Claimscan
// PRIVACY

Privacy Policy

Last updated: April 26, 2026

1. Controller

Piyal Ranasinghe, Querstraße 6, 90489 Nürnberg, Germany. Email: contact@claimscan.io. Privacy contact: security@claimscan.io.

2. Purposes of Processing

Claimscan is a SaaS service for forensic verification of return images in e-commerce. We process personal data exclusively for:

  • Account & authentication — email, password hash, company name. Legal basis: Art. 6(1)(b) GDPR (contract performance).
  • Image analysis — uploaded images are analyzed forensically (metadata, pixel forensics, optional AI detection). Legal basis: Art. 6(1)(b) GDPR.
  • Billing — for paid plans, billing data is shared with our payment provider (Dodo Payments, merchant of record). Legal basis: Art. 6(1)(b) + (c) GDPR.
  • Fraud prevention & stability — log data, IP addresses, rate limiting. Legal basis: Art. 6(1)(f) GDPR (legitimate interest in platform integrity).

3. Retention

Image retention depends on your plan and is enforced automatically:

PlanImage retention
Free30 days
Starter90 days
Growth180 days
Enterprise365 days (customizable)

After the retention window, image files are deleted from object storage. Forensic findings, scores and the perceptual hash (non-reconstructable) are kept — the hash enables cross-tenant duplicate detection of reused fraud images.

Account data is retained 30 days after cancellation (reactivation) and deleted afterwards. Billing-relevant data is kept 10 years (§ 147 AO, German Tax Code).

4. Recipients / Categories of Recipients

We share personal data with the following recipients:

Processors (acting on our documented instructions, Art. 28 GDPR)

  • Hetzner Online GmbH (Nuremberg, Germany) — server hosting (API, database, object storage). DPA in place.
  • Vercel Inc. (USA) — frontend hosting. EU-US Data Privacy Framework + SCCs. Active edge region documented in the DPA.
  • Anthropic PBC(USA) — AI vision analysis (~15 % of analyses, when pipeline stage 6 fires). No training on your data (Zero Data Retention). SCCs in place.
  • All-Inkl.com (Neue Medien Münnich) (Germany) — transactional email.

Independent Controllers

  • Dodo Payments (USA) — merchant-of-record payment processing. Dodo Payments processes billing data (name, email, billing address, VAT ID, payment-method tokens) in its own name and on its own responsibility as the seller of record under local tax and contract law. No image content or analysis results are transferred to Dodo Payments. Privacy policy: https://dodopayments.com/privacy.

5. International Transfers

Vercel and Anthropic are US-based. Transfers are based on EU Standard Contractual Clauses (SCCs) and the EU-US Data Privacy Framework. You can disable AI analysis — images then remain in Germany (Hetzner) exclusively.

6. Your Rights

You are entitled at any time to:

  • Access (Art. 15 GDPR)
  • Rectification (Art. 16 GDPR)
  • Erasure (Art. 17 GDPR)
  • Restriction (Art. 18 GDPR)
  • Data portability (Art. 20 GDPR)
  • Objection (Art. 21 GDPR)
  • Complaint with a supervisory authority

Requests: security@claimscan.io. We respond within 30 days.

7. Data Processing Agreement (DPA)

If you use Claimscan on behalf of your customers or for personal data of third parties, you are the "controller" and Claimscan is the "processor" (Art. 28 GDPR). Our full DPA is available here: Data Processing Agreement (DPA)— printable via your browser's print dialog. A counter-signed copy is available on request at security@claimscan.io.

8. Cookies and Local Storage

Claimscan only sets strictly necessary entries without consent (authentication token, language preference, the storage of your own cookie choice). Anything beyond that — web analytics (Umami) and optional error monitoring (Sentry) — is only loaded after your explicit opt-in. You can change or fully revoke your selection at any time via the cookie icon in the bottom-right corner of every page. A detailed cookie table listing provider, storage location and purpose is available inside the cookie banner.

9. Web Analytics (Umami)

We use Umami, a privacy-friendly, self-hosted web analytics tool, to understand and improve how our website is used. The Umami instance runs on our servers at Hetzner Online GmbH in Germany — there is no transfer of data to third countries.

Umami operates without legally relevant cookies and without storing your IP address. Only aggregated, non-personal metrics are recorded: visited page, referrer, anonymized country (derived from the IP, which is then discarded), browser and device type. Recognition of individual visitors is technically not possible — Umami builds a daily-rotating hash from IP + user agent which is not persisted.

We additionally load the script with the attribute data-do-not-track="true", so that the browser's "Do Not Track" header is honored. A short-lived entry is placed in localStorage under the key umami.cache for the duration of your session; when you revoke consent we additionally set umami.disabled=1, which disables tracking even if the script has been cached by your browser.

Legal basis: Art. 6(1)(a) GDPR (consent) in conjunction with § 25(1) TDDDG (German implementation of the ePrivacy Directive). Consent is voluntary and not required to use our service. You can withdraw it at any time via the cookie icon in the bottom-right corner — we then no longer load the script and remove the existing tag from the page DOM.

10. ClaimScan Shopify App

If you install ClaimScan as an app via the Shopify App Store, the following additional information applies. All other sections of this policy — in particular image analysis (section 2), retention (section 3) and processors (section 4) — apply unchanged to Shopify usage as well.

Data collected on installation

  • Shop domain (e.g. yourshop.myshopify.com) and the shop owner's email address— provided to us by Shopify during OAuth installation. Purpose: creating and linking your ClaimScan account (one account per shop). Legal basis: Art. 6(1)(b) GDPR (performance of a contract).

Data minimisation: the app requests no access to order or customer data (no read_orders or read_customersscopes). We do not read or store any orders or any of your end customers' data. Only the images you actively upload are analysed.

Payment processing

For app installations via the Shopify App Store, billing runs through Shopify Managed Pricing; Shopify International Limited(or the Shopify entity responsible for your region) processes the payment in its own name and replaces Dodo Payments (section 4) for this sales channel. No image content or analysis results are transferred to Shopify.

Mandatory GDPR webhooks and uninstallation

  • shop/redact — triggers full deletion of your ClaimScan account including uploaded images (cascading deletion, including perceptual hashes).
  • customers/data_request and customers/redact — since ClaimScan holds no data on your end customers, we have no data to provide and perform no deletion; receipt is logged for evidence.
  • Uninstallingthe app suspends your account; data is deleted after the plan-based retention window (section 3) expires.

11. Changes

We update this policy when processing or legal frameworks change. The current version is always available here.