PRIVACY POLICY - SENDGUARD

Information on Data Processing According to Art. 13 of the General Data Protection Regulation (GDPR)

1. CONTROLLER

Balane GmbH Balanstraße 84 81541 Munich Germany

Contact: Email: privacy@sendguard.app Managing Director: Jonas David Höttler

2. BASIC INFORMATION ABOUT SENDGUARD

What is SendGuard?

SendGuard is a privacy app for iOS and macOS that scans documents, screenshots, and files for personal data before sharing. The app works 100% locally on your device - no cloud, no server uploads.

Our Privacy Promise

"Privacy by Design" - SendGuard was built to protect your privacy, not to collect data.

3. LOCAL DATA PROCESSING

What SendGuard does NOT do:

• →No cloud uploads: Your documents never leave your device
• →No registration: No account, no email address required
• →No telemetry: We don't see what you scan
• →No tracking cookies: Neither in the app nor on the website
• →No data collection: Neither usage statistics nor personal information

What SendGuard does:

• →Local processing: All scans happen directly on your iPhone/iPad/Mac
• →Temporary storage: Scanned data is only held in memory
• →Immediate deletion: No permanent storage of scan results
• →Offline operation: Works completely without internet connection

4. DETECTION TECHNOLOGIES

Used Apple Frameworks (local):

SendGuard performs all content analysis on-device. Image OCR and visual detection use Apple's Vision framework; entity and language analysis use NLTagger and NLEmbedding; optional contextual reasoning uses Apple's on-device FoundationModels (`SystemLanguageModel.default`). Additional frameworks: NSDataDetector (email, phone, etc.), Core Image (image processing), PDFKit (PDF metadata analysis).

Face Detection (local):

SendGuard includes an optional "blur faces" feature that locates faces in imported images so they can be redacted by the user before sharing or exporting the image. Face detection is performed entirely on-device using Apple's Vision framework (`VNDetectFaceRectanglesRequest`). Only face bounding-box coordinates and Vision's detection confidence score are extracted. No facial landmarks, no face embeddings, no biometric templates, and no identity recognition are computed, stored, or transmitted. Face bounding boxes exist only in volatile memory during the active analysis session and are discarded as soon as the user closes the analysis view or imports another image. They are never written to disk, never synced via iCloud or CloudKit, and never sent over the network.

No AI Cloud Services:

None of these invoke Private Cloud Compute or any third-party AI service. The only network communication is with Apple's CloudKit Public Database (`iCloud.tech.balane.SendGuard`) to download detection rule packs. The app sends a locale/country identifier and receives JSON rules. No user content, images, extracted text, or personal identifiers ever leave the device.

5. APP STORE & LICENSING

App Store Connect (Apple Inc.)

• →Purpose: Download and provision of the app
• →Processed data: Only Apple ID for download process
• →Legal basis: Art. 6 para. 1 lit. b GDPR (contract fulfillment)

In-App Purchases (PRO Version)

• →Processed data: Apple handles payment processing
• →No credit card data: We receive no payment information
• →Received data: Only confirmation of valid subscription (anonymized)

6. CLOUDKIT SYNCHRONIZATION (OPTIONAL)

Regex Rules Update Service

• →Purpose: Update detection rules for new data types
• →Technology used: Apple CloudKit
• →Processed data: No personal data
• →Transmitted content: Only anonymous pattern updates
• →Frequency: Maximum once daily, only with available internet connection
• →Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest)

7. SHARE EXTENSION

iOS Share Extension

• →Purpose: Direct scanning from other apps (Mail, Photos, etc.)
• →Processing: Completely local on your device
• →Temporary access: Only during active scan process
• →No storage: No permanent copy of shared content

8. YOUR RIGHTS

Data subject rights under GDPR:

• →Information (Art. 15): Information about processed data
• →Rectification (Art. 16): Correction of incorrect data
• →Erasure (Art. 17): "Right to be forgotten"
• →Restriction (Art. 18): Restriction of processing
• →Data portability (Art. 20): Export of your data
• →Objection (Art. 21): Objection to processing

Contact for privacy requests:

Email: privacy@sendguard.app

9. IMPORTANT DISCLAIMER

Compliance Notice:

SendGuard is a helper tool for GDPR compliance. The app cannot guarantee to detect all personal data.

For legal compliance:

• →Review documents manually as well
• →SendGuard does not replace legal advice
• →Detection accuracy depends on document quality and type
• →We assume no liability for undetected data

10. SUPERVISORY AUTHORITY

Bavarian State Office for Data Protection Supervision (BayLDA) Promenade 18 91522 Ansbach Germany

Contact: Phone: +49 (0) 981 180093-0 Email: poststelle@lda.bayern.de

11. CONTACT

Privacy & Data Protection: privacy@sendguard.app General Inquiries: hello@sendguard.app Support: support@sendguard.app

Last updated: 2026-04-14 Version: 1.0 Valid for: SendGuard iOS/macOS App