Privacy Policy

Effective June 26, 2026

RackScan is a mobile app that analyzes photos of network, AV, and equipment racks. This policy explains what data the app collects, where it goes, and how to request deletion. Plain English; no dark patterns.

What we collect

What we do not collect

Where photos and AI data go

When you analyze a rack, the app sends your photo or selected image over HTTPS to RackScan's Cloudflare Worker backend. The backend forwards the image to Anthropic's Claude API to generate the assessment. Photos are processed for the request and are not intentionally stored by RackScan's backend in the current release. The returned assessment JSON may be stored locally on your device, and if you are signed in, may be stored in your RackScan workspace so you can view usage and scan history.

Signed-in analysis requests may also write the completed assessment JSON to an analysis retry cache. The cache is keyed by your workspace and a request identifier from the app. It is used only to return the same completed result if the app retries after a network hiccup or timeout, so a duplicate retry does not consume another scan credit.

Workspace login

Workspace login is optional. If you sign in, RackScan uses your email address to send a one-time password. Transactional email may be processed through Brevo or another email provider. Session tokens are stored on your device so you can remain signed in.

Billing and scan packs

Scan-pack purchases are managed by Google Play or the App Store, with RevenueCat used for purchase syncing. RackScan receives the pack product identifier, purchase and refund events, and related metadata needed to credit scans and AI questions to your workspace. RackScan does not receive your credit card or bank account details.

Data retention

Original rack photos are processed for the analysis request and are not intentionally stored by RackScan's backend in the current release. Workspace scan records and saved assessment JSON are kept until you delete them or request workspace deletion. Analysis retry cache entries are retained for up to 30 days. Operational scan metrics, such as success/failure status, latency, upload size estimates, and fallback status, are retained for up to 180 days. Billing, security, and support records may be retained longer when needed for app store disputes, fraud prevention, security, accounting, or legal obligations. Active abuse-prevention blocks are kept until they expire, are revoked, or are no longer needed for security or fraud prevention.

Security

RackScan encrypts data in transit using HTTPS. Access to workspace data requires a valid session. We use rate limiting, server-side usage checks, and abuse-prevention controls to protect the service. We avoid storing raw IP addresses in RackScan application tables for these controls; when a network identifier is needed, RackScan stores a cryptographic hash instead.

Your data, your control

For local device data, go to Settings - Delete All My Data in the app to wipe saved scans, clients, preferences, and local counters from that device. To delete a single local scan, long-press it in History.

To request deletion of a RackScan workspace account, cloud scan records, or associated workspace data, email support@rackscan.app from the email address connected to your workspace and include "RackScan data deletion" in the subject. We will verify the request and delete or anonymize associated workspace data unless we are required to keep limited records for legal, security, or billing reasons.

Children

RackScan is a professional utility and is not directed at children. We do not knowingly collect personal data from children.

Changes

If we change this policy materially, we will update the effective date and, when appropriate, notify active users in-app or by email.

Contact

Questions or requests: support@rackscan.app.

Back to RackScan