V

Privacy Policy

Last updated: May 15, 2026

This document is also available in Italian.Versione italiana β†’
Authoritative version. This English translation is provided for convenience. The Italian version of this document remains the legally authoritative text. In case of any discrepancy between the two versions, the Italian version shall prevail.

1. Data Controller

Name: Paolo Fantinel

Service: Lens Veritas (lensveritas.com) β€” operated on a personal, non-commercial basis

Privacy contact email: paolo_fantinel@hotmail.com

Controller location: Italy. For requests relating to the exercise of GDPR rights (Arts. 15-22) please write to the email above: we will respond within 30 days as provided by Art. 12(3) GDPR.

Data Protection Officer (DPO): not required under Art. 37 GDPR (the processing does not fall within the cases requiring DPO appointment). For any privacy-related matter please contact the Controller directly at the email above.

2. Data we collect

User account (optional)

If you choose to register: email address, display name, authentication provider used (email, Google, or Facebook). Registration is not required to use the site.

Usage activity (registered users only)

Articles read and searches performed on Veritas, to show your history in your profile. This data is never sold or shared with third parties.

Display preferences

Theme (Noir/Bureau), language, and accent color, saved as local cookies in your browser. These are not transmitted to our servers.

3. Legal basis for processing (GDPR Art. 6)

Contract (Art. 6(1)(b)):Authentication and management of the user account
Consent (Art. 6(1)(a)):Reading and search history (toggleable/revocable from your profile), non-technical preference cookies, AI features and error monitoring
Legitimate interest (Art. 6(1)(f)):Service security, abuse prevention, aggregate and anonymous improvement of the service

We do not use your data for advertising, commercial profiling, or sale to third parties.

4. Third-party services used

SupabaseUser database and authentication
Privacy β†—
VercelSite hosting and infrastructure
Privacy β†—
Google OAuthLogin with Google account (optional)
Privacy β†—
Meta / FacebookLogin with Facebook account (optional)
Privacy β†—
DeepSeekPrimary AI provider for Veritas analysis and translations
Privacy β†—
Anthropic ClaudeFallback AI provider (anti-bias analysis, translations)
Privacy β†—
Google GeminiVoice synthesis for articles (Audio Reader)
Privacy β†—
Upstash RedisTemporary article cache (max 3 minutes)
Privacy β†—
NewsAPI / GNews / The Guardian APISource of news articles
GDELT ProjectSource of articles and geolocated data (public domain)
Privacy β†—
ReplicateAI image generation for social media content (Instagram)
Privacy β†—

Fonts (Geist, Geist Mono) are self-hosted on our server via next/font and do not result in requests to external CDNs during navigation.

Underlying infrastructure: the Vercel hosting may use underlying infrastructure services (Cloudflare/Fastly CDN, anti-DDoS, security logs) managed by its provider. These services do not have access to identifiable personal data of end users, are used for technical site-delivery purposes (legitimate interest, Art. 6(1)(f) GDPR), and are governed by the Vercel Privacy Policy.

5. Cookies and local storage

Technical cookies (always active):

  • nlv_lang β€” selected language (365 days)
  • nlv_palette β€” visual theme (365 days)
  • nlv_font β€” font preference (365 days)
  • sb-* β€” Supabase authentication session (registered users only)

localStorage (only in your browser, never transmitted to servers):

  • nlv_consent_v2 β€” record of your cookie consent choices
  • nlv_session_id β€” anonymous session identifier for the consent registry
  • Visual preferences (accent color, grid/list layout)

We do not use tracking, analytics, or third-party advertising cookies without your explicit consent.

6. International data transfers

Some sub-processors are based in the USA (Anthropic, Google, Upstash, NewsAPI, Replicate, GDELT). Transfers take place on the basis of the Standard Contractual Clauses (SCCs) adopted by the European Commission under Art. 46(2)(c) GDPR, or adequacy decisions where applicable.

7. Data retention

Account data (email, name)Until account deletion
Reading and search historyUntil account deletion or upon request
Consent registry (anonymised IP)12 months (IP removed after 12 months, record retained for legal obligation)
Article cache (Redis)Maximum 3 minutes

You can request early deletion at any time from the Delete your data page or by writing to paolo_fantinel@hotmail.com.

8. Your rights (GDPR)

If you are an EU resident, you have the right to:

  • Access your personal data (Art. 15)
  • Request rectification (Art. 16) or erasure (Art. 17)
  • Restrict or object to processing (Arts. 18-21)
  • Request data portability (Art. 20)
  • Withdraw consent at any time, without affecting the lawfulness of prior processing (Art. 7(3))

To exercise these rights write to paolo_fantinel@hotmail.com.

You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) at www.garanteprivacy.it β€” Piazza Venezia 11, 00187 Rome, Italy.

9. Jurisdictional scope and applicability

Lens Veritas is a service operated on a personal, non-commercial basis from Italy. We process personal data under the GDPR standard (Regulation EU 2016/679), which we apply as the best level of protection available to all users regardless of their geographic location.

For clarity:

  • We do not monetize via advertising and do not use profiling or commercial tracking cookies.
  • We do not sell or share personal data as defined by the California Consumer Privacy Act (CCPA), Cal. Civ. Code Β§1798.140(t)(1).
  • We do not adhere to the IAB Transparency & Consent Framework (TCF), as we do not serve programmatic ads.
  • We do not meet the CCPA applicability thresholds (annual revenue > $25M, more than 100,000 California users/year, or >50% revenue from data sale): the law does not apply to our case.

Users residing in jurisdictions outside the EU (United States, United Kingdom, Canada, Australia, etc.) accept that the processing of their personal data occurs under the GDPR standard, which we consider to offer protection equivalent to or higher than local law. For specific requests related to your country's regulations (e.g. CCPA opt-out, UK GDPR data access request, PIPEDA inquiry), please write to paolo_fantinel@hotmail.com: we respond within 30 days following the same procedure provided by GDPR.

10. Changes to this policy

Any updates will be posted on this page along with the revision date. Continued use of the service after changes constitutes acceptance of the updated policy.

Lens Veritas Β· May 15, 2026← Back to home