Pocket Scan

# Privacy Policy for PocketScan

**Effective Date:** 2026-05-02

**Developer:** Muhammad Ilyas

**Contact:** muhammadilyas15@gmail.com

## 1. Introduction

PocketScan ("we", "our", "the app") is an Android document scanner that captures receipts, business cards, ID cards, and other documents using your device camera, then uses AI to classify and extract structured data from them. This Privacy Policy explains how we collect, use, store, and protect your information when you use our mobile application.

By using PocketScan, you agree to the collection and use of information as described in this policy.

## 2. Information We Collect

### 2.1 Information You Provide

- **Document scans** — JPEG images of pages you capture via the in-app document scanner, stored locally on your device

- **Document names** — optional names you give your scans

- **Extracted fields** — when you use AI classification, extracted text such as merchant name, date, total, contact info, ID number, etc., stored locally

- **Vault selections** — which scans you marked as locked (biometric-protected reveal)

- **Contact form submissions** — email, subject, and message when you contact us through the app

### 2.2 Information Collected Automatically

- **Device information** (manufacturer, model, OS version) — attached to crash reports and contact-form submissions for diagnosis

- **App usage analytics** (screens visited, feature usage frequency) — used to improve the app

- **Advertising identifiers** — used by Google AdMob for ad personalization (free tier only)

- **Crash logs** — collected by Firebase Crashlytics when the app crashes

### 2.3 Information Sent to AI Service

- When you use the **Classify with AI** feature on a scan, the document image is sent to our secure proxy server (Cloudflare Worker) and forwarded to Google's Gemini API to classify the document type and extract structured fields

- The image is downscaled (max 1600px long edge) and base64-encoded before transmission

- We do NOT send your other scans, vault contents, or any other personal data to the AI service — only the single image you explicitly chose to classify

- The AI service does not retain the image after returning the extracted data (per Google's API terms)

- The same secure proxy is shared across our other AI-enabled apps; each app authenticates with its own key and is rate-limited separately

## 3. How We Use Your Information

We use collected information to:

- Provide core app functionality (document capture, scan list, structured extraction, vault)

- Classify documents and extract structured fields via the Gemini AI service

- Display recent scans and let you reopen / share / delete them

- Display relevant advertisements (free tier)

- Improve app performance and fix crashes

- Process subscription and one-time purchase transactions

- Respond to your support inquiries

## 4. Data Storage and Security

### 4.1 Local Storage

- All your scans and extracted data are stored locally on your device in an SQLite database (Room)

- JPEG scans are stored in the app's private internal storage (`getFilesDir()/scans/`) — not accessible by other apps

- Preferences are stored locally in SharedPreferences

- Documents you mark as locked are gated behind a biometric prompt (fingerprint / face) before reveal — Premium feature

### 4.2 Cloud Storage

- PocketScan does NOT store your scans, extracted fields, or vault contents on our servers

- The Gemini AI proxy receives a single document image per classification request and does not persist it after returning the result

### 4.3 Security Measures

- All network communication uses HTTPS/TLS encryption

- AI requests are routed through our Cloudflare Worker proxy, which authenticates each request and rate-limits by app to prevent abuse

- The vault feature uses Android BiometricPrompt for unlock (no biometric template ever leaves the device — Android handles this)

## 5. Data Sharing

### 5.1 We Do NOT Sell Your Data

We do not sell, trade, or rent your personal information to third parties.

### 5.2 Third-Party Services

|---------|---------|--------------|----------------|

| Google Gemini API (via our proxy) | AI document classification + extraction | Document image you explicitly classify | [Google Privacy Policy](https://policies.google.com/privacy) |

### 5.3 Ad Personalization

- Free tier users see advertisements served by Google AdMob

- AdMob may use device identifiers and usage data for ad personalization

- You can opt out of personalized ads through your device settings (Settings → Google → Ads)

- Premium subscribers see no advertisements

## 6. Photos, Documents, and ID Cards

- Scans are captured only when you explicitly tap "Scan document"

- The ML Kit Document Scanner runs in a separate Play Services process — PocketScan declares the CAMERA permission for fallback gallery flows on some OEMs, but normal scanning is gated within the Scanner UI

- Captured documents are stored in the app's private internal storage on your device

- Documents are sent to our AI proxy ONLY at the moment of classification, and never retained beyond that single request

- ID-card scans are treated like any other scan from a privacy perspective — PocketScan does NOT verify, validate, or share ID information with third parties beyond the ephemeral AI classification call

- You can delete scans at any time

## 7. Children's Privacy

PocketScan is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal information, we will delete it promptly.

## 8. Your Rights and Choices

### 8.1 Access and Control

- You can view all your scans and extracted data within the app at any time

- You can edit, rename, or delete any scan

- You can re-classify any scan to refresh the extracted data

### 8.2 Account and Data Deletion

- PocketScan does NOT use accounts — there is no sign-in step

- All data is local; uninstalling the app removes everything (database + scan files + preferences)

- You can also delete individual scans from within the app

### 8.3 Notifications

- You can disable notifications at any time through app Settings or device Settings

### 8.4 Ad Preferences

- Premium subscription removes all advertisements

- You can opt out of personalized ads via device settings (Settings → Google → Ads)

## 9. GDPR Compliance (European Users)

If you are located in the European Economic Area (EEA), you have additional rights:

- **Right to access** — request a copy of your data (note: PocketScan stores everything locally, you already have it)

- **Right to rectification** — edit your data directly in the app

- **Right to erasure** — uninstall to delete all data, or delete individual scans

- **Right to restrict processing** — disable AI classification, ads, or notifications individually

- **Right to data portability** — share scans / export PDF (Premium)

- **Right to object** — object to data processing for marketing

The app uses Google's User Messaging Platform (UMP) to obtain consent for data processing and personalized advertising in compliance with GDPR.

To exercise any of these rights, contact us at muhammadilyas15@gmail.com.

## 10. Data Retention

- Local data is retained until you delete it or uninstall the app

- AI classification requests are not retained after the response is returned

- Analytics data is retained per Google's standard retention policies (14 months)

- Crash reports are retained for 90 days

## 11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by:

- Updating the "Effective Date" at the top of this policy

- Posting a notice within the app

Your continued use of the app after changes constitutes acceptance of the updated policy.

## 12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

**Email:** muhammadilyas15@gmail.com

**Developer:** Muhammad Ilyas

Google Sites

Report abuse