Privacy Policy

Last Updated: May 21, 2026

            Our Commitment: Your privacy is important to us. This policy explains what data we collect, how we use it, and your rights regarding your personal information.
        

1. Information We Collect

Information You Provide or Generate in the App:

Account and Access Information: Product Scans user ID, optional email credential state, authentication/session state, recovery-code metadata, scan balance, paid-access status, and hashed installation identifiers used for account continuity and abuse prevention.
Scan Inputs and Results: Barcode values, label photos you capture or choose, scan mode, image type, extracted label text, ingredients, nutrition facts, allergens, certifications, warnings, recall status, health-score context, and cited product evidence.
Saved Scan History: Scan summaries you save or reopen, including product name, brand, barcode, health-score summary, recall flag, product image URL from product sources, and bounded result details.
Payment Information: Stripe Checkout status, transaction identifiers, product, amount, currency, and paid-access state. Stripe processes card details directly; Product Scans does not store card numbers.
Promo, Referral, and Feedback Activity: Promo codes, referral codes, redemption activity, bonus-scan balances, product contributions, disputes, and correction notes you submit.

Information Collected Automatically:

Usage Data: Number of scans, quota checks, payment-status checks, promo/referral requests, history actions, and feature usage needed to run the service.
Device and App Information: Browser or app user agent, operating system, coarse request metadata, and Android or installation identifiers when supplied by the app.
Log and Security Data: IP address, access times, request paths, request IDs, rate-limit buckets, dependency errors, and fraud-prevention signals.

2. How We Use Your Information

Purpose	Data Used	Legal Basis
Provide barcode and label scanning	Barcode values, label photos, extracted label text, product-source responses	Contract performance
Process payments	Stripe checkout status, transaction identifiers, paid-access state	Contract performance
Manage access, recovery, and saved history	User ID, optional email credential state, hashed installation ID, recovery metadata, scan summaries	Contract performance
Track scan usage and bonuses	User ID, scan count, promo/referral activity	Legitimate interest
Prevent fraud	Usage patterns, IP address, hashed identifiers, rate-limit data	Legitimate interest
Improve service	Aggregated usage, diagnostics, dependency-failure signals	Legitimate interest

3. Data Sharing

We share your information only with service providers and data sources needed to operate Product Scans:

Stripe: Checkout, payment-status verification, and paid-access reconciliation.
AI Providers: OpenAI, Anthropic, and Google model routes used through our LLM integration to read label photos and extracted label text for the scan you request.
Product and Recall Data Sources: Open Food Facts, FDA openFDA, CPSC SaferProducts.gov, UPC/product databases, USDA or certification registries, and other cited sources used to look up product and recall context.
Hosting, Database, and Security Providers: Infrastructure providers that host the app, database, logs, and security controls on our behalf.
Law Enforcement or Legal Requests: When required by law or to protect the service and users.

We do NOT sell your personal information to third parties, and the mobile app does not include an advertising SDK.

4. Data Retention

Product Images: Processed for the requested scan and not stored by Product Scans as original image files after the request completes. Derived scan results and extracted label fields may be returned to you and saved in scan history if you use history features.
Saved Scan History: Retained until you delete individual entries, clear your history, or request account/data deletion, subject to lawful retention needs.
Account and Access Data: Retained while the account or access entitlement is active. When you submit an authenticated in-app account deletion request, Product Scans removes active account recovery, optional email credential, installation mapping, access, scan-balance, saved-history, promo, referral, account-security token, and account-linked app records where deletion is allowed.
Payment, Feedback, Fraud, and Legal Records: Retained only as needed for payment reconciliation, refunds, tax, fraud-prevention, security, legal, or dispute requirements. Where records must be retained, Product Scans limits or anonymizes account identifiers when possible.
Usage Logs and Rate-Limit Data: Retained only as long as needed for operations, security, debugging, and abuse prevention under configured retention windows.

5. Data Security

We protect your data using:

HTTPS encryption for all data transmission
Secure cloud infrastructure
Access controls and authentication
Regular security audits

6. Your Rights

You can request access, correction, deletion, or portability of your Product Scans data by contacting us. In the app, you can delete saved scan-history entries, clear your saved history, or use the Account & Access deletion control to submit an authenticated account deletion request. To request account and associated data deletion from the web, visit productscans.com/delete-account or email privacy@productscans.com.

CCPA Rights (California Residents)

If you are a California resident, you have the right to:

Know: What personal information we collect and how it's used
Delete: Request deletion of your personal information
Opt-Out: Opt-out of sale of personal information (we don't sell data)
Non-Discrimination: Not be discriminated against for exercising your rights

7. Children's Privacy

Product Scans is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately.

8. Cookies and Tracking

We use minimal cookies and local storage for:

Essential Cookies: Required for the service to function (user session)
Analytics on the Public Website: To understand how users interact with public web pages when analytics are enabled
Mobile App Storage: Secure storage for backend authentication tokens and limited local fallback state for installation continuity

You can disable cookies in your browser settings, but some features may not work properly.

9. Third-Party Services

Our service integrates with:

Stripe: Privacy Policy
OpenAI: Privacy Policy
Anthropic: Privacy Policy
Google: Privacy Policy

10. International Data Transfers

Your data may be transferred to and processed in the United States. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses where applicable.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the new policy on this page and updating the "Last Updated" date.

12. Contact Us

For privacy-related questions or to exercise your rights:

Email: privacy@productscans.com

Support: support@productscans.com

Support Page: productscans.com/support

13. Data Protection Officer

For GDPR-related inquiries, you may also contact our Data Protection Officer at dpo@productscans.com

← Back to Product Scans