How to request deletion
- In the app: Open Profile → Personal Details → Delete account.
What we delete
- Your NordicScan account and identifiers. We permanently delete your AWS Cognito user (including email/username, display name, password hashes, linked SSO identifiers, auth/refresh tokens, and device push tokens). This also severs any account-to-device associations.
- Profile, preferences, and in-app activity tied to your account. This includes your profile in our databases (e.g., Redis), notification settings, “Custom Concerns” selections, favorites, history, saved searches, and other app state stored on our servers.
- Account-linked copies of content you provided. We delete images you uploaded (e.g., barcode/label/ingredient photos) and account-linked derivatives produced from them (OCR text, ingredient parses, model outputs/summaries, recommendation caches, and any associated metadata).
Note: We may retain de-identified copies of images solely for QA and model quality/fraud prevention as described in What may be retained. - Subscription records we control. We delete or anonymize your RevenueCat customer object and entitlements under our account (e.g., appUserID/aliases).
Important: Deletion does not cancel Apple/Google store subscriptions; please cancel in the app store first. - Analytics and telemetry under our control. We delete account-linked analytics/events and crash reports stored in our systems or those of our processors acting on our behalf, or we irreversibly de-identify them where full deletion is not technically feasible.
- Support interactions tied to your account. We delete or redact account identifiers in our ticketing/help desk records and in-app support threads, except where retention is required by law or necessary for security/dispute resolution.
- Backups and replicas. Deleted items are removed from active systems promptly and from routine backups/DR replicas during the normal overwrite cycle (typically within 35 days).
Additional notes:
- Third-party/legally required records. We cannot delete receipts/transaction records maintained independently by Apple, Google, payment networks, or taxation authorities.
- On-device data. Data stored locally on your device (e.g., cached images) is not deleted remotely; uninstall the app or clear app data to remove local copies.
- Irreversibility. Deletion is permanent; we cannot restore your account or historical data later.
What may be retained
- Legally required records (e.g., tax/transaction records kept by Apple/Google) and minimal internal logs for fraud/security for up to [30] days.
- Aggregated or fully de-identified analytics that are not reasonably linkable to you
- De-identified copies of product images you uploaded (e.g., photos of barcodes/labels/ingredients). We may retain copies without account identifiers or metadata (e.g., EXIF stripped, random file IDs) solely for quality assurance, improving OCR/ingredient extraction and recommendations, auditing model outputs, and preventing fraud/abuse. These images are not used for marketing or to build a personal profile. If an image inadvertently contains personal information, we will delete or redact it. You may request that we purge these de-identified images as well, and we will do so unless we must retain specific items for legal, security, or dispute-resolution reasons. Typical retention: up to 12 months.
Subscriptions
- Deleting your NordicScan account does not cancel app store subscriptions. Please cancel first to stop future charges:
- Manage on Google Play: https://play.google.com/store/account/subscriptions?package=co.nordicscan.app
- Manage on Apple App Store: https://apps.apple.com/account/subscriptions
Timing
We confirm your identity and complete deletion within 30 days. If we must retain data for fraud prevention or legal reasons, we’ll explain the details.
Contact
Questions? Email privacy@nordicscan.co