Privacy Policy - QuickScan

Last Updated: January 15, 2026

Your Privacy Matters: QuickScan is committed to protecting your privacy with military-grade encryption. This app is designed with privacy at its core - we don't collect, store, or share any of your personal information with third parties. Your sensitive data is protected by AES-256-GCM encryption and biometric authentication.

🛡️ Military-Grade Security | 🔐 Hardware-Backed Encryption | 👆 Biometric Protection

1. Introduction

Welcome to QuickScan! This Privacy Policy explains how QuickScan ("we", "our", or "the app") handles your information when you use our privacy-first QR code and barcode scanning application with Secure Vault. We are committed to protecting your privacy with industry-leading security measures and ensuring complete transparency about our data practices.

By using QuickScan, you agree to the terms outlined in this Privacy Policy. If you do not agree with this policy, please do not use the app.

2. Information We Collect

2.1 Camera Access

QuickScan requires access to your device's camera to scan QR codes and barcodes. The camera is used exclusively for real-time scanning purposes. We do not store, transmit, or share any images or video captured by your camera.

2.2 Scan History

The app stores a local history of your scanned codes on your device. This data includes:

Scanned code content (text, URLs, etc.)
Timestamp of when the scan was performed
Type of code scanned (QR code, barcode, etc.)
Category classification (automatic)

Important: This scan history is stored locally on your device only and is never transmitted to external servers or shared with third parties.

2.3 Secure Vault (NEW - v1.3.0)

QuickScan now includes an optional Secure Vault feature for storing sensitive scans with military-grade encryption:

Encrypted Content: Sensitive scans stored in the vault are encrypted using AES-256-GCM encryption
Encryption Keys: Encryption keys are stored in Android Keystore (hardware-backed security)
Initialization Vectors: Unique IV for each encrypted item (stored locally)
Biometric Data: Device biometric authentication (fingerprint/face) is used to unlock the vault - we never access or store your biometric data
Metadata: Category, label, expiration timestamp, access count, favorite status (stored locally)

Privacy by Design: Items saved to Secure Vault never appear in regular history. All vault data is stored locally on your device with hardware-backed encryption. We cannot access your vault data.

2.4 Smart Privacy Detection (NEW - v1.3.0)

QuickScan includes intelligent privacy detection that automatically identifies sensitive content:

Pattern Analysis: Detects passwords, cryptocurrency addresses, private keys, and sensitive keywords locally on your device
Processing: All detection happens on-device using pattern matching and entropy analysis - no data is sent to external servers
Detection Results: Reasons for detection are shown to you but never transmitted externally

User Control: You can enable or disable smart detection at any time in Settings. Detection results are used only to provide privacy recommendations.

2.5 Biometric Authentication

If you use the Secure Vault feature, the app may request access to your device's biometric authentication (fingerprint or face unlock):

We never access, store, or process your biometric data
Biometric authentication is handled entirely by your device's secure hardware
The app only receives a success/failure response from your device
Your biometric data never leaves your device's secure enclave

2.6 App Settings

Your app preferences and settings are stored locally on your device:

Theme preferences (dark mode)
Sound and vibration settings
Auto-detect sensitive content (enabled/disabled)
Vault items skip history (enabled/disabled)
Auto-copy to clipboard

3. How We Use Your Information

The information collected by QuickScan is used solely for the following purposes:

Scanning Functionality: Camera access is used to scan QR codes and barcodes in real-time
Scan History: Stored locally to allow you to review previously scanned codes
Secure Vault: Encrypted storage for sensitive scans with biometric protection
Smart Detection: On-device pattern matching to identify sensitive content and provide privacy recommendations
App Settings: To remember your preferences and provide a personalized experience

4. Data Storage and Security

All data collected by QuickScan is stored locally on your device using secure storage mechanisms provided by the Android operating system. We implement the following security measures:

4.1 Standard Storage

Regular scan history stored in encrypted local databases (Room/SQLite)
App settings stored in DataStore with encryption at rest
No data transmitted over the internet
No external servers or cloud storage used

4.2 Secure Vault Storage (Military-Grade)

Encryption Algorithm: AES-256-GCM (Advanced Encryption Standard with Galois/Counter Mode)
Key Size: 256-bit encryption keys
Key Storage: Android Keystore (hardware-backed, TEE/Secure Element)
Authentication Tag: 128-bit GCM authentication tag for data integrity
Unique IVs: Each encrypted item uses a unique initialization vector
Biometric Lock: Vault access requires device biometric authentication
Auto-Expire: Optional ephemeral storage (1-72 hours) with automatic cleanup

What This Means: Your Secure Vault data uses the same encryption standard trusted by governments and financial institutions. Even if someone gains physical access to your device, your vault data remains protected by hardware-backed encryption and biometric authentication.

5. Data Sharing and Third Parties

We do not share, sell, rent, or trade your information with any third parties.

QuickScan operates entirely offline with respect to your personal data. We do not:

Share your scan history or vault data with any third parties
Sell your data to advertisers or marketers
Upload your information to external servers or cloud services
Use analytics or tracking services that collect personal information
Integrate third-party advertising networks that track users
Transmit encryption keys or encrypted data to external servers

6. Permissions Required

QuickScan requires the following permissions to function:

Camera Permission (Required): To scan QR codes and barcodes. Without this, the core functionality cannot work.
Biometric Permission (Optional): To unlock Secure Vault using fingerprint or face authentication. Only required if you use the Secure Vault feature.
Storage Permission (Optional): To export scan history to CSV/JSON files or save QR codes to gallery.

You can revoke these permissions at any time through your device's settings, though this will limit the app's functionality.

7. Data Retention and Deletion

You have complete control over your data:

Scan History: Delete individual scan records or clear entire history anytime through Settings
Secure Vault: Delete individual vault items or all vault data anytime. Deleted items are immediately and permanently removed.
Auto-Expire: Vault items can be set to automatically delete after 1-72 hours
Complete Data Removal: Uninstalling the app permanently deletes all locally stored data, including scan history, vault data, encryption keys, and app settings

Note: Due to hardware-backed encryption in Secure Vault, once data is deleted, it cannot be recovered - not even by us.

8. Privacy by Design

QuickScan implements privacy-first architecture:

Zero Tracking: No analytics, telemetry, or user tracking of any kind
Offline First: Core functionality works 100% offline
Local Storage: All data stored on your device, never on our servers
Smart Detection: Automatically identifies sensitive content (passwords, crypto, medical data) and recommends secure storage
Vault Skip History: Items saved to Secure Vault never appear in regular history (default: enabled)
Transparent Encryption: You can see what's encrypted and control your data
No Cloud Dependencies: App functions without internet connection

9. Children's Privacy

QuickScan does not knowingly collect any personal information from children under the age of 13. The app is designed for general use and does not target children. Since we don't collect or transmit personal information to external parties, the app can be used by all ages safely. Parents should supervise their children's use of the Secure Vault feature.

10. External Links

When you scan a QR code containing a URL, QuickScan may offer to open the link in your device's web browser. Please note:

We are not responsible for the privacy practices of external websites
We recommend reviewing the privacy policies of any websites you visit
Opening external links is always optional and requires your explicit action
Sensitive URLs can be saved to Secure Vault instead of being opened immediately

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. When we make changes:

The "Last Updated" date at the top will be revised
Significant changes will be communicated through the app or app store listing
Continued use of the app after changes constitutes acceptance of the updated policy

12. Your Rights

As a user of QuickScan, you have the following rights:

Access: Access all your stored scan history and vault items through the app interface
Deletion: Delete any or all of your scan records and vault items at any time
Export: Export your scan history to CSV/JSON format
Control: Full control over when and how the app accesses your camera and biometric authentication
Transparency: Clear visibility into what data is stored, encrypted, and protected
Privacy Settings: Configure auto-detection and vault history behavior
Biometric Control: Enable or disable biometric vault access at any time

13. Contact Us

If you have any questions, concerns, or suggestions regarding this Privacy Policy or QuickScan's privacy practices, please contact us:

Developer: Hemanth Guvvala

Email: hkggroups@gmail.com

GitHub: github.com/hemanthguvvala/QuickScan

We will do our best to respond to your inquiries promptly.

14. Legal Compliance

QuickScan is designed to comply with applicable privacy laws and regulations, including:

GDPR (General Data Protection Regulation): For European users
CCPA (California Consumer Privacy Act): For California users
PIPEDA (Personal Information Protection): For Canadian users
Other regional privacy regulations

Since we do not collect, process, or transmit personal data to external parties, compliance with these regulations is simplified. Our Secure Vault encryption meets or exceeds industry standards for data protection.

15. Security Incidents

In the unlikely event of a security incident:

Since all data is stored locally on your device with hardware-backed encryption, remote breaches are not possible
If a vulnerability is discovered in the app, we will release a security update immediately
Users will be notified through app store updates and in-app notifications
We encourage users to keep the app updated to the latest version

16. Consent

By installing and using QuickScan, you consent to:

The collection and local storage of scan history as described in this policy
The use of your device's camera for scanning purposes
Optional use of Secure Vault with AES-256-GCM encryption
Optional use of device biometric authentication for vault access
On-device smart privacy detection (can be disabled)
The storage of app settings and preferences locally on your device

You can withdraw consent for specific features by disabling them in Settings or uninstalling the app.