Skip to main content
ETFLens
ETFLens

Research

Free Tools

Pro Tools

PricingSign up free
Get Pro · $19/month

Cancel anytime. 7-day money-back guarantee (new subscriptions only).

Legal

Privacy Policy

Last updated: 12 June 2026

1. Overview

ETFLens is committed to protecting your privacy. This Privacy Policy explains what personal information we collect, how we use it, and your rights in relation to it. We operate in accordance with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs).

This policy applies to all users of etflens.com.au, whether on the free plan or Pro subscription.

2. What Information We Collect

Information you provide

Account information, When you sign in with Google, we receive your name, email address, and profile picture from Google. We store this to identify your account.

Portfolio data and watchlists, If you use the Portfolio Builder we store the ETF tickers and amounts you enter. If you have an account and choose to save a portfolio, snapshot or watchlist, that data (the tickers, amounts and any notes you add) is stored against your account until you delete it. We do not store brokerage account details, bank account numbers, or any actual financial account data.

CGT Calculator data, Parcels you enter into the CGT & Cost Base Calculator, and any broker CSV files you import, are processed entirely in your browser and saved only to your device's local storage. They are never uploaded to, or stored on, our servers.

Payment information, We do not store your payment card details. All payment processing is handled by Stripe. We store your Stripe customer ID to manage your subscription.

Email signups, If you sign up for ETF distribution alerts or product updates without creating an account, we store your email address (and any ticker you ask us to watch) so we can send you those emails. You can unsubscribe from any of them at any time using the link in every email.

Information collected automatically

Usage data, We log which ETF pages you view and which tools you use. This helps us understand what is useful and improve the Service.

Session cookies, We use cookies to keep you signed in. These are essential for the Service to function and cannot be disabled.

Technical data, Standard server logs including IP address, browser type, and pages accessed. This is used for security monitoring and is not linked to your account for marketing purposes.

3. How We Use Your Information

We use your information to: • Provide and maintain the ETFLens Service • Manage your account and subscription • Process payments and send billing receipts • Send transactional emails (subscription confirmations, payment receipts, cancellation confirmations) • Send the ETF alerts, distribution updates and occasional product news you have signed up for (you can unsubscribe at any time via the link in every email) • Detect and prevent fraudulent or abusive activity • Improve the Service based on usage patterns

We do not use your information for advertising purposes. We do not sell your data to third parties. We do not use your data to provide you with personalised financial advice.

4. Who We Share Information With

We share your information only with the following third parties, solely to provide the Service:

Google (United States), For authentication via Google Sign-In. Subject to Google's Privacy Policy.

Stripe (United States), For payment processing. Stripe stores your payment card details on our behalf. Subject to Stripe's Privacy Policy.

Supabase (Australia, AWS ap-southeast-2 Sydney), Our database provider. Your account and portfolio data is stored on Supabase's infrastructure. Subject to Supabase's Privacy Policy (supabase.com/privacy).

Vercel (United States), Our hosting and analytics provider. Application logs may pass through Vercel's infrastructure. ETFLens uses Vercel Analytics to collect anonymised, aggregated data about pages viewed and site performance. Vercel Analytics does not use cookies, does not collect personally identifiable information, and does not track individual users across sites. Subject to Vercel's Privacy Policy (vercel.com/legal/privacy-policy).

Google Analytics (Google LLC, United States), For website analytics. ETFLens uses Google Analytics 4 to understand aggregate site usage, such as which pages are viewed and how visitors arrive. Google Analytics loads only after you accept cookies via our cookie notice; if you decline, it does not run. Google Analytics sets cookies on your device and may process data including a device identifier, your approximate location derived from your IP address, and the pages and events you trigger. Data may be processed by Google on servers located outside Australia. Subject to Google's Privacy Policy (policies.google.com/privacy).

Cloudflare (United States), Our CDN and security provider, running a global edge network. Cloudflare processes every visitor's IP address and request metadata to deliver and protect the Service. Data may be stored on servers outside Australia. Subject to Cloudflare's Privacy Policy (cloudflare.com/privacypolicy).

Resend (United States), For transactional email delivery. When you subscribe to ETF alerts or receive account emails (such as subscription confirmations and cancellation notices), your email address is shared with Resend solely for the purpose of sending those emails. Resend does not use your email address for any other purpose. Subject to Resend's Privacy Policy (resend.com/legal/privacy-policy).

Microsoft Clarity (United States), For session recording and behaviour analytics. Clarity only loads after you accept cookies via our cookie notice; if you decline, it does not run. ETFLens uses Microsoft Clarity to understand how visitors interact with the site, including mouse movements, clicks and scroll depth. Clarity may collect and store information about your visit including pages viewed and interactions. Clarity sets cookies to maintain session recordings. Clarity does not collect your account credentials or payment information. Financial figures entered into ETFLens tools (such as portfolio values, income targets and tax details) are masked in recordings and are not captured by Microsoft Clarity. Recordings are used solely for improving the site. Subject to Microsoft's Privacy Statement (privacy.microsoft.com/en-us/privacystatement).

Sentry (United States), For error monitoring. When errors occur on the site, Sentry captures diagnostic information including the page you were on, browser type, and error details. This helps us identify and fix technical problems. Sentry does not collect your financial data or personal account information beyond what appears in error context. Subject to Sentry's Privacy Policy (sentry.io/privacy).

UptimeRobot (European Union), For uptime monitoring. UptimeRobot periodically checks that the Service is available. It does not receive your account or portfolio data. Subject to UptimeRobot's Privacy Policy (uptimerobot.com/privacy).

Upstash (United States), For rate limiting and abuse prevention. Upstash temporarily stores a counter keyed to your IP address to limit how often requests can be made to the Service. It is not linked to your account and is used only for security. Subject to Upstash's Privacy Policy (upstash.com).

By using ETFLens, you consent to your personal information being transferred to and processed in these countries. Where personal information is transferred overseas, we take reasonable steps to ensure it receives protection comparable to the Australian Privacy Principles.

We may disclose information where required by Australian law, court order, or to protect the rights and safety of ETFLens or others.

5. Data Storage and Security

Your data is stored in a Postgres database hosted in the Sydney, Australia (ap-southeast-2) region. We implement industry-standard security measures including: • Encrypted connections (HTTPS/TLS) for all data in transit • Database encryption at rest • Access controls limiting who can access production data • Session tokens stored in secure, HTTP-only cookies

No security system is perfect. In the event of a data breach that affects your personal information, we will notify you and the Office of the Australian Information Commissioner (OAIC) as required by the Notifiable Data Breaches scheme.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. If you delete your account: • Your account data will be deleted within 30 days • Payment records will be retained for 7 years as required by Australian tax law • Anonymised usage data may be retained indefinitely for analytics

7. Your Rights

Under the Australian Privacy Act, you have the right to: • Access, Request a copy of the personal information we hold about you • Correction, Request that we correct inaccurate personal information • Deletion, Request deletion of your account and personal data

To exercise any of these rights, email us at hello@etflens.com.au with the subject line "Privacy Request". We will respond within 30 days. You can also delete your account directly from your account page at etflens.com.au/account, this will immediately cancel any active subscription and schedule your data for deletion within 30 days.

If you believe we have mishandled your personal information, you may also lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

8. Cookies

ETFLens uses the following cookies:

Authentication cookies, Essential. Keep you signed in to your account. Cannot be disabled.

Session cookies, Essential. Maintain your session state. Deleted when you close your browser.

Microsoft Clarity cookies, Analytics. Microsoft Clarity sets cookies to record session behaviour including mouse movements, clicks and scroll depth. These are used to understand how visitors use the site and to improve it. They are not used for advertising.

Google Analytics cookies, Analytics. Google Analytics 4 sets cookies (such as _ga) to measure aggregate site usage and traffic sources. Google Analytics cookies load only after you accept cookies via our cookie notice; if you decline, Google Analytics does not run. They help us understand which pages are visited and improve the site, and are not used for advertising.

We do not use advertising cookies, tracking pixels, or advertising targeting services.

We use Vercel Analytics to understand which pages are visited and site performance. Vercel Analytics is cookieless, it does not set any cookies and does not track individual users. It collects only anonymised, aggregated data and cannot identify you personally.

9. Children

ETFLens is not directed at or intended for use by children under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by displaying a notice on the Service. The date at the top of this page reflects the last update. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. International Users (GDPR)

If you are located in the European Union or United Kingdom, you have additional rights under the General Data Protection Regulation (GDPR) or UK GDPR: • Right of erasure, You may request deletion of your personal data • Right to data portability, You may request a copy of your data in a structured, machine-readable format • Right to object, You may object to processing of your personal data for direct marketing • Right to restrict processing, You may request that we limit how we use your data

To exercise these rights, contact us at hello@etflens.com.au. We will respond within 30 days. Where we are unable to comply with a request, we will explain why.

12. Contact

For any privacy-related questions or to exercise your rights under the Australian Privacy Act 1988, contact us at: hello@etflens.com.au

Include "Privacy Request" in the subject line and describe what you would like us to do. We will respond within 30 days as required by the APPs.