Privacy Policy

Last updated: April 6, 2026

Summary: Hand Receipt stores your data locally on your device. We don't sell, rent, or share your personal information. Cloud sync is optional and requires you to explicitly sign in.

1. Introduction

Hand Receipt ("we", "our", "us", or "the app") is a product of Le Design, designed for tracking equipment from DMLSS (Defense Medical Logistics Standard Support) hand receipts. This Privacy Policy describes how the app collects, uses, and safeguards information.

2. Information We Collect

2.1 Local Data (Stored on Your Device)

• Equipment inventory data imported from DMLSS PDFs and text exports — including ECN, NSN, nomenclature, serial numbers, location, manufacturer, and acquisition cost.
• Scan history recording when and where equipment was scanned.
• Equipment photos you capture for documentation, with optional captions.
• Location fingerprints — encrypted GPS coordinates and WiFi signal data — used to track item locations and detect mislocations.
• App preferences and settings.

2.2 Optional Cloud Data (Requires Sign-In)

• Account information: When you sign in with Apple or Google, we receive your name and email address from the identity provider.
• Synced inventory: Equipment records, scan history, photos, and location data sync to Firebase under your account or team for cross-device access.
• Team membership: If you join or create a team, your account is associated with that team's shared hand receipts.

2.3 Automatically Collected Information

• Device information: Device model, operating system version, and app version (used for crash reports and analytics).
• Anonymous usage analytics via Firebase Analytics, used to understand which features are used and to improve the app.
• Crash reports via Firebase Crashlytics when the app crashes.

3. How We Use Your Information

• Store and display your equipment inventory.
• Match equipment scans against your hand receipt for fast lookup.
• Track equipment locations within your facility and detect items that have moved.
• Sync data across your devices and team members when cloud sync is enabled.
• Generate reports and exports.
• Diagnose crashes and improve the app.
• Respond to your support requests.

4. Camera, Photos, and Location Permissions

• Camera: Required for scanning equipment labels with the ML-based scanner.
• Photos library: Optional. Used only when you save a scanned image or attach a photo to an item.
• Location (when in use): Used to record where equipment is scanned and to power indoor positioning.
• Local network: Used by indoor positioning to read WiFi fingerprints — no network traffic is sent to other devices.

5. Data Storage and Security

Hand Receipt data is stored locally on your device using SQLite. GPS coordinates are encrypted at rest. Optional cloud sync stores your data in Google Firebase (Firestore and Cloud Storage) under access controls scoped to your account or team. Data is encrypted in transit (HTTPS/TLS) and at rest by Firebase.

6. Data Sharing

We do not sell, rent, or share your personal information with third parties for advertising. The only third parties involved are infrastructure providers required to operate the app:

• Google Firebase — authentication, optional cloud sync, analytics, and crash reporting.
• Apple Sign-In — optional sign-in provider on iOS.
• Google Sign-In — optional sign-in provider.

7. Operational Security

Hand Receipt is intended for unclassified medical logistics tracking. Users are responsible for determining whether the data they enter is appropriate for the application and for following their unit's OPSEC guidance. Do not enter classified information.

8. Your Rights and Choices

• Access: You can view all your data through the app interface at any time.
• Export: Export your inventory in CSV, JSON, or Excel format from the Export tab.
• Delete individual records: Remove items from the inventory screen.
• Clear all data for a DODAAC: Settings › Database › Clear Equipment Data.
• Sign out: Settings › Cloud Sync › Sign Out.
• Delete account: Settings › Cloud Sync › Delete Account. This permanently deletes your cloud-stored data and your authentication account. Local data on your device is preserved unless you also clear it.
• Disable analytics: Disable training data contribution and analytics in Settings.

9. Data Retention

• Local data: Retained on your device until you delete it or uninstall the app.
• Cloud data: Retained while your account is active. Deleting your account through the in-app flow removes your cloud data immediately.
• Crash reports and analytics: Retained per Firebase's standard retention policies (typically up to 14 months for analytics events).

10. Children's Privacy

Hand Receipt is intended for professional use and is not directed at individuals under the age of 13. We do not knowingly collect personal information from children under 13.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be reflected by updating the "Last updated" date at the top of this page.

12. Contact Us

If you have questions about this Privacy Policy or your data:

Email: support@ledesign.dev
Subject: Hand Receipt Privacy Inquiry