sbytex Built to Feel Like Magic.
Back to sbytex

KetoScanner

Privacy Policy

How KetoScanner processes food and label scans, AI feedback, rewarded ads, and app usage data.

Last updated: June 1, 2026

KetoScanner helps you scan food, packaging, and nutrition labels using AI-generated feedback. This Privacy Policy explains what data we process, why we process it, and what choices you have.

1. Who We Are

KetoScanner is provided by:

Carlos Simon Göhring
Schwaighofen 2A
82549 Königsdorf
Germany
Email: sbytex@myyahoo.com
Website: https://sbytex.net

For privacy requests, contact us at sbytex@myyahoo.com.

2. Data We Process

When you use KetoScanner, we may process the following data:

  • Photos you submit for food, meal, packaging, ingredient, or nutrition-label scans.
  • AI-generated scan results, including keto score, explanation, detected visible food or label information, and related recommendations.
  • Anonymous user identifiers created by the app. KetoScanner does not require you to create an account with your name, email address, or password.
  • Authentication tokens used to recognize the anonymous app user. These tokens are stored by the backend in hashed form.
  • A random app-install identifier stored on your device. The backend stores only a hashed version of this identifier.
  • Credit and usage data, such as free monthly uses, rewarded-ad credits, credit balances, and credit transactions.
  • Rewarded-ad data, such as reward session IDs, reward event IDs, reward status, granted credits, ad unit IDs, ad platform, and related AdMob server-side verification metadata.
  • Ad revenue event data, if available from the mobile ad SDK, such as value in micros, currency, precision, ad format, placement, platform, ad unit ID, and the related rewarded-ad session.
  • Technical job data needed to operate the backend, such as request IDs, app ID, job type, processing status, timestamps, attempt count, credit usage, error codes, and processing results.
  • Input metadata, such as image MIME type, approximate image size, base64 length, and whether an image was included. The backend is designed not to log or retain the raw base64 image content after processing is complete.
  • AI provider usage data, such as provider name, model, token counts, response ID, estimated API cost, and pricing configuration used for cost calculation. This usage data does not include the submitted photo or prompt text.
  • Backend analytics data, such as counts of users, scans started, scans completed, scans rejected, scans failed, rewarded ads completed, estimated API cost, and estimated ad revenue.
  • App-user analytics records, such as first seen and last seen timestamps for the anonymous app user.
  • Technical request data needed to operate and secure the service, such as request IDs, timestamps, request paths, status codes, processing times, and error types.
  • Network information such as IP address may be processed as part of normal server operations, hosting logs, access logs, abuse prevention, and security monitoring.
  • Device and advertising identifiers may be processed by Google Mobile Ads and related SDKs when rewarded ads are used.
  • Local app data stored on your device, such as anonymous auth tokens, anonymous user ID, install identifier, AI processing consent status, theme preference, pending-scan recovery data, scan history, and local copies of submitted images.

Food labels, packaging, receipts, or surrounding areas in photos may incidentally contain personal information. Avoid submitting photos that show personal information you do not want processed.

KetoScanner does not require your name, email address, password, payment card details, health records, food diary, precise location, or medical information to use the app. If you contact us for support or privacy requests, we may process the contact information and message content you provide.

3. How We Use Data

We use your data to:

  • Generate AI feedback for submitted food or label photos.
  • Return a keto score and simple explanation to the app.
  • Show your scan results and history in the app.
  • Manage free monthly uses, credits, rewarded-ad rewards, and credit balances.
  • Verify rewarded ads and prevent fake or duplicate reward claims.
  • Prevent misuse of the service and enforce fair usage limits.
  • Prevent duplicate job processing and handle interrupted or retried requests.
  • Diagnose errors, monitor reliability, estimate API costs, and maintain the backend.
  • Protect the security and integrity of the service.
  • Respond to support or privacy requests.

We may also use automated checks to determine whether submitted images are eligible for analysis. For example, KetoScanner may reject images with no visible food or label, unreadable label text, multiple unclear items, low image quality, or unsupported content.

4. AI Processing

When you submit a photo, the photo is sent to the KetoScanner backend. The backend sends the relevant image content to our AI provider, currently OpenAI, to generate the scan result or determine whether the image can be analyzed.

The frontend never calls the AI provider directly and does not contain AI provider API keys.

Submitted photos may be stored temporarily in backend job data while the scan is queued or processing. After the job succeeds, fails, or is marked as timed out, the backend removes the raw job input payload, including the submitted image, from the job record.

The backend may retain non-image job metadata, AI-generated outputs, error codes, rejection reasons, credit usage, and timestamps so the app can retrieve results, support pending-job recovery, maintain usage records, and support debugging.

Backend deletion controls data stored by KetoScanner's backend. It does not directly control any temporary retention, abuse monitoring, or processing performed by OpenAI under OpenAI's own API data controls.

We do not use submitted photos or scan results to train our own AI models.

5. Photos, Results, and Local Storage

Photos are processed to provide the requested keto scan. The generated output is meant to provide a practical estimate based on visible food, ingredient, and nutrition-label signals. It is not intended to be medical, dietetic, allergy, diabetes, pregnancy, eating-disorder, food-safety, or emergency advice.

Local history is stored on your device. This may include scan results and local copies of submitted images.

If you choose to save a reviewed image to your device photo library, the image will be stored locally on your device outside the app according to your device and photo-library settings.

The app's deletion feature is intended to remove local app history as well as request deletion of backend user data.

6. Rewarded Ads

If you run out of ad-free uses, you may choose to watch a rewarded ad to receive a credit.

Rewarded ads are served by Google AdMob. Google may process device information, advertising identifiers, ad interaction data, and related technical data according to Google's own policies. Google AdMob may use advertising identifiers and similar technologies to provide, personalize, and measure ads, depending on your region, platform settings, and consent choices.

In production, KetoScanner's backend may use AdMob server-side verification to confirm that a rewarded ad was completed before granting a credit. The backend receives and stores only the information needed to verify, audit, and record the reward, such as reward event ID, reward status, ad unit ID, reward amount, reward item, random ad session identifiers, and granted credits.

7. Credits, Free Uses, and Install Allowance

KetoScanner may provide free monthly uses and rewarded-ad credits. It does not currently offer paid subscriptions or credit packs.

To prevent misuse, such as repeatedly deleting data to reset free uses, the backend may store a minimal hashed app-install allowance record. This record is based on a random install identifier generated by the app and stored on your device. The backend stores only a hashed version of that identifier.

This install allowance record is used to track free monthly use limits for the same app install. It is separate from the anonymous user record and is not intended to directly identify you.

8. Legal Bases

Where the GDPR applies, we rely on the following legal bases:

  • Contract / requested service: to process photos and return AI-generated scans requested by you.
  • Legitimate interests: to operate the service, prevent misuse, secure the backend, manage credits, verify rewards, avoid duplicate processing, debug issues, estimate costs, and maintain reliable service operation.
  • Consent, where required: to send submitted photos to our third-party AI service provider for processing, and for certain advertising, tracking, or personalized ad technologies, depending on your region, platform settings, and choices presented by Google, Apple, Android, or other applicable consent systems.
  • Legal obligation: where processing is necessary to comply with applicable legal requirements or valid requests.

9. Data Storage and Retention

Backend data may include anonymous user records, hashed authentication tokens, hashed install identifiers, job records, AI outputs, credit records, rewarded-ad sessions and grants, ad revenue events, analytics records, rate-limit records, and technical logs.

Submitted photos are stored by the backend only as temporary job input while a scan is queued or processing. After the job succeeds, fails, or times out, the backend removes the raw input payload from the job record. The backend may still retain metadata about the input, such as image size, MIME type, and whether an image was included.

AI-generated scan results, job metadata, credit records, rewarded-ad records, and related operational records are retained until you delete your data in the app, request deletion, or the data is no longer needed for service operation.

If a scan is still queued or processing, data deletion may be temporarily blocked until the scan completes or times out. This prevents an in-progress AI job from finishing against deleted state.

Technical logs may be retained for a longer period where necessary for security, fraud prevention, abuse investigation, debugging, and service reliability.

The minimal hashed install allowance record may be retained after data deletion to prevent resetting free-use limits for the same app install. This record does not contain your name, email address, photo, scan result, or raw install identifier.

10. Data Deletion

You can delete your data in the app settings. You can also contact us at sbytex@myyahoo.com.

When backend deletion is requested, the backend deletes user-scoped records such as anonymous user records, hashed authentication tokens, AI job history, AI-generated outputs, billing and credit state, credit transactions, rewarded-ad sessions and grants, ad revenue events linked to the user, provider usage records linked to the user, app-user analytics rows, purchase records if any exist in the future, and rate-limit records tied to the user or install where applicable.

The backend may retain the minimal hashed install allowance record used to prevent resetting free monthly uses for the same app install.

11. Sharing of Data

We may share data with service providers that help us operate KetoScanner, including:

  • OpenAI, for AI scan generation and image analysis.
  • Google AdMob, for rewarded ads, ad delivery, ad measurement, and rewarded-ad verification.
  • Hosting, infrastructure, database, logging, monitoring, or security providers used to operate the backend.
  • Platform providers such as Apple or Google, where necessary for app distribution, device functionality, ads, or platform-level services.

We do not sell your submitted photos or scan content.

12. International Transfers

Some providers may process data outside your country or region, including outside the European Economic Area. Where required, we rely on appropriate safeguards such as standard contractual clauses or equivalent mechanisms used by those providers.

13. Your Rights

Depending on where you live, you may have rights to:

  • Access your personal data.
  • Delete your personal data.
  • Correct inaccurate data.
  • Restrict or object to processing.
  • Receive a copy of your data.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with your local data protection authority.

You can delete your data in the app settings. You can also contact us at sbytex@myyahoo.com.

14. Security

We use technical and organizational measures designed to protect your data. For example, the backend uses anonymous user IDs rather than requiring names or emails, stores authentication tokens in hashed form, stores the install identifier only as a hash, and avoids logging submitted image content.

No system is perfectly secure, so we cannot guarantee absolute security.

15. Changes

We may update this Privacy Policy from time to time. If we make material changes, we will update the "Last updated" date and, where appropriate, notify you in the app.