Privacy Policy

Last updated: 1 March 2026

1. Who we are

SiteLens is operated by Alcyone AI Ltd (trading as SiteLens), a company registered in England and Wales (Company No. 17060294). References to "SiteLens", "we", "us" or "our" in this policy refer to Alcyone AI Ltd. You can contact us at privacy@sitelens.co.uk.

2. What data we collect

We collect the following categories of personal data:

  • Account data: email address and password (stored hashed) when you create an account.
  • Billing data: payment method details processed by Stripe. We do not store card numbers.
  • Usage data: search queries, alert preferences, and feature usage within the platform.
  • Technical data: IP address, browser type, and access logs for security and debugging.
  • Communications: emails you send to our support address.

3. How we use your data

  • To provide and maintain the SiteLens service.
  • To send you planning application alert emails you have configured.
  • To process your subscription payments via Stripe.
  • To respond to support requests.
  • To detect and prevent fraud or abuse.
  • To comply with legal obligations.

4. Planning application data

SiteLens aggregates planning application data from publicly available UK council planning portals. This data is public record under the Town and Country Planning Act 1990 and related legislation. We do not claim ownership of this data. Where planning applications contain personal information (such as applicant names or agent details), this data is published by the relevant local planning authority and is reproduced here in the same public-record capacity.

5. Legal basis for processing

We process your personal data on the following legal bases under UK GDPR:

  • Contract: account and billing data are necessary to provide the service.
  • Legitimate interests: usage and technical data for security, debugging, and service improvement.
  • Legal obligation: retaining transaction records as required by law.

6. Data retention

We retain your account data for as long as your account is active and for 12 months after closure. Billing records are retained for 7 years as required by HMRC. Usage logs are retained for 90 days.

7. Third-party services

We use the following third-party processors:

  • AWS: cloud infrastructure, including database hosting, Lambda functions, and email delivery via SES. Data is processed in the EU (eu-west-2, London region).
  • Stripe: payment processing. Stripe is PCI-DSS compliant.
  • Anthropic: AI classification of planning application descriptions. We do not send personal data to Anthropic — only application descriptions scraped from public planning portals.

8. Your rights

Under UK GDPR you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data ("right to be forgotten").
  • Object to or restrict processing.
  • Data portability (receive your data in a machine-readable format).
  • Lodge a complaint with the ICO (Information Commissioner's Office) at ico.org.uk.

To exercise any of these rights, email privacy@sitelens.co.uk.

9. Cookies

SiteLens uses localStorage (not cookies) to store your authentication token on your device. No tracking cookies or third-party advertising cookies are set. We do not use Google Analytics or any similar tracking service.

10. Changes to this policy

We may update this policy from time to time. Material changes will be communicated by email to registered users. Continued use of SiteLens after changes constitutes acceptance of the updated policy.