transmit, or store any personal data on our servers. All game progress — streaks, past answers, daily state — is saved exclusively on your own device using your browser's localStorage. This data never leaves your device, is not accessible to us, and will be lost if you clear your browser data.
3.2 Logged-In Users (Google OAuth)
If you sign in with Google, we store the following in our secure database:
| Data | Source | Purpose |
|---|---|---|
| Email address | Google OAuth | Account identification |
| Display name | Google OAuth | In-game profile |
| Profile picture URL | Google OAuth | Avatar display |
| Game progress (streaks, answers) | Gameplay | Cross-device sync |
| Account creation timestamps | System-generated | Security & management |
We do not collect passwords. Authentication is handled entirely by Google.
3.3 Analytics Data
We collect anonymized, aggregated usage data including pages visited, browser type, general geographic region, and in-game interaction events. This data is not linked to your personal identity.
4. How We Use Your Data
- To operate the Service and sync your game progress
- To improve the Service via anonymized analytics
- To respond to support requests
- To detect and prevent abuse, scraping, or manipulation
- To comply with legal obligations
We do not sell your personal data. We do not use your data for targeted advertising.
5. Legal Basis for Processing (GDPR)
For users in the EEA, UK, or Switzerland, our legal bases are: contractual necessity (providing the Service), legitimate interests (analytics and security), and consent (where you chose to log in via Google OAuth).
6. Third-Party Processors
Vercel — Hosting & Infrastructure
Hosts the DailyLens frontend and backend. Processes server request logs and analytics events. Privacy Policy ↗
Supabase — Database & Auth
Hosts our PostgreSQL database and manages sessions for logged-in users. Processes account records and game progress data. Privacy Policy ↗
Google Cloud / Google OAuth / Gemini API
Provides "Sign in with Google" and generates AI images. We never receive your Google password. Only game-internal prompts are sent to Gemini — no personal user data. Privacy Policy ↗
Pexels
Provides real photographs. Images are fetched server-side; no personal user data is sent to Pexels. Privacy Policy ↗
7. Cookies and Tracking
| Technology | Purpose | Type |
|---|---|---|
localStorage | Storing guest game progress locally | Local storage (not a cookie) |
| Session cookies | Maintaining your logged-in session (Supabase Auth) | Strictly necessary |
| Analytics scripts | Anonymized usage tracking | Analytics |
We do not use advertising cookies, cross-site tracking cookies, or fingerprinting technologies. You may disable analytics tracking via a browser ad-blocker or the Do Not Track setting.
8. Data Retention
| Data | Retention |
|---|---|
Guest data (localStorage) | On your device until you clear it |
| Logged-in account data | While your account is active |
| Analytics data | Per provider defaults (typically 90 days – 2 years) |
Account Deletion: You may request deletion of your account and all associated personal data at any time by emailing . We will process your request within 30 days.
9. International Data Transfers
DailyLens is operated from Lithuania. Our processors are primarily located in the United States and European Union. Where data is transferred outside the EEA/UK, we rely on Standard Contractual Clauses (SCCs) or Data Privacy Framework (DPF) certification.
10. Your Privacy Rights
To exercise any rights (including GDPR access/erasure or CCPA deletion/correction), email us at . We respond within 30 days.
11. Children's Privacy
DailyLens is not directed to children under 13 (or 16 in the EEA). We do not knowingly collect personal information from children.
12. Security
We use HTTPS for all data in transit, Row-Level Security on our database, and OAuth 2.0 — we never store passwords. No method of internet transmission is 100% secure; we will notify affected users of any breach as required by law.
13. Changes to This Policy
We may update this policy at any time and will post the revised version here with an updated date. Your continued use of the Service constitutes acceptance of the updated policy.
14. Contact
DailyLens
Email:
Website: https://dailylens.vercel.app