Privacy Policy

Last updated: February 2026

1. Introduction

We appreciate your interest in our app Docbase. Protecting your personal data is important to us. In this privacy policy, we inform you about the processing of your personal data when using our app.

2. Data Controller

The data controller is:

Gazihan Isildak
Germany
Email: info@gzhn.online

3. Principle: Privacy by Design

Docbase was built from the ground up with the "Privacy by Design" principle. This means:

  • On-Device OCR: Text recognition is performed exclusively locally on your device. Your documents are never transmitted to our servers.
  • No Server Access to Documents: We never have access to your scanned documents or their contents.
  • Your Google Drive: Documents are stored in your personal Google Drive, not on our servers.
  • Limited Permissions: We use the drive.file scope, which only gives us access to files created by the app itself.

4. What Data Is Processed?

4.1 Account Data

During registration, we store:

  • Email address
  • Display name (optional)
  • Profile picture URL (for Google/Apple Sign-In)
  • Registration date
  • Subscription status

4.2 Document Metadata

For each document, we store the following metadata:

  • Document title
  • Category
  • Tags
  • Creation and modification date
  • Reference to the file in Google Drive

4.3 Usage Data

We collect anonymized usage data to improve the app, including:

  • App version
  • Device type and operating system version
  • Usage statistics (anonymized)

5. Legal Basis

Your data is processed based on the following legal grounds:

  • Contract Performance (Art. 6(1)(b) GDPR): For providing app functionality
  • Legitimate Interests (Art. 6(1)(f) GDPR): For app improvement and bug fixing
  • Consent (Art. 6(1)(a) GDPR): For optional features and marketing

6. Third-Party Services

6.1 Google Firebase

We use Google Firebase for authentication and metadata storage. For more information, see the Firebase Privacy Policy.

6.2 Google Drive

Documents are stored in your personal Google Drive. Usage is subject to the Google Privacy Policy.

6.3 RevenueCat

We use RevenueCat for subscription management. Details can be found in the RevenueCat Privacy Policy.

7. Your Rights

You have the following rights:

  • Right of Access (Art. 15 GDPR): You can request information about your stored data.
  • Right to Rectification (Art. 16 GDPR): You can request correction of inaccurate data.
  • Right to Erasure (Art. 17 GDPR): You can request deletion of your data.
  • Right to Data Portability (Art. 20 GDPR): You can receive your data in a structured format.
  • Right to Object (Art. 21 GDPR): You can object to the processing.
  • Right to Lodge a Complaint: You can file a complaint with a data protection authority.

8. Data Export

You can request a complete export of your data at any time. This feature is available in the app under Settings.

9. Data Deletion

When you delete your account, all personal data is permanently deleted. Documents in Google Drive remain in your Google account and must be deleted separately.

10. Data Security

We implement technical and organizational measures:

  • Encrypted data transmission (TLS/SSL)
  • Secure authentication via Google/Apple
  • Regular security audits

11. Changes

We reserve the right to update this privacy policy as needed. The current version is always available in the app and on our website.

12. Contact

For privacy questions, please contact us at:

Email: info@gzhn.online