← Back to App

Privacy Policy

Last Updated: January 18, 2026

Introduction

Welcome to Business Card Scanner. This privacy policy explains how we handle your information when you use our business card scanning application.

Information We Collect

1. Images You Upload

When you scan a business card, you provide images either from your device's camera or photo gallery. These images are:

• Processed entirely in your web browser (client-side)
• Sent to Google Gemini API for text extraction (OCR)
• Not stored on our servers
• Not retained by us after processing

2. Google Account Information

If you choose to sign in with Google to save contacts:

• We receive an access token to interact with Google Contacts API
• We only access your Google Contacts when you explicitly save a contact
• Your Google credentials are never stored or transmitted to our servers
• Authentication is handled entirely by Google's secure OAuth 2.0 system

3. Contact Information

Contact information extracted from business cards is processed locally in your browser and:

• Stored temporarily in your browser's memory during editing
• Only saved to Google Contacts or downloaded as vCard when you choose to do so
• Not transmitted to or stored on our servers

How We Use Your Information

We use your information solely to:

• Extract text from business card images using Google Gemini API
• Parse and structure contact information for your convenience
• Save contacts to your Google Contacts (only when you authorize this action)
• Generate vCard files for local download

Third-Party Services

Google Gemini API

We use Google's Gemini API to perform optical character recognition (OCR) on business card images. Images are transmitted to Google's servers for processing. Please review Google's Privacy Policy for information about how Google handles this data.

Google Identity Services & Contacts API

When you sign in with Google, we use Google Identity Services for authentication and Google Contacts API to save contacts. These services are governed by Google's Privacy Policy.

Data Storage and Security

• No Server-Side Storage: We do not operate servers that store your data
• Browser Storage: Temporary data is stored only in your browser's memory and local storage
• Encryption: All communications with Google APIs use HTTPS encryption
• Session Tokens: Google access tokens are stored in your browser's session storage and cleared when you sign out

Your Rights and Choices

You have the right to:

• Access: View and edit all contact information before saving
• Delete: Clear your browser data to remove all locally stored information
• Revoke Access: Sign out to revoke Google access tokens at any time
• Opt-Out: Use the app without signing in to Google (download vCards instead)

Children's Privacy

Our service is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13.

Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new privacy policy on this page and updating the "Last Updated" date.

Contact Us

If you have any questions about this privacy policy, please contact us through the GitHub repository issues page.

Data Retention

Since we do not store your data on our servers, there is no data retention period. All data exists only:

• Temporarily in your browser during the current session
• In your Google Contacts (if you choose to save contacts there)
• In downloaded vCard files on your device

International Data Transfers

When using Google's services (Gemini API, Google Contacts), your data may be processed in data centers located in various countries. Google's practices are governed by their privacy policy and international data transfer frameworks.

← Back to App