Skip to content
WonderLens

Privacy Policy

Last updated: May 10, 2026 · Effective date: May 10, 2026

This Privacy Policy describes how WonderLens (“WonderLens,” “we,” “us,” or “our”) collects, uses, stores, and discloses information when you visit wonderlens.ai and use our services to generate AI-rendered videos from photographs you provide. By accessing or using WonderLens, you acknowledge that you have read and understood this Policy. If you do not agree with the terms described below, please do not use the service.

1. Information We Collect

We have intentionally designed WonderLens to collect the minimum information necessary to operate the service. The categories of information we collect, the source of each, and the purpose for which we collect it are described below.

1.1 Account information. When you purchase credits or sign in, we capture your email address. We do not collect your name, date of birth, telephone number, billing address (other than what Stripe requires to process the payment), or any other identifier beyond what is strictly necessary to associate the credits you purchase with the videos you generate. Authentication is handled by Clerk via passwordless email links, we never receive, store, or process a password for your account.

1.2 Photographs you submit. To generate a video, you upload a still photograph of a room, scene, or environment. Photographs are transmitted directly from your browser to our cloud storage provider (Cloudflare R2) over an encrypted connection. Before storage, we strip EXIF metadata (including GPS coordinates, camera serial numbers, and creation timestamps) from your file. We do not require, request, or expect photographs to contain identifiable people; our automated content-moderation pipeline flags submissions that include faces or other personal identifiers and may decline to process them.

1.3 Generated videos. We store the videos generated from your photographs in your account's private library so you can re-watch, share, and download them. Videos may include a watermark indicating they were created by WonderLens. Videos are derivative works based on your input photograph and the locked character pipeline you selected.

1.4 Payment information. Credit purchases are processed by Stripe, Inc. Payment-card numbers, CVCs, and billing addresses are submitted directly to Stripe and never transit our servers. From Stripe we receive: a Stripe Customer ID, the last four digits of the card used, the card brand, the country of issuance, the amount paid, and the email address you provided at checkout. We use this metadata for receipt reconciliation, refund handling, and fraud-pattern detection.

1.5 Usage and analytics data. We collect information about how visitors and account-holders interact with the service, including pages visited, buttons clicked, time spent on each page, browser and device characteristics (browser name and major version, operating system family, screen size category, language preference, timezone), referring URLs, and approximate geographic region derived from IP address. We use this data to debug errors, prioritize product improvements, measure marketing effectiveness, and detect abusive patterns. Analytics events are processed by PostHog, our analytics provider.

1.6 Communications. When you contact our support team, we receive and retain the contents of your message, your email address, and any attachments you choose to include, for the purpose of responding to and resolving your inquiry.

2. How We Use Information

We use the information described in Section 1 only for the purposes set out in this Section 2. We do not use your information for any purpose not described here, and we do not sell, rent, or trade your personal information to third parties under any circumstances.

2.1 Providing the service. We use your email address to authenticate sign-in attempts, deliver the videos you generate to your account's library, and communicate with you about transactions, generation status, account changes, and security-relevant events. We use your uploaded photographs as the conditioning input for the AI video generation pipeline described in Section 3.

2.2 Processing payments. We share necessary transaction details with Stripe to charge your card, issue refunds when applicable, and reconcile our credit-balance ledger with Stripe's payment records. We use Stripe Customer IDs as a durable, account-portable identifier so a paying customer's credits and library survive across devices and across email changes initiated through the Stripe customer portal.

2.3 Improving the service. We use aggregated and de-identified usage data to debug errors, identify performance bottlenecks, prioritize features, and refine the prompts and rulesets that govern each character's generation pipeline. We do not use the contents of your individual photographs or generated videos to train any AI model, ours or any third party's, as further described in Section 4.3.

2.4 Communicating with you. We send transactional emails (purchase receipts, sign-in links, password-reset links, account-deletion confirmations, security notices) through Resend, our transactional email provider. We do not send marketing emails to your account email address unless you separately opt in to a newsletter or promotional list.

2.5 Compliance and protection. We may use or disclose information as necessary to comply with applicable law, respond to lawful government requests, enforce our Terms of Service, prevent fraud, or protect the rights, safety, and property of WonderLens, our users, and the public.

3. AI Video Generation Pipeline

Because the core of our service is AI-generated video, we want to be specific about how that pipeline interacts with the photographs you submit.

3.1 Closed-prompt design. WonderLens is a closed-prompt system. You select a character from a fixed roster curated by our team; the prompt template, the visual reference image, and the motion ruleset associated with that character are authored by us and locked at the time the character is launched. You cannot alter the character or write free-form prompt text. The only input you contribute to the generation pipeline is your room photograph.

3.2 Sub-processor for inference. AI video generation is performed by fal.ai, our hosted-inference provider, using underlying models supplied to fal.ai by various third-party model vendors. When you trigger a generation, your photograph (with EXIF stripped) is transmitted to fal.ai over an encrypted connection along with the locked prompt and reference image. fal.ai processes the request and returns the generated video to us; we then store the video in your account's library. fal.ai's privacy practices and their handling of inputs and outputs are described in their own privacy policy and their agreements with their underlying model providers.

3.3 No model training on user content. We do not provide your photographs or your generated videos to fal.ai or any third party for the purpose of training, fine-tuning, or otherwise improving their models. We do not use your content to train, fine-tune, or improve any model we ourselves operate. Inputs and outputs are processed for the limited purpose of fulfilling the specific generation request you initiated and are not added to any training corpus.

4. Data Storage, Retention, and Deletion

4.1 Where data is stored. Account records, credit ledgers, and generation metadata are stored in a managed PostgreSQL database operated by Neon, hosted in the United States. Photographs and videos are stored in Cloudflare R2 buckets configured for private access. Application servers and edge functions run on Vercel infrastructure. Data is encrypted in transit (TLS 1.2 or higher) and at rest using each provider's standard encryption mechanisms.

4.2 Retention periods. Account records (email, Stripe Customer ID, credit balance) are retained for the life of the account. Photographs and generated videos are retained for one (1) year from the date of generation, after which we may delete them. Payment records and credit-transaction logs are retained for seven (7) years to satisfy financial record-keeping obligations. Server logs containing IP addresses are retained for up to thirty (30) days for security and abuse-detection purposes; aggregated analytics events are retained for up to twenty-four (24) months.

4.3 Deletion. You may delete an individual generation from your library at any time using the delete control on each item, which removes both the database record and the underlying video file from object storage. To delete your entire account and all associated personal data, email privacy@wonderlens.ai from the address associated with your account. We will action verified deletion requests within thirty (30) days, except for records we are legally required to retain (such as financial records under Section 4.2). Deletion is permanent and cannot be undone.

5. Sub-processors and Service Providers

We rely on a small number of vetted third-party providers to operate WonderLens. Each is bound by contractual data-protection commitments. The current list is:

  • Vercel, Inc., application hosting + edge compute (US)
  • Neon, Inc., managed PostgreSQL database (US)
  • Cloudflare, Inc., object storage (Cloudflare R2) and CDN (US/global)
  • Clerk, Inc., authentication and session management (US)
  • Stripe, Inc., payment processing (US)
  • fal.ai, Inc., hosted AI inference (US). fal.ai uses underlying models supplied by various model providers under their own terms.
  • Resend, Inc., transactional email delivery (US)
  • PostHog, Inc., product analytics (US)

We update this list when we add or remove sub-processors. We do not allow sub-processors to use your personal information for their own marketing or model-training purposes.

6. Children's Privacy

WonderLens is a family-facing product designed for parents to create magical moments for their children. The service itself is not directed at children under the age of thirteen (13), and we do not knowingly collect personal information from children under thirteen. Account creation, credit purchases, and video generation are intended to be performed by an adult parent, guardian, or other authorized adult. If you believe a child under thirteen has provided personal information to WonderLens, please contact privacy@wonderlens.ai and we will promptly delete the information. We do not require photographs to contain people, and we recommend that parents avoid uploading photographs that show their child's face or other identifying personal features.

7. Your Rights

Subject to applicable law, you have the rights described below. To exercise any of these rights, contact us at privacy@wonderlens.ai from the address associated with your account so we can verify your identity.

  • Access, request a copy of the personal information we hold about you
  • Correction, request correction of inaccurate or incomplete personal information
  • Deletion, request deletion of your personal information (subject to retention obligations described in Section 4.2)
  • Portability, request a machine-readable export of your data
  • Objection / restriction, request that we stop or limit certain processing of your personal information
  • Withdraw consent, withdraw any consent you previously gave us

California residents have additional rights under the California Consumer Privacy Act (CCPA / CPRA), including the right to know what personal information we have collected, sold, or shared (we do not sell or share for cross-context behavioral advertising), and the right not to be discriminated against for exercising these rights. Residents of the European Economic Area, the United Kingdom, and Switzerland have rights under the General Data Protection Regulation (GDPR) and equivalent local laws and may lodge a complaint with their local supervisory authority. We do not knowingly transfer personal information outside the United States except to the extent our sub-processors operate global infrastructure (Cloudflare CDN edge); where international transfers occur we rely on the European Commission's Standard Contractual Clauses or equivalent transfer mechanisms.

8. Security

We use commercially reasonable administrative, technical, and physical safeguards to protect your information against loss, theft, and unauthorized access, disclosure, alteration, or destruction. These include TLS encryption for data in transit, encryption at rest at our storage and database providers, scoped access tokens, the principle of least privilege for internal access, and secret rotation procedures. No method of transmission or storage is one-hundred-percent secure, however, and we cannot guarantee absolute security. If we become aware of a security incident affecting your personal information, we will notify you in accordance with applicable law.

9. Cookies and Similar Technologies

We use a small number of cookies that are strictly necessary to provide the service: a session cookie set by Clerk to maintain your authentication state; a cookie set by Stripe during checkout for fraud prevention; and a Vercel-managed cookie used to balance load between edge regions. We additionally use a first-party analytics cookie set by PostHog to attribute usage events to a stable distinct identifier. We do not use third-party advertising cookies, retargeting pixels, or tracking pixels for marketing partners. Most browsers allow you to refuse cookies; refusing the authentication cookie will prevent the service from functioning.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the services we offer, or applicable law. When we do, we will revise the “Last updated” date at the top of this page. For material changes, such as a new category of personal information collected, a new purpose of processing, or the addition of a new sub-processor that materially changes the nature of data processing, we will provide reasonable advance notice via email to the address associated with your account or through a prominent in-product notice before the change takes effect. Your continued use of the service after the change becomes effective constitutes acceptance of the updated Policy.

11. Contact

For privacy-related inquiries, requests to exercise the rights described in Section 7, security concerns, or any other matter related to this Policy, please contact us at privacy@wonderlens.ai. For general support inquiries unrelated to privacy, please use support@wonderlens.ai. We aim to respond to verified privacy requests within thirty (30) days.