Back to Resources

Cookie Policy

1. Purpose

This Cookie Policy explains how Lens Health Technologies Ltd ("we", "us", "our") uses cookies and similar technologies in connection with our website and SaaS application.

This policy is designed to comply with:

  • UK GDPR and Data Protection Act 2018
  • Privacy and Electronic Communications Regulations (PECR)
  • ISO/IEC 27001 information security principles (where applicable to access control and session management)

2. What are cookies?

Cookies are small text files placed on your device when you visit a website or use a web application. They are used to enable core functionality, improve security, and maintain user sessions.

Cookies may be:

  • Session cookies (deleted when you close your browser)
  • Persistent cookies (stored until expiry or deletion)

3. How we use cookies

We use strictly necessary cookies only. These cookies are essential for the operation and security of our services.

They are used for:

  • User authentication and secure login sessions
  • Maintaining session state within the application
  • Security controls (e.g. CSRF protection, fraud prevention, access control)
  • Load balancing and basic system stability

These cookies are required for the service to function correctly and securely.

4. Cookies we do NOT use

We do not use cookies for:

  • Advertising or targeted marketing
  • Behavioural tracking across websites
  • User profiling or automated decision-making
  • Third-party analytics (e.g. Google Analytics, Meta Pixel, etc.)
  • Social media tracking

5. Legal basis for processing

We process strictly necessary cookies on the legal basis of legitimate interests (Article 6(1)(f) UK GDPR), specifically to:

  • Deliver a secure and functional SaaS platform
  • Ensure authentication and authorisation controls operate correctly

Where cookies are strictly necessary for service delivery, consent is not required under PECR.

6. Third-party cookies

We do not use third-party cookies for tracking, analytics, or advertising purposes.

Where we rely on third-party infrastructure providers (such as hosting or authentication services), any cookies set are strictly necessary for the operation, security, and integrity of the service.

7. Cookie management

Because we only use strictly necessary cookies:

  • These cookies cannot be disabled without impacting core functionality
  • You may block or delete cookies via your browser settings
  • Doing so may prevent login or disrupt core application features

Because we only use strictly necessary cookies, users are not presented with a cookie consent banner.

In accordance with the Privacy and Electronic Communications Regulations (PECR), consent is not required for cookies that are essential to the operation, security, and delivery of the service.

8. Data protection and security

Cookies used in our systems are:

  • Minimised to only what is required
  • Not used to store sensitive personal data unless strictly required
  • Protected using secure transmission (HTTPS) and appropriate session controls
  • Managed in accordance with our internal security controls aligned to ISO/IEC 27001 principles

9. Changes to this policy

We will update this Cookie Policy from time to time where necessary to reflect changes in technology, law, or our services. Updates will be posted on this page with a revised "Last Updated" date.

10. Contact us

If you have any questions about this Cookie Policy or how we use cookies, please contact:

Lens Health Technologies

Email: info@lenstechnologies.ai