1. Introduction
Kelthos Technologies ("we," "our," or "us") operates the SCANUX mobile application (the "App") and the associated web services at scanux.kelthos.com (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our App and Service.
By using SCANUX, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not use the App.
2. Information We Collect
2.1 Information We Do NOT Collect
SCANUX is designed with privacy as a core principle. We do not collect:
- Your name, email address, or phone number
- Account credentials or passwords
- Location data (GPS, network-based, or otherwise)
- Contacts or address book information
- Browsing history or app usage analytics
- Advertising identifiers (GAID/IDFA)
- Any personally identifiable information (PII)
SCANUX requires no account creation or signup to use.
2.2 Device Identifier
When you use the Link-in-Bio or Short Links features, the App generates a random UUID (Universally Unique Identifier) stored locally on your device. This identifier:
- Is randomly generated by the App on first use
- Is not tied to your real identity, Google account, device hardware ID, or any personal information
- Is used solely to associate your bio page and short links with your device
- Cannot be used to identify you personally
- Is stored only in your device's local storage via SharedPreferences
2.3 User-Provided Content
If you choose to use the Link-in-Bio or Short Links features, you voluntarily provide the following content which is stored on our servers:
- Bio Page Content: Display name, bio text, social media links, account number for payments, and selected theme preference
- Short Link Data: The original URL you wish to shorten, and an optional title
This content is associated only with your random device UUID, not with any personal identity.
2.4 Short Link Visit Data
When someone visits a short link created through SCANUX, we collect minimal data for visit counting:
- Visit count: An incremented counter for each short link
- Timestamp: When the visit occurred
- Anonymized IP: IP addresses are truncated/anonymized and used only for basic abuse prevention. We do not store full IP addresses long-term.
- User-Agent: The browser identifier string, stored temporarily
- Referrer: The referring page URL, if provided by the browser
We do not use tracking cookies, pixels, fingerprinting, or any third-party analytics on short link redirects.
2.5 QR Scanning Data
All QR code and barcode scanning is performed entirely on your device using Google ML Kit's on-device processing. Scanned content is:
- Processed locally on your device
- Stored only in your device's local storage (scan history)
- Never transmitted to our servers or any third party
2.6 QR Code Creation Data
QR codes you create are generated entirely on your device. The content, colors, styles, and logos you use are processed locally and are never sent to our servers.
3. Third-Party SDKs and Libraries
SCANUX uses the following third-party software components. We are transparent about each one and what data it can access:
| SDK / Library | Provider | Purpose | Data Access |
|---|---|---|---|
| Flutter SDK | Application framework | None | |
| mobile_scanner | Google ML Kit | Camera-based QR/barcode scanning | Camera frames (on-device only) |
| qr_flutter | Open source | QR code rendering | None (local rendering) |
| flutter_riverpod | Open source | State management | None (local only) |
| shared_preferences | Flutter team | Local key-value storage | None (device storage only) |
| share_plus | Flutter Community | System share sheet | None |
| path_provider | Flutter team | Local file system access | None (local paths only) |
| permission_handler | Open source | Android permission requests | None |
| image_picker | Flutter team | Gallery image selection for QR logo | None (selected image stays local) |
| http (dart) | Dart team | API communication for bio/links | Network (to our server only) |
| Google Fonts (Inter) | Typography | Network (font download) |
No advertising SDKs are included in SCANUX. We do not use Google AdMob, Facebook SDK, Firebase Analytics, Crashlytics, or any other advertising or analytics framework. There are no ads in the App.
4. Permissions
SCANUX requests the following Android permissions:
4.1 Camera (CAMERA)
Required for the QR code and barcode scanning feature. Camera frames are processed entirely on-device using Google ML Kit. Camera data is never transmitted to any server. You can deny this permission and still use QR creation, bio pages, and short links features.
4.2 Internet (INTERNET)
Required for:
- Creating and managing Link-in-Bio pages (communication with scanux.kelthos.com)
- Creating and managing Short Links (communication with scanux.kelthos.com)
- Loading the Inter font from Google Fonts
The App only communicates with our own server (scanux.kelthos.com) and Google Fonts. No data is sent to any other third party.
4.3 Storage (WRITE_EXTERNAL_STORAGE)
Required only on Android 12 and below to save generated QR code images to your device's gallery. On Android 13 and above, this permission is not needed. Saved images remain on your device and are not uploaded anywhere.
5. How We Use Information
We use the limited information we collect solely to:
- Provide the Link-in-Bio hosting service (displaying your bio page at scanux.kelthos.com/b/yourname)
- Provide the Short Links service (redirecting short URLs and counting visits)
- Associate your content with your device so you can edit it later
- Prevent abuse of our services
We do not:
- Sell, rent, or share your data with third parties
- Use your data for advertising or marketing purposes
- Create user profiles or track behavior across apps or websites
- Use data for any purpose other than providing the Service
6. Data Storage and Security
Server-side data (bio pages and short links) is stored in an encrypted database on secure servers. We implement appropriate technical and organizational measures to protect data against unauthorized access, alteration, disclosure, or destruction, including:
- HTTPS encryption for all data in transit
- Database access restricted to the application service only
- Regular security updates and monitoring
- Minimal data collection principle — we store only what is necessary
On-device data (scan history, settings, device UUID) is stored using Android's standard SharedPreferences and local file storage, protected by the operating system's app sandboxing.
7. Data Retention
- Bio Pages: Retained as long as the feature is in use. Bio pages that have not been updated for 12 months may be removed.
- Short Links: Retained indefinitely while the service is active to ensure link permanence.
- Visit Logs: Anonymized visit data is retained for up to 90 days, after which it may be aggregated or deleted.
- On-Device Data: Scan history and preferences are retained on your device until you clear app data or uninstall the App.
8. Data Deletion
You have the right to request deletion of all your server-side data at any time. We provide two methods:
- Self-Service Deletion: Visit scanux.kelthos.com/delete, enter your Device UUID, and all your bio pages, short links, and visit analytics will be permanently deleted immediately.
- Email Request: Contact us at privacy@kelthos.com with your Device UUID, short link codes, or bio page slug. We will process your request within 48 hours.
What gets deleted:
- Your Link-in-Bio page and all its content (name, bio, links, theme)
- All short links created from your device
- All visit analytics and click logs for your short links
- Any server-side data associated with your Device UUID
On-device data (scan history, preferences) can be deleted by clearing the app's data through your Android Settings → Apps → SCANUX → Clear Data, or by uninstalling the app.
Since SCANUX does not require account creation, there is no account to delete. Data deletion removes all server-stored information associated with your anonymous Device UUID.
9. Children's Privacy
SCANUX is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. Since SCANUX does not collect personal information from any user, there is no risk of inadvertently collecting children's data.
If you are a parent or guardian and believe your child has provided personal information through our Service, please contact us at privacy@kelthos.com and we will take steps to remove such information.
SCANUX complies with the Children's Online Privacy Protection Act (COPPA) and similar regulations worldwide.
10. International Data Transfers
Our servers may be located outside your country of residence. By using the Link-in-Bio or Short Links features, you consent to the transfer of the limited information described in this policy to our servers. We ensure appropriate safeguards are in place to protect your data regardless of where it is processed.
11. Your Rights
Depending on your jurisdiction, you may have the following rights:
- Access: Request a copy of any data associated with your device UUID
- Deletion: Request deletion of your bio page, short links, and associated data
- Correction: Update your bio page or short links through the App at any time
- Portability: Request your data in a machine-readable format
To exercise these rights, contact us at privacy@kelthos.com.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Changes are effective immediately upon posting.
We encourage you to review this Privacy Policy periodically for any changes. Your continued use of the App after any modifications indicates your acceptance of the updated Privacy Policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Kelthos Technologies
Privacy Inquiries: privacy@kelthos.com
General Support: support@kelthos.com
Website: https://kelthos.com