SheetLens

Privacy Policy

Effective date: May 20, 2026 · Last updated: May 20, 2026

The short version.When you open an Excel file with SheetLens, the file is parsed entirely inside your browser. We never receive its bytes, its cell values, or its formulas — except for the single formula string you click on if you choose to use the optional AI Explainer (Pro tier). On our servers we only store an email address, a plan tier, usage counters, and (for the pay-per-file tier) a one-way hash of the file you purchased access to. The long version explains exactly what each of those means, why we collect it, and what your rights are.

1. Who we are

SheetLens (“SheetLens”, “we”, “us”) is a web-based spreadsheet auditing tool operated by [OPERATOR LEGAL NAME], located at [OPERATOR ADDRESS]. You can reach us at privacy@sheetlens.app for any privacy question.

This policy describes how we handle personal information when you visit sheetlens.app or use the SheetLens product. It covers obligations under Japan’s Act on the Protection of Personal Information (APPI), the EU General Data Protection Regulation (GDPR), the UK GDPR, and the California Consumer Privacy Act / CPRA (CCPA).

2. What we collect — and what we don’t

2.1 What never leaves your browser

The following data is processed exclusively on your device:

  • The .xlsx file you open with SheetLens. The raw bytes are read, parsed in WebAssembly, and held in memory in your browser tab. They are not transmitted to our servers.
  • The values inside the cells of that file (numbers, text, dates, column headers).
  • The text of formulas in the file, with the one exception described in Section 2.3.
  • The cross-sheet dependency graph, the auto-audit flag inventory, and any annotations you make during a session.

If you purchase a Pay-per-file plan, an encrypted copy of the file may be stored in your browser’s IndexedDB so you can reopen it without uploading it again. That copy lives only on your device, expires automatically after 30 days, and is erased when you clear your browser data.

2.2 What we receive on our servers

  • Account information. If you sign up for a Pro subscription or purchase Pay-per-file access, we receive your email address and your plan tier. Authentication is handled by Clerk (see Section 5).
  • Usage counters. We record aggregate counts such as how many files you have parsed in the current period and how many AI Explainer requests you have made, so we can enforce plan limits and surface them to you in the product.
  • File hash (Pay-per-file tier only).When you purchase access to a specific file, your browser computes a one-way SHA-256 hash of the file’s bytes and sends only that hash to our servers. The hash lets us bind your purchase receipt to the specific file you opened, so we can authorize subsequent opens of the same file for 30 days. The hash is a 32-byte fingerprint; it does not contain the file’s contents and cannot be reversed to recover them.
  • Payment metadata. Payments are processed by Lemon Squeezy as Merchant of Record (see Section 5). We receive the order confirmation (date, amount, plan, last 4 digits of card) but never your full card number, CVC, or billing address.
  • Diagnostic logs. If the application crashes or throws an exception, we may receive a sanitized stack trace through Sentry (see Section 5). We have configured Sentry to redact request bodies, query strings, and known sensitive fields. Stack traces do not include the contents of your spreadsheet.
  • Server access logs. Our hosting provider (Vercel) records IP address, timestamp, request path, user agent, and response code for every HTTP request, retained for up to 30 days and used only for security and abuse detection.

2.3 The AI Explainer (Pro tier only)

SheetLens Pro includes an optional “Explain this formula” feature. When you click Explain on a specific cell:

  • The single formula string of that cell (for example, =VLOOKUP(A2, Inputs!B:D, 3, FALSE)) is transmitted to our servers along with the names of any sheets and named ranges that formula references.
  • Your account ID is included so we can apply plan limits.
  • We forward those fields to Anthropic, PBC for processing by the Claude Haiku model. Anthropic processes the request under their Commercial Terms of Service and confirms it does not use API customer data to train its models.
  • The cell values, the other cells in your workbook, the workbook file name, column headers, and any other context surrounding the formula are not sent. If you would rather stay fully offline, do not click Explain.

We cache the natural-language explanation against the formula AST hash so identical formulas across users do not re-incur an API call. The cached result contains only the model’s output text and the AST hash; it cannot be linked back to a specific user account or file once stored.

3. Why we collect it (legal bases)

Under GDPR / UK GDPR, our legal bases are:

  • Performance of a contract(Art. 6(1)(b)) — for account creation, authentication, plan enforcement, and Pay-per-file entitlement.
  • Legitimate interest(Art. 6(1)(f)) — for fraud prevention, diagnostic logging, and abuse detection. We balance this against your privacy interest by minimizing what we retain and redacting sensitive fields.
  • Legal obligation(Art. 6(1)(c)) — for tax, accounting, and regulatory record-keeping handled by our payment processor.

Under APPI, the purposes of use (利用目的) are: account management, billing, service delivery, plan-limit enforcement, customer support, security and abuse prevention, and product improvement based on aggregated, non-identifying usage statistics.

4. How long we keep it

  • Account email and plan tier: until you delete your account, then deleted within 30 days.
  • Usage counters: rolling 12-month window, then aggregated.
  • File hash + paygo receipt: 30 days from purchase, then deleted.
  • Server access logs: 30 days.
  • Sentry diagnostic logs: 90 days.
  • Payment records held by Lemon Squeezy: retained per their policy and applicable tax law, typically 7 years.

5. Third-party processors

We use the following independent service providers (“sub-processors”) to run SheetLens. Each one is bound by a data-processing agreement and receives only the minimum data necessary.

  • Vercel Inc.— web application hosting (United States and EU regions). Privacy Policy.
  • Cloudflare, Inc.— DNS and domain registrar for sheetlens.app. Privacy Policy.
  • Vercel Web Analytics— privacy-friendly, cookieless usage analytics: page views and anonymous product events (e.g. “file opened”, “checkout started”). No personal data, and never your workbook contents. Privacy.
  • Clerk Inc.— authentication, account email, and session management. Privacy Policy.
  • Lemon Squeezy (Sandcat Group)— Merchant of Record for payments, taxes, invoicing, and refund processing. Privacy Policy.
  • Anthropic, PBC— processes the formula strings and minimal context you send when you use the AI Explainer. Privacy Policy.
  • Functional Software, Inc. (Sentry)— error and exception monitoring (sanitized). Privacy Policy.
  • Better Stack (BetterStack s.r.o.)— uptime monitoring and on-call alerting; receives no personal information. Privacy Policy.

6. International transfers

SheetLens is operated from [OPERATOR JURISDICTION]. The processors listed above operate primarily in the United States and the European Union. Where personal data is transferred outside the EEA, UK, or your home jurisdiction, we rely on Standard Contractual Clauses, the EU-US Data Privacy Framework, or your equivalent local mechanism.

7. Your rights

You can ask us to:

  • Confirm whether we hold personal information about you, and provide a copy (access).
  • Correct information that is wrong (rectification).
  • Delete information we no longer need (erasure / 削除請求).
  • Limit how we use it (restriction).
  • Export it in a portable format (data portability).
  • Object to processing based on legitimate interest.
  • Opt out of any “sale” or “sharing” for cross-context behavioral advertising. (We do not sell or share personal information, but you have the right to confirm this.)
  • Withdraw consent at any time where consent was the basis.

To exercise any of these rights, email privacy@sheetlens.app. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority (e.g. Japan PPC, an EU supervisory authority, or the UK ICO).

8. Cookies and local storage

SheetLens uses the minimum cookies and browser storage necessary to operate:

  • A first-party session cookie set by Clerk to keep you signed in.
  • Browser IndexedDB to cache the WebAssembly engine (so the second visit is instant) and, for Pay-per-file users, the file you purchased access to.
  • We do not set advertising or cross-site tracking cookies, and we do not embed third-party analytics that profile visitors.

9. Children’s privacy

SheetLens is not directed at children under 16, and we do not knowingly collect personal information from them. If you believe a child has provided us personal information, email privacy@sheetlens.app and we will delete it.

10. Changes to this policy

If we materially change how we handle personal information, we will update the effective date at the top of this page and, for registered accounts, email you in advance of the change taking effect.

11. Contact

Privacy questions, requests, and complaints: privacy@sheetlens.app.

← Back to SheetLens