Legal

Privacy Policy

Last updated: March 2026

1. Who we are

Relens is operated by United Merchants Ltd, a company registered in England and Wales (Company No. 12406699), with a registered office at 67 Delaval Road, Billingham, England, TS23 3BX.

References to "Relens", "we", "us" or "our" in this policy refer to United Merchants Ltd. You can contact us at privacy@relens.xyz.

2. What Relens does

Relens is an AI-powered analytics assistant. You can connect your Google Analytics 4 property and/or your Shopify store via OAuth, or your support email inbox via IMAP credentials. Once connected, Relens allows you to ask plain-English questions about your data and receive AI-generated answers based on that data.

All data access is read-only. We cannot modify, delete, or write any data to your connected accounts.

3. Data we collect

Account information

When you sign in, we collect your name and email address via your Google account for authentication purposes.

Google Analytics data

With your explicit consent, we access your Google Analytics 4 data using the analytics.readonly OAuth scope. This scope grants read-only access — we cannot modify, delete, or write any data to your Google Analytics account.

We access the following data types to answer your questions:

→Session counts, user counts, and pageview metrics
→Traffic source and channel data
→Page performance metrics (bounce rate, session duration)
→Conversion and event data
→Geographic and device breakdown data
→Date-range comparisons (up to 90 days)

Shopify data

With your explicit consent, we access your Shopify store via OAuth. This is read-only access — we cannot create, modify, or delete anything in your Shopify store.

We access the following data types to answer your questions:

→Order history, revenue totals, and order status
→Product catalogue and variant information
→Customer counts and spending data
→Daily and period revenue trends

Support email (IMAP) data

If you connect a support email inbox, you provide your IMAP credentials (email address and password or app password). These credentials are encrypted with AES-256-GCM before being stored — your password is never stored in plain text.

On each request, Relens connects to your inbox and reads the following data to answer your questions:

→Sender name and email address
→Email subject lines
→Email dates and timestamps
→Short plain-text snippets (up to 150 characters from the message body)
→Whether a message has been replied to (read flag)
→In-reply-to headers (for threading and response time calculations)

Relens does not read full email bodies, HTML content, or attachments. It cannot send, delete, or modify emails in any way.

Usage data

We track the number of questions asked per user to manage subscription usage limits.

Payment information

Payments are processed by Stripe. We do not store card details. We receive confirmation of subscription status from Stripe.

4. How we use your data

→To authenticate your account and maintain your session
→To query your connected data sources in response to your questions
→To generate AI-powered answers using Anthropic's Claude API
→To manage your subscription and billing via Stripe
→To enforce subscription usage limits

5. Data sharing and third parties

We do not sell your data. We do not share your analytics or store data with any third parties except as described below:

→Anthropic (Claude API): Your questions and the data retrieved from your connected sources are sent to Anthropic's API to generate answers. Anthropic's privacy policy applies.
→Stack Auth: Handles authentication and stores your OAuth tokens (Google Analytics and Shopify access tokens) and encrypted IMAP credentials securely.
→Shopify: When you connect your Shopify store, your store's order and product data is queried via the Shopify API to answer your questions. No Shopify data is stored on our servers.
→Stripe: Processes payments. We share your email address for billing purposes only.
→Vercel: Hosts our application. Your requests pass through Vercel's infrastructure.

6. Data source commitments

We take the following commitments for all connected data sources (Google Analytics 4, Shopify, and Support Email):

→All access is read-only — we cannot write, modify, or delete any data in your connected accounts
→Your data is queried in real time and is not persistently stored on our servers
→Your data is used solely to answer your questions within the Relens interface
→We do not use your data to train AI models
→We do not transfer your data to any advertising or data broker platforms

Google Analytics specifically: We request only the analytics.readonly OAuth scope. In accordance with Google API Services User Data Policy, we do not use GA data for any purpose beyond answering your questions.

Shopify specifically: We request only the minimum read scopes required to answer your questions (orders, products, customers). We cannot place orders, modify products, or access payment card data.

Support Email specifically: We read email metadata and short snippets only. We do not read full email bodies, attachments, or HTML content. We cannot send, delete, or modify any messages. Your IMAP password is encrypted with AES-256-GCM and is never stored in plain text or logged.

7. Data retention

We retain your account data for as long as your account is active. If you delete your account, we delete your personal data within 30 days.

GA4 and Shopify data is not stored — it is fetched live on each request and discarded after your answer is generated. OAuth access tokens are stored securely and deleted when you disconnect a source or delete your account.

For Support Email, your encrypted IMAP credentials are stored for as long as the source is connected. They are permanently deleted the moment you disconnect the email source or delete your account. Email content (metadata and snippets) fetched during a query is not stored after the answer is generated.

8. Your rights

Under UK GDPR and the Data Protection Act 2018, you have the right to:

→Access the personal data we hold about you
→Request correction of inaccurate data
→Request deletion of your account and data
→Withdraw consent for Google Analytics access at any time via your Google Account settings
→Withdraw consent for Shopify access at any time via your Shopify admin under Apps
→Disconnect your Support Email at any time by clicking Disconnect on the Support Email card in /connections — this immediately deletes your stored credentials
→Lodge a complaint with the Information Commissioner's Office (ICO)

To revoke Google Analytics access, visit myaccount.google.com/permissions and remove Relens.

To revoke Shopify access, go to your Shopify admin, navigate to Apps, and uninstall Relens.

To disconnect your Support Email and delete your stored credentials, click Disconnect on the Support Email card in /connections.

9. Cookies

We use essential session cookies only, required to keep you signed in. We do not use tracking or advertising cookies.

10. Contact

For any privacy-related queries, contact us at:

United Merchants Ltd

67 Delaval Road

Billingham, England

TS23 3BX

privacy@relens.xyz

Legal

Privacy Policy

Last updated: March 2026

1. Who we are

Relens is operated by United Merchants Ltd, a company registered in England and Wales (Company No. 12406699), with a registered office at 67 Delaval Road, Billingham, England, TS23 3BX.

References to "Relens", "we", "us" or "our" in this policy refer to United Merchants Ltd. You can contact us at privacy@relens.xyz.

2. What Relens does

All data access is read-only. We cannot modify, delete, or write any data to your connected accounts.

3. Data we collect

Account information

When you sign in, we collect your name and email address via your Google account for authentication purposes.

Google Analytics data

We access the following data types to answer your questions:

→Session counts, user counts, and pageview metrics
→Traffic source and channel data
→Page performance metrics (bounce rate, session duration)
→Conversion and event data
→Geographic and device breakdown data
→Date-range comparisons (up to 90 days)

Shopify data

With your explicit consent, we access your Shopify store via OAuth. This is read-only access — we cannot create, modify, or delete anything in your Shopify store.

We access the following data types to answer your questions:

→Order history, revenue totals, and order status
→Product catalogue and variant information
→Customer counts and spending data
→Daily and period revenue trends

Support email (IMAP) data

On each request, Relens connects to your inbox and reads the following data to answer your questions:

→Sender name and email address
→Email subject lines
→Email dates and timestamps
→Short plain-text snippets (up to 150 characters from the message body)
→Whether a message has been replied to (read flag)
→In-reply-to headers (for threading and response time calculations)

Relens does not read full email bodies, HTML content, or attachments. It cannot send, delete, or modify emails in any way.

Usage data

We track the number of questions asked per user to manage subscription usage limits.

Payment information

Payments are processed by Stripe. We do not store card details. We receive confirmation of subscription status from Stripe.

4. How we use your data

→To authenticate your account and maintain your session
→To query your connected data sources in response to your questions
→To generate AI-powered answers using Anthropic's Claude API
→To manage your subscription and billing via Stripe
→To enforce subscription usage limits

5. Data sharing and third parties

We do not sell your data. We do not share your analytics or store data with any third parties except as described below:

→Anthropic (Claude API): Your questions and the data retrieved from your connected sources are sent to Anthropic's API to generate answers. Anthropic's privacy policy applies.
→Stack Auth: Handles authentication and stores your OAuth tokens (Google Analytics and Shopify access tokens) and encrypted IMAP credentials securely.
→Shopify: When you connect your Shopify store, your store's order and product data is queried via the Shopify API to answer your questions. No Shopify data is stored on our servers.
→Stripe: Processes payments. We share your email address for billing purposes only.
→Vercel: Hosts our application. Your requests pass through Vercel's infrastructure.

6. Data source commitments

We take the following commitments for all connected data sources (Google Analytics 4, Shopify, and Support Email):

→All access is read-only — we cannot write, modify, or delete any data in your connected accounts
→Your data is queried in real time and is not persistently stored on our servers
→Your data is used solely to answer your questions within the Relens interface
→We do not use your data to train AI models
→We do not transfer your data to any advertising or data broker platforms

7. Data retention

We retain your account data for as long as your account is active. If you delete your account, we delete your personal data within 30 days.

8. Your rights

Under UK GDPR and the Data Protection Act 2018, you have the right to:

→Access the personal data we hold about you
→Request correction of inaccurate data
→Request deletion of your account and data
→Withdraw consent for Google Analytics access at any time via your Google Account settings
→Withdraw consent for Shopify access at any time via your Shopify admin under Apps
→Disconnect your Support Email at any time by clicking Disconnect on the Support Email card in /connections — this immediately deletes your stored credentials
→Lodge a complaint with the Information Commissioner's Office (ICO)

To revoke Google Analytics access, visit myaccount.google.com/permissions and remove Relens.

To revoke Shopify access, go to your Shopify admin, navigate to Apps, and uninstall Relens.

To disconnect your Support Email and delete your stored credentials, click Disconnect on the Support Email card in /connections.

9. Cookies

We use essential session cookies only, required to keep you signed in. We do not use tracking or advertising cookies.

10. Contact

For any privacy-related queries, contact us at:

United Merchants Ltd

67 Delaval Road

Billingham, England

TS23 3BX

privacy@relens.xyz