Privacy Policy · HTS Scanner

This Privacy Policy explains how HTS Scanner collects, uses, and shares personal data when you use our mobile application and related services (the “Service”). HTS Scanner is operated by SoftArk (David Movsisian, Sole Proprietor), registered in the Netherlands at the Chamber of Commerce under KvK number 92652654. For any questions, write to info@htsscanner.com.

1. Data we collect

We collect the following data, either directly when you use the Service or through the providers listed in Section 3.

Account data

Email address
Username
First and last name (optional, collected when you sign in with Apple or Google, or when you enter it in Settings)
Authentication identifier from Sign in with Apple or Sign in with Google. We use this to recognise you on return visits.
Hashed password (only for accounts created with email and password, never stored in readable form)

Classification data

Photographs you submit for classification
Conversation messages between you and the AI
HTS codes, descriptions, confidence scores, and reasoning produced by the AI
Optional metadata you add: PO number, shipment ID, country of origin, country of destination, notes
Edit history showing prior code values and timestamps

Workspace data

Organisations you create or join
Invite tokens sent to teammate email addresses
Member roles (owner, admin, member) and status

Subscription data

Subscription tier (free, weekly pro, annual pro)
Apple original transaction ID and environment (sandbox or production)
Google purchase token and product ID
Renewal and expiration timestamps

We do not receive or store your payment card details. All payments are processed by the Apple App Store or Google Play under their own privacy policies.

Usage data

Daily and monthly counts of AI requests and classification saves, used for fair-use enforcement
Server logs (IP address, request paths, response codes, timestamps) kept for up to 30 days for security and debugging

2. How we use your data

To run the Service: authenticate you, process AI classifications, save your history, manage your workspace
To enforce subscription entitlements and fair-use limits
To send transactional emails (invite confirmations, subscription receipts, account notices)
To investigate abuse, fraud, or violations of our Terms
To comply with legal obligations

We do not use your photos, conversation messages, or classification data to train any third-party AI model. We do not sell your data, share it with advertisers, or use it for behavioural profiling.

3. Third-party processors

We share limited data with the following processors, each acting on our behalf under appropriate data processing agreements.

Apple Inc. for Sign in with Apple authentication and App Store In-App Purchases. Apple receives your Apple ID identifier and subscription transaction data. See apple.com/legal/privacy.
Google LLC for Sign in with Google, Google Play Billing on Android, and Google Gemini AI for image and text classification. Photos and conversation messages are sent to Gemini for processing. See policies.google.com/privacy.
Wildbit, LLC (Postmark) for transactional email. Postmark receives recipient email addresses and the email body. See postmarkapp.com/eu-privacy.
Hetzner Online GmbH hosts our servers in the European Union. Hetzner is a sub-processor and does not access user data beyond what is needed to operate the infrastructure. See hetzner.com/legal/privacy-policy.

4. International transfers

Some processors (notably Apple and Google) are based in the United States. Personal data may be transferred outside the European Economic Area under Standard Contractual Clauses adopted by the European Commission, or under other lawful transfer mechanisms.

5. Data retention

Account and classification data: kept as long as your account is active
Server logs: 30 days
Subscription receipts: 7 years (required for tax records)
After account deletion: all personal data is permanently removed within 30 days, except for de-identified financial records we are required to keep

6. Your rights

If you are in the European Economic Area, the United Kingdom, or California, you have the following rights:

Access. Get a copy of the data we hold about you.
Correction. Have inaccurate data corrected.
Deletion. Delete your account and all associated data. You can also do this in the app at Settings, Account, Delete account.
Portability. Receive a machine-readable export of your data.
Objection. Object to processing on legitimate interest grounds.
Withdraw consent. Revoke consent you previously gave.

To use these rights, email info@htsscanner.com. We respond within 30 days.

7. Children

HTS Scanner is for users 18 and older. We do not knowingly collect personal data from anyone under 16. If you believe a minor has provided us with personal data, contact us and we will delete it.

8. Accessibility

We design HTS Scanner and this website to meet the Web Content Accessibility Guidelines (WCAG) 2.1 Level AA where reasonably achievable, in line with the Americans with Disabilities Act (ADA) and the European Accessibility Act. If any part of the Service is not accessible to you, email info@htsscanner.com and we will work with you to provide the information in an alternative format.

9. Security

We use industry-standard security measures, including TLS for data in transit, encryption at rest for sensitive fields, and access controls limiting which staff can view production data. No system is perfectly secure. We cannot guarantee that unauthorised access will never occur.

10. Changes

We may update this Privacy Policy from time to time. Material changes will be announced in-app at least 14 days before they take effect.

11. Contact

SoftArk (David Movsisian)
Boterkarn 2, 3223 LS Hellevoetsluis, Netherlands
KvK 92652654
info@htsscanner.com

If you are not satisfied with our response, you have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) at autoriteitpersoonsgegevens.nl.