Effective: June 2026

Privacy Policy

Short version: we collect the minimum we need to run the service, store it encrypted, never sell it, and give you tools to download or delete it anytime.

1. Who's the data controller

ScaneReport, an individual developer (Telegram: @nknaumov, email: [email protected]).

2. What we collect

2.1. Account data

• Email / login — for sign-in and contact.
• Name — shown in reports and the UI.
• Password — stored only as a bcrypt hash (12 rounds). Plain text is never stored.
• TOTP secret (if you enabled 2FA) — base32, stored in the encrypted DB.
• UI language — synced across devices.
• Notification preferences.

2.2. Working data

• Reports: date, site, work type, volume, headcount, comments.
• Photos attached to reports — stored in encrypted file storage.
• GPS coordinates (only if your team admin enables the GPS policy).
• Sites and work types created within your team.

2.3. Technical data

• IP and User-Agent — for active sessions only (visible in profile, revocable).
• Push subscriptions (endpoint + browser keys) — only if you enabled push.
• Audit log — login, report deletion, export. Not the report content itself.
• Anonymous analytics — self-hosted Matomo, no cookie-tracking by default.

3. Why we collect it

• To provide a working service (no email = no account, no reports = no system).
• To keep you safe (login logging, suspicious-session detection).
• To invoice paid plans (we receive only email + plan name; card processing is done by Donatello, never on our side).
• To improve the product based on aggregated analytics.

4. How we store it

• Database encrypted with SQLCipher AES-256.
• Passwords — bcrypt, 12 rounds. 2FA backup codes — SHA-256.
• Connections always over HTTPS / TLS 1.2+.
• Session cookies — HttpOnly, Secure, SameSite=Lax.
• Backups encrypted, kept on a minimal retention schedule (typically 14 days).

5. Who we share data with

By default — no one. Exceptions:

• Donatello — for paid plan payments (only email + amount; card processing on their side).
• Infrastructure providers (hosting, Cloudflare CDN) — only transit traffic, no access to decrypted DB contents.
• Law enforcement — only via lawful process.

We never sell data to ad networks or data brokers.

6. Your rights (GDPR-aligned)

• Access and export — Profile → "Download my data" returns a JSON archive.
• Deletion — Profile → "Delete account". Removes account, reports, photos, sessions, push subscriptions.
• Correction — change name / email / password from profile.
• Session revocation — see and revoke any active session.
• Complaint — email us, or contact your local data-protection authority.

7. Cookies

We only use technical cookies: session token (for login), theme preference, language. No advertising or tracking cookies.

8. Children

The service is not intended for anyone under 16. We do not knowingly collect children's data.

9. Changes to this policy

For material changes we'll notify in-app and update the date at the top. Current version — 1.0 (June 2026).

10. Privacy contact

📨 Telegram: @nknaumov ✉️ [email protected]