1. Data controller
Kulunka S.L. is the data controller for the personal data collected through the ScanGrounded service. For any queries related to the processing of your data, you can contact us at scangrounded@scangrounded.com.
Company: Kulunka S.L. (Kulunka Sociedad Limitada)
Tax ID (NIF): B95412813
Registered address: Barrio Artatzagana 42, 2.º DR — 48940 Leioa (Bizkaia), Spain
Registered in the Mercantile Registry of Bizkaia. Incorporated on 2 March 2006.
2. How ScanGrounded works (privacy by design)
ScanGrounded is designed from the ground up applying the principle of privacy by design and by default (GDPR Art. 25). Image and document processing occurs entirely in the user's browser using WebAssembly and native browser APIs. Specifically:
- The images and documents you process are never transmitted to an external server or to third parties.
- The processed document history is stored in IndexedDB, a local browser storage mechanism. Only you have access to that data.
- AI inference uses Google AI services through our own proxy (Cloud Functions). This proxy does not store or log document content — it only handles authentication and usage control.
- You can delete all local data at any time from the application settings.
3. What data we collect
3.1 Account data
When you sign up, we collect your email address and a unique user identifier (UID) generated by Firebase Auth. Optionally, the name you provide when signing in with Google. This data is necessary to manage your subscription plan and extraction limit.
3.2 Anonymous usage telemetry
To improve the service, we log anonymized usage events: number of extractions performed, AI models used, and technical errors. These events do not contain the content of processed documents, are not linked to personally identifiable information beyond an encrypted UID, and are used exclusively for performance analysis and error detection.
3.3 Payment data
Payments are processed entirely by Stripe. ScanGrounded never stores bank card data at any point. We only have access to the subscription status (active/inactive) and the Stripe customer ID required for plan management.
3.4 Images and documents
The images and documents you process are not treated as personal data by ScanGrounded, as we do not transmit or store them on our servers. Processing occurs locally on your device. AI service calls are made through our proxy, which does not retain document content.
4. Legal basis for processing (GDPR Art. 6)
For each data category, the legal basis legitimizing the processing is as follows:
| Data category | Legal basis | Article |
|---|---|---|
| Email and UID (account) | Performance of contract | Art. 6.1(b) GDPR |
| Anonymous telemetry | Legitimate interest | Art. 6.1(f) GDPR |
| Billing data (Stripe) | Performance of contract | Art. 6.1(b) GDPR |
| Support communications | Consent | Art. 6.1(a) GDPR |
5. Sub-processors
To provide the service we use the following sub-processors. All of them have adequate safeguards in accordance with GDPR Chapter V (SCCs or Adequacy Decision):
| Sub-processor | Service | Country / Safeguard | Privacy policy |
|---|---|---|---|
| Google Firebase / Google Cloud | Authentication (Firebase Auth), database (Firestore), serverless functions (Cloud Functions) | USA (SCCs + EU-US DPF) | policies.google.com/privacy |
| Stripe, Inc. | Payment processing and subscription management | USA (SCCs + EU-US DPF) | stripe.com/privacy |
| Google LLC (AI services) | AI inference (through own proxy). Does not retain document content. | USA (SCCs + EU-US DPF) | ai.google.dev/terms |
6. Retention periods
| Data category | Retention period |
|---|---|
| Account data (email, UID) | Until you request account deletion |
| Usage telemetry | 12 months from collection, then full anonymization |
| Billing records | 5 years (Spanish tax obligation, General Tax Law) |
| Processed document data | N/A — stored locally on your device only |
7. International data transfers
8. Your rights
Depending on your country of residence, you have the following rights regarding your personal data:
🇪🇺 European Union and EEA — GDPR (Arts. 15–22)
- Access: obtain confirmation of whether we process your data and a copy (Art. 15)
- Rectification: correct inaccurate or incomplete data (Art. 16)
- Erasure ("right to be forgotten"): request deletion of your data (Art. 17)
- Restriction: request that we restrict processing (Art. 18)
- Portability: receive your data in a structured, machine-readable format (Art. 20)
- Objection: object to processing based on legitimate interest (Art. 21)
- Not be subject to automated decisions (Art. 22)
- Lodge a complaint with your national data protection authority (e.g., ICO, CNIL, AEPD)
🇺🇸 California (USA) — CCPA/CPRA
- Right to know what personal information we collect, use, disclose, and sell
- Right to delete the personal information we hold about you
- Right to correct inaccurate personal information
- Right not to be discriminated against for exercising your rights. Note: ScanGrounded does not sell or share personal data for advertising purposes.
🇧🇷 Brazil — LGPD (Arts. 17–22)
- Confirmation of the existence of processing and access to the data
- Correction of incomplete, inaccurate, or outdated data
- Portability to another service provider
- Deletion of data processed with consent
How to exercise your rights
To exercise any of these rights, send an email to scangrounded@scangrounded.com stating the right you wish to exercise, your name and the email address associated with your account. We will respond within a maximum of 30 days (GDPR Art. 12).
9. Cookies and local storage
ScanGrounded does not use tracking or advertising cookies. The storage we use is strictly necessary for the functioning of the service:
| Key / Mechanism | Purpose | Expiry |
|---|---|---|
| localStorage (scangrounded_settings) | User preferences: language, visual theme, app settings | Until the user clears them |
| IndexedDB (scangrounded_history) | Processed document history (local data, not transmitted) | Until the user clears them |
| Firebase Auth (sessionStorage) | Authentication session token | Duration of the active session |
10. Children's privacy
ScanGrounded is not directed at children under 16 years of age (or the applicable minimum age in your jurisdiction under GDPR Art. 8). We do not knowingly collect personal data from children. If you are a parent or guardian and believe a child has provided personal data through our platform, contact us at scangrounded@scangrounded.com and we will proceed to immediate deletion. For users in the United States under 13 years of age, we comply with COPPA requirements.
11. Technical and organizational security measures
We implement the following security measures in accordance with GDPR Art. 32 and ISO/IEC 27001:
- Encryption in transit: all communications use HTTPS with TLS 1.3
- Secure authentication: Firebase Auth with short-lived JWT tokens and automatic rotation
- Access control: UID-based Firestore security rules. No data is accessible without valid authentication
- Least privilege principle: serverless functions only have access to strictly necessary resources
- Secure development: we follow OWASP Top 10 in the application design and AI proxy
- No document persistence: processed images are not saved on any server; the proxy does not log their content
12. Security breach notification
13. Changes to this policy
We may update this privacy policy to reflect changes to the service, applicable legislation, or our data practices. When material changes occur, we will inform you through a prominent notice in the application or by email at least 30 days before the changes take effect. The date of last update always appears at the top of this page.
14. Contact and data protection officer
For any queries, rights requests, or complaints related to the processing of your personal data, contact us: