Last updated: June 27, 2025
This Privacy Notice for OriginScan ("we," "us," or "our") outlines how and why we might access, collect, store, use, and/or share ("process") your information when you use our services ("Services"), including when you:
If you have questions or concerns, this Privacy Notice will clarify your privacy rights and choices. As OriginScan operates with a zero-knowledge architecture, we do not collect or process personal information in the traditional sense, except in limited cases such as reporting suspicious barcodes. If you do not agree with our policies, please refrain from using our Services. For inquiries, contact us at samin.rash525@silomails.com.
What personal information do we process? OriginScan processes minimal personal information. All barcode scanning and processing occur locally in your browser, with scan results stored in the "Scan History" and displayed in the "Product Origin" section with metadata (e.g., barcode, country, timestamp). Aggregated data may be shown in the "Scans Today" statistic, stored locally. Personal information, such as names or contact details, is not collected unless voluntarily provided when submitting a suspicious barcode report, where you may include a description and optionally an email address for follow-up.
Do we process any sensitive personal information? OriginScan does not process sensitive personal information unless embedded in scanned barcodes (e.g., identifiers or payment details). Such data is decoded and stored locally without transmission. If you submit a suspicious barcode report, you may voluntarily include sensitive information in the description, which is processed only for the report and not stored by us beyond submission.
Do we collect any information from third parties? We collect limited data from third parties (e.g., OpenStreetMap for country coordinates, Rest Countries API for population data) to enrich scan results, but this data is not personal and is processed locally or fetched in real-time without storing user-specific information.
How do we process your information? All barcode scanning and data processing occur locally in your browser. Scanned barcode data is displayed in the "Product Origin" section, stored in the "Scan History" with metadata, and may trigger third-party API calls (e.g., for map coordinates or population) without transmitting personal data. Suspicious barcode reports are sent to our server with the provided barcode and description, and optionally an email, for review.
In what situations and with which parties do we share personal information? OriginScan does not share personal information except when you submit a suspicious barcode report, where the barcode, description, and optional email are sent to our server for processing. No other data is shared with third parties, as scan results and history remain local.
How do we keep your information safe? Local data (scan results, history) is protected by your device’s and browser’s security features (e.g., encryption, access controls). Suspicious barcode reports are transmitted securely to our server using HTTPS, with minimal data retention for review purposes only.
What are your rights? You control your data through OriginScan’s interface (e.g., clear, export, or import scan history) and browser settings. For suspicious barcode reports, you may request access, correction, or deletion of submitted data by contacting us, though traditional data protection rights are limited due to our zero-knowledge architecture.
How do you exercise your rights? Manage local data via OriginScan’s interface (e.g., "Clear All" for history) or browser storage settings. For suspicious barcode report data, contact us at samin.rash525@silomails.com to review, update, or delete your submission.
Review the Privacy Notice in full below.
In Short: OriginScan collects minimal personal information, limited to voluntary submissions in suspicious barcode reports; all other data is processed and stored locally.
OriginScan processes barcode data locally within your browser, without accounts or external storage. When you scan a barcode using your device’s camera, upload an image, or enter a barcode manually, the data is displayed in the "Product Origin" section and stored in the "Scan History" with metadata (e.g., barcode, country, flag, timestamp). The "Scans Today" statistic tracks scan counts locally. No personal information (e.g., name, email, IP address) is collected during scanning, unless embedded in the barcode itself, in which case it is only stored locally. When submitting a suspicious barcode report, you may voluntarily provide a description and an optional email address, which we collect solely for processing the report.
OriginScan does not process sensitive personal information unless embedded in scanned barcodes (e.g., financial details or identifiers), which is decoded and stored locally without transmission. If you include sensitive information in a suspicious barcode report’s description, it is processed only for the report and not stored beyond submission.
OriginScan fetches non-personal data from third-party APIs (e.g., OpenStreetMap for country coordinates, Rest Countries API for population) to enrich scan results. These requests do not include personal information and are processed in real-time or cached locally in your browser.
In Short: Most processing occurs locally in your browser; suspicious barcode reports involve limited server communication.
OriginScan processes barcode data locally, decoding barcodes from camera scans, uploaded images, or manual input. Results are displayed in the "Product Origin" section and stored in the "Scan History" with metadata (e.g., barcode, country, timestamp). The "Scans Today" statistic aggregates scan counts locally. Third-party API calls (e.g., for country coordinates or population) are made in real-time without transmitting personal data. When you submit a suspicious barcode report, the barcode, description, and optional email are sent to our server via a secure form submission for review.
In Short: Local processing requires no legal basis; suspicious barcode reports rely on your consent.
OriginScan’s zero-knowledge architecture ensures most data (scan results, history) is processed locally, requiring no legal basis under data protection laws (e.g., GDPR, UK GDPR, Canadian law). For suspicious barcode reports, we rely on your explicit consent to process the submitted barcode, description, and optional email, as provided during form submission.
In Short: We share personal information only for suspicious barcode reports, sent to our server for review.
OriginScan does not share scan results or history with third parties, as all data remains local. When you submit a suspicious barcode report, the barcode, description, and optional email are sent to our server for review. No other data is shared, including with business partners or in business transfers, aligning with our zero-knowledge principle.
In Short: Local data persists in your browser until cleared; report data is retained only as needed.
Scan results, history, and metadata remain in your browser’s local storage until you clear them using the "Clear All" feature or browser settings. Suspicious barcode report data (barcode, description, optional email) is retained on our server only for the time necessary to review the report, after which it is deleted unless further action is required.
In Short: Local data is secured by your device; report data is transmitted securely.
Local data (scan results, history) is protected by your device’s and browser’s security features, such as encryption and access controls. Suspicious barcode reports are sent over HTTPS to our server, with minimal retention and access restricted to authorized personnel for review purposes only.
In Short: You control local data via the app; report data rights can be exercised by contacting us.
As most data is processed locally, traditional privacy rights (e.g., access, rectification, deletion under GDPR) apply minimally. You control scan results and history through OriginScan’s interface (e.g., view, export, clear) or browser storage settings. For suspicious barcode reports, you may request access, correction, or deletion of your submitted data by contacting us at samin.rash525@silomails.com.
OriginScan does not use cookies, trackers, or analytics, so Do-Not-Track (DNT) signals are irrelevant. No user behavior is monitored. If a DNT standard is adopted, we will update this notice. For California residents, OriginScan complies with the "Shine The Light" law by not sharing data with third parties for marketing.
In Short: U.S. state privacy rights are largely inapplicable, but you control local data.
OriginScan collects minimal personal information, limited to suspicious barcode reports. The following table outlines U.S. state law categories (e.g., California, Colorado):
| Category | Examples | Collected |
|---|---|---|
| A. Identifiers | Name, email, IP address | YES (Only optional email in suspicious barcode reports) |
| B. Personal information (California Customer Records) | Name, contact information, financial details | YES (Only if included in report description) |
| C. Protected characteristics | Gender, age, race | NO |
| D. Commercial information | Transaction details | NO |
| E. Biometric information | Fingerprints, voiceprints | NO |
| F. Internet activity | Browsing history | NO |
| G. Geolocation data | Device location | NO |
| H. Audio, electronic, sensory information | Images, video | YES (Camera input processed locally in real-time, not stored; image uploads processed locally) |
| I. Professional information | Job title, work history | NO |
| J. Education information | Student records | NO |
| K. Inferences from personal information | Profiles | NO |
| L. Sensitive personal information | Financial data, IDs | YES (Only if embedded in barcodes or report descriptions, processed locally or for reports) |
You can manage local data via OriginScan’s interface or browser settings. For report data, contact us to exercise rights like access or deletion.
In Short: Region-specific rights are limited, but you control your data.
For Australia, New Zealand, or South Africa, OriginScan’s minimal data collection (local processing and optional report submissions) complies with the Privacy Act 1988, Privacy Act 2020, and POPIA, respectively. Manage local data via the app or browser. For report data, contact us to exercise rights. Complaints can be directed to:
OriginScan’s core scanning and history features use a zero-knowledge architecture, ensuring no scan data or personal information is collected, transmitted, or stored by us, except for suspicious barcode reports. All scanning occurs in your browser, keeping data under your control.
Most OriginScan functionalities (scanning, history, map display) are executed locally. Third-party API calls (e.g., OpenStreetMap, Rest Countries) fetch non-personal data without user identifiers. Suspicious barcode reports involve secure server communication, limited to the barcode, description, and optional email.
OriginScan does not use cookies, tracking pixels, or analytics. User behavior is not monitored, ensuring an anonymous experience, except for voluntary report submissions.
In Short: Yes, we may update this notice to reflect changes or comply with laws.
We may revise this Privacy Notice, with updates indicated by a revised date. Significant changes will be prominently posted or communicated. Review this notice periodically to stay informed.
For questions, contact us at:
Email: samin.rash525@silomails.com
Post:
Samin Yasar
OriginScan Developer
Dhaka, Bangladesh
For local data, use OriginScan’s interface (e.g., "Clear All" for history) or browser storage settings to review, update, or delete scan results and history. For suspicious barcode report data, contact us at samin.rash525@silomails.com to request access, correction, or deletion. Visit our Contact Form for assistance.