TL TokenLensPricingAboutSign in

Privacy Policy

Last updated: July 3, 2026

TokenLens ("we", "us") provides LLM cost monitoring for teams. This policy explains what we collect, why, and how it's protected.

What we collect

Account data: your email address (for sign-in and notifications). Billing metadata from your LLM providers: daily cost totals grouped by model and project — numbers only. We never receive, request, or store your prompts, completions, or any content sent to LLM APIs. Settings you provide: budgets, notification email, Slack webhook URL.

Provider API keys

Admin keys you connect are used solely to read billing data from your provider's official APIs. Keys are encrypted at rest with AES-256-GCM before touching our database, are never sent to your browser after entry, and are never logged. You can disconnect (delete) a key at any time on the Providers page, which removes it immediately. These keys are read-only for billing by design and cannot make model calls or spend on your behalf.

How data is used

To render your dashboards, compute insights, and send the alerts you configure. We do not sell your data, use it for advertising, or train models on it.

Subprocessors

Vercel (hosting), Supabase (database and authentication), and Resend (email delivery, only if email alerts are enabled). Each processes data only as needed to provide the service.

Retention and deletion

Spend history is retained while your account is active. To delete your account and all associated data (including encrypted keys and spend history), email us and we'll complete deletion within 30 days.

Contact

Questions or deletion requests: privacy@tokenlens.us