← Home

Privacy Policy

Last updated: April 2, 2026

1. Who We Are

FounderLens is operated by Mostafa Khafagy under the business name Khufu Systems. This Privacy Policy explains how we collect, use, and protect your personal data when you use our platform at founderlens.co.

2. Data We Collect

Account information: Email address provided during registration or waitlist signup.

Usage data: Pages visited, features used, interaction timestamps, and device/browser information collected automatically.

Cookies: We use essential cookies for authentication and session management. Analytics cookies (Plausible) are privacy-friendly and do not use personal identifiers.

3. How We Use Your Data

  • Provide and maintain the Service
  • Authenticate your account (magic link login)
  • Send transactional emails (welcome, upgrade confirmation)
  • Send newsletters and product updates (with opt-out)
  • Improve the Service based on usage patterns
  • Respond to support requests

4. Payment Processing

Payments are processed by our Merchant of Record, Paddle.com (Paddle Payments Ltd). We do not store credit card numbers, billing addresses, or other payment details on our servers. Paddle handles all payment data in accordance with PCI DSS standards. Please refer to Paddle's Privacy Policy for details on how they process payment data.

5. Data Sharing

We share data with the following service providers, solely to operate the Service:

  • Paddle — payment processing and tax compliance
  • Supabase — database and authentication
  • Resend — transactional email delivery
  • Vercel — hosting and content delivery

We do not sell your personal data to third parties. We do not share data for advertising purposes.

6. Data Retention

We retain your account data for as long as your account is active. If you request account deletion, we will remove your personal data within 30 days. Some anonymized usage data may be retained for analytics purposes.

7. Your Rights (GDPR)

If you are located in the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation:

  • Access — request a copy of your personal data
  • Correction — request correction of inaccurate data
  • Deletion — request deletion of your personal data
  • Export — request a portable copy of your data
  • Object — object to processing of your data for certain purposes

To exercise any of these rights, contact us at mostafa1khafagy1@gmail.com. We will respond within 30 days.

8. Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (TLS), secure authentication (magic links), and row-level security on our database. However, no method of transmission over the Internet is 100% secure.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes via email or a prominent notice on the Service. Continued use after changes constitutes acceptance.

10. Contact

For privacy-related questions, contact us at mostafa1khafagy1@gmail.com.

Terms of ServiceRefund Policy