World Lens is committed to building trust in our organization and platform by protecting customer and user data, models, and products through best-in-class security practices.
World Lens (operated by Wildey Labs LLC) follows SOC 2 Type II principles and industry best practices to safeguard customer data throughout its lifecycle. We collect only the minimal personal data necessary: email address, first name, and last name for authentication and access control. All usage analytics are pseudonymous and never tied to personal identifiers.
All data is encrypted at rest using AES-256 encryption and in transit using TLS 1.2+. We leverage Google Cloud Platform's enterprise-grade infrastructure with role-based access control (RBAC) through Google Cloud IAM, mandatory multi-factor authentication (MFA), and continuous security monitoring.
We implement principle of least privilege access with quarterly access reviews. All system activities are logged and monitored continuously. Our security team conducts regular vulnerability assessments and maintains an incident response plan aligned with industry standards.
Personal data is retained only as long as necessary to provide our services or meet legal obligations. Customers may request data deletion at any time. We maintain documented data lifecycle policies covering both primary data and backup retention periods.
Privacy protection is embedded throughout our development lifecycle and operational processes. We implement data minimization principles, purpose limitation, and privacy-preserving technologies to ensure protection by design and by default.
Our security team is available to address questions about our data protection practices, compliance posture, or to discuss your organization's specific security requirements.