Privacy Policy LarasScan
Android app distributed through Google Play. Effective 2026-05-18.
1. Controller
Lara Knuth — Dresden AI Insights
Kurhausstr. 16, 01259 Dresden, Germany
Email: lara.knuth@larasdesk.com
Phone: +49 1567 8333414
VAT ID: DE458852148
Small-business operator under Section 19 UStG
Full mandatory information: see the Legal Notice.
2. Scope
This privacy policy applies to the Android app LarasScan. It informs you in accordance with Art. 13 GDPR about the type, scope, purpose and legal basis of the processing of personal data within the app.
3. Data processed
LarasScan processes the following data exclusively on your device:
- Receipt images that you actively capture using the in-app camera.
- OCR text extracted from those images by on-device text recognition (Google ML Kit).
- Fields derived from the text (date, merchant, amount, VAT rate, category).
- A SHA-256 hash chain per receipt for local consistency checks.
There is no automatic upload of receipt images, OCR text, derived fields, hashes or exports to LarasDesk servers, providers or other third parties.
4. Local storage (Section 25 TDDDG)
The data above is stored in the app's local database (IndexedDB inside the Android WebView). This storage is strictly necessary within the meaning of Section 25 (2) no. 2 TDDDG (German implementation of the ePrivacy Directive) so that the app can provide the service you have expressly requested (scan receipts, OCR, retrieval, export). No separate consent is required for this.
Automatic Android system cloud backup is disabled (android:allowBackup="false", android:fullBackupContent="false", android:dataExtractionRules). Data does not leave your device without an explicit action by you (CSV / DATEV export through the Android share sheet).
Legal basis: Art. 6 (1) (b) GDPR (performance of a contract — provision of the app functionality).
5. Use of Google ML Kit (Document Scanner, Text Recognition)
The app uses Google ML Kit (Document Scanner and Text Recognition v2) for receipt capture and text recognition. Processing of the images and recognised text runs on-device — content is not transmitted to Google.
Module download: on first invocation, Google Play Services may download ML Kit modules on demand. This involves transmission of technical data to Google (in particular IP address, device / installation identifiers, model name and version).
SDK diagnostics: according to the ML Kit Android Data Disclosure published by Google, the ML Kit SDK collects and transmits the following data to Google in encrypted form:
- Device information (manufacturer, model, OS version, build)
- App package name and app version
- API configuration (which ML Kit options are active)
- Performance metrics
- Event types (diagnostics, errors)
According to Google, this data is used for diagnostics, abuse prevention and service improvement. Receipt images and OCR text are not transmitted.
Controllership: for this SDK diagnostics, Google LLC acts as its own controller within the meaning of the GDPR. Google does not provide a data processing agreement under Art. 28 GDPR for ML Kit; given how the SDK works, none is required, because no user content is processed. See also the data processing assessment.
Legal basis: Art. 6 (1) (f) GDPR. Legitimate interest: providing a stable, low-error scan function based on a widely deployed SDK. The balancing test against your legitimate interests favours this interest because the transmitted data is technical in nature and contains no reference to your receipts or recognised text.
The inbound status of the ML Kit modules is visible inside the app under "Privacy status" / "Network log".
6. Third-country transfer (USA)
Loading ML Kit modules and SDK diagnostics may involve data transmission to Google LLC, headquartered in the USA.
Google LLC is certified under the EU-US Data Privacy Framework (DPF) following the European Commission's adequacy decision of 10 July 2023 (Decision (EU) 2023/1795). Google LLC's DPF participant entry is publicly available at dataprivacyframework.gov/participant/5780.
Google additionally relies on Standard Contractual Clauses under Art. 46 (2) (c) GDPR (Google overview).
Should the adequacy decision be revoked in future, this policy will be updated accordingly.
7. App permissions
- Camera (
android.permission.CAMERA): to capture receipt images. Android requests this permission only at first use of the scan function. You can revoke it at any time in the Android system settings. - Internet (
android.permission.INTERNET): exclusively for the ML Kit module downloads described in section 5 and for Google Play Services components needed by the document scanner during initialisation.
No further permissions are requested.
8. Advertising, tracking, analytics
LarasScan contains:
- no advertising,
- no in-app telemetry or analytics owned by LarasDesk,
- no in-app crash reporting that transmits personal data,
- no tracking cookies or advertising IDs,
- no social-media connections.
The Google ML Kit SDK diagnostics described in section 5 is the only connection to an external provider.
9. Legal bases at a glance
| Processing | Legal basis |
|---|---|
| Local processing of receipts / OCR / fields | Art. 6 (1) (b) GDPR (contract performance) |
| Local storage in IndexedDB | Art. 6 (1) (b) GDPR + Section 25 (2) no. 2 TDDDG (strictly necessary) |
| Google ML Kit SDK diagnostics | Art. 6 (1) (f) GDPR (legitimate interest) |
| Third-country transfer USA | Art. 45 GDPR (DPF adequacy), additionally Art. 46 GDPR (SCC) |
10. Storage duration
- Local data: stored for as long as you keep it in the app. You can delete individual receipts or all data at any time within the app. Uninstalling the app permanently removes all stored data.
- ML Kit diagnostics at Google: the storage duration is determined by Google. Details at policies.google.com/privacy.
11. Your rights as a data subject
Under GDPR, you have the following rights:
- Access (Art. 15 GDPR)
- Rectification (Art. 16 GDPR)
- Erasure (Art. 17 GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Objection to processing based on Art. 6 (1) (f) (Art. 21 GDPR)
- Lodge a complaint with a supervisory authority (Art. 77 GDPR)
Because LarasScan does not transmit any personal content data to LarasDesk, access and erasure requests for in-app content can only be fulfilled locally: delete individual records in the app, or clear app data in the Android system settings.
For ML Kit SDK diagnostics, please contact Google directly: support.google.com/policies/contact/general_privacy_form.
Competent supervisory authority for me as controller:
Saxon Data Protection Commissioner (Sächsischer Datenschutzbeauftragter), Devrientstraße 5, 01067 Dresden, Germany, saechsdsb.de
12. Sharing data with third parties
Apart from the ML Kit SDK diagnostics to Google described in section 5, no data is transmitted to third parties. There are no advertising networks, no tracking services, no external analytics providers.
13. Contact for privacy enquiries
Privacy enquiries: lara.knuth@larasdesk.com
14. Changes to this policy
This policy may be amended when the app's functionality or the legal framework (e.g. the DPF adequacy decision) changes. The current version is available at the URL linked above.