At FlexiScanner, we take your privacy seriously. This Privacy Policy explains how we collect, use, protect, and share your personal information when you use our web application. We've implemented enterprise-grade security measures to ensure your data remains safe and private.
Information We Collect
Account Information
Email address (for account creation and authentication)
Full name (for personalization and account management)
Password (encrypted and never stored in plain text)
Biometric authentication data (fingerprint, Face ID, Touch ID)
Device security status and integrity checks
Biometric authentication success/failure logs
App lock and security event timestamps
Technical Information
IP address and location data
Browser type and version
Device information and screen resolution
Usage analytics and performance metrics
Security logs and authentication events
How We Use Your Information
Service Provision: To provide, maintain, and improve our PDF scanning services
Account Management: To create and manage your account, authenticate users
Document Processing: To process, store, and organize your PDF documents
Biometric Security: To verify your identity and secure app access on mobile devices
Security: To protect against fraud, abuse, and security threats
Communication: To send important service updates and security notifications
Analytics: To understand usage patterns and improve our services
Legal Compliance: To comply with applicable laws and regulations
Data Security & Protection
🛡️ Enterprise-Grade Security: We implement industry-leading security measures to protect your data.
Security Measures
Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
Authentication: Secure authentication with biometric support and session management
Access Control: Strict access controls and user permission systems
Monitoring: 24/7 security monitoring and threat detection
Backups: Regular encrypted backups with disaster recovery procedures
Compliance: SOC 2, GDPR, and industry security standards compliance
Data Protection Features
Brute force protection and rate limiting
Input validation and XSS prevention
Biometric data stored securely in device hardware (Secure Enclave/TEE)
Device integrity checks and jailbreak/root detection
Comprehensive audit logging
Secure file upload validation
Regular security updates and patches
Data Sharing & Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following limited circumstances:
Service Providers: With trusted third-party services that help us operate our platform (e.g., cloud hosting, analytics)
Legal Requirements: When required by law, court order, or government request
Safety & Security: To protect the rights, property, or safety of our users or others
Business Transfers: In connection with a merger, acquisition, or sale of assets (with user notification)
Consent: With your explicit consent for any other purpose
Your Privacy Rights
You have the following rights regarding your personal data:
Access: Request access to your personal data
Correction: Request correction of inaccurate or incomplete data
Deletion: Request complete deletion of your account and all personal data (available in Profile settings)
Portability: Request a copy of your data in a portable format
Restriction: Request restriction of processing in certain circumstances
Objection: Object to processing based on legitimate interests
Withdrawal: Withdraw consent where processing is based on consent
Data Retention
Account Data: Deleted IMMEDIATELY upon account deletion request - no retention period
Document Data: All PDFs, folders, and organization data deleted IMMEDIATELY upon account deletion
AI Processing Data: Document summaries, classifications, and extracted data deleted IMMEDIATELY
Share Analytics: All sharing data and access logs deleted IMMEDIATELY with your account
User Profiles: Premium status, settings, and preferences deleted IMMEDIATELY
Security Logs: Anonymized after account deletion to protect your privacy
Biometric Data: Never stored on our servers - remains on your device only
✅ GDPR Compliant: We ensure complete data erasure with no retention of personal information after account deletion.
Cookies & Tracking
We use cookies and similar technologies to enhance your experience:
Essential Cookies: Required for authentication and security
Functional Cookies: Remember your preferences and settings
Analytics Cookies: Help us understand how you use our service
Security Cookies: Protect against fraud and abuse
International Data Transfers
Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place, including standard contractual clauses and adequacy decisions, to protect your data during international transfers.
Children's Privacy
Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information.
Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.
Contact Us
If you have any questions about this Privacy Policy or our privacy practices, please contact us: