Privacy Policy

At ScanAndSync, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service. We are fully compliant with GDPR and other international privacy regulations.

1. Information We Collect

Personal Information

When you register for an account, we collect:

• Name and email address
• Password (encrypted)
• Billing information (for paid plans)
• Contact information you upload or scan

Usage Data

We automatically collect certain information about your device and usage:

• IP address and browser type
• Device information
• Pages visited and features used
• Time and date of access

2. How We Use Your Information

We use the information we collect to:

• Provide and maintain our service
• Process your transactions
• Send you service-related communications
• Improve our service and develop new features
• Protect against fraud and abuse
• Comply with legal obligations

3. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information only in the following circumstances:

• With your explicit consent
• To comply with legal obligations
• To protect our rights and prevent fraud
• With service providers who assist in our operations (under strict confidentiality)
• In connection with a merger or acquisition

4. Data Security

We implement industry-standard security measures to protect your information:

• SSL/TLS encryption for all data in transit
• End-to-end encryption available for contact data storage
• Per-user encryption keys derived from master key
• Fernet symmetric encryption for sensitive fields
• Regular security audits and penetration testing
• Strict access controls and authentication
• Regular backups and disaster recovery procedures

5. GDPR Compliance

We are fully compliant with the General Data Protection Regulation (GDPR). For EU residents, we provide additional protections and rights:

• Lawful Basis: We process data based on consent, contract, or legitimate interests
• Data Minimization: We only collect data necessary for service provision
• Purpose Limitation: Data is used only for stated purposes
• Data Protection Officer: Available for privacy inquiries
• Privacy by Design: Privacy considered in all system design

6. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and data
• Portability: Export your contacts in standard formats
• Opt-out: Unsubscribe from marketing communications

7. Data Retention

We retain your personal data only as long as necessary to provide our services and fulfill the purposes outlined in this policy. When you delete your account, we permanently remove your data within 30 days, except where legal obligations require longer retention.

8. Cookies and Tracking

We use cookies and similar technologies to enhance your experience. You can control cookie settings through your browser, but disabling cookies may limit some features.

9. Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect information from children under 13. If you believe we have collected such information, please contact us.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers in compliance with applicable laws.

11. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete personal information, and the right to opt-out of the sale of personal information (which we do not do).

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by email or through the service. Your continued use after changes constitutes acceptance.

13. Contact Us

If you have questions about this Privacy Policy or our practices, please contact us: