Plainly: what we collect, where it lives, how long we keep it.

SihhaScan is a GCC-shelf product scanner, operated by Resilience Strategies — a private company registered in Muscat, Sultanate of Oman (CR 1608933, PO 2808, PC 130, Ghala). Our infrastructure is hosted in AWS me-central-1 (UAE region — the closest AWS region to the GCC).

We collect three categories of data:

• Account data — email, password (hashed), display name, language and region preference. Issued through AWS Cognito.
• Scan data — the barcode you scanned, the product the scan resolved to, the verdict version we returned, and the inputs hash that lets us re-derive that verdict later. Photos used for OCR are processed server-side and discarded after the text panel is extracted unless you explicitly save them to a product report.
• Profile rules — the allergens, diet rules, and halal preference you set. These drive the per-person verdict.

We do not collect contact lists, location beyond device-region, or analytics events that identify you personally.

All user data resides in AWS me-central-1 (UAE region). Cross-region replication is off by default. Backups are stored in the same region. Secrets are managed via AWS Secrets Manager with separate credentials per environment (development, staging, production).

We do not transfer user data to Firebase, Google Cloud, or any non-AWS region. We do not sell user data. We do not use it for advertising.

• Account data — as long as your account is active, plus 30 days after deletion for backup-rotation purposes.
• Scan history — kept indefinitely while your account is active so you can audit a verdict from a year ago. You can delete individual scans from your history in the app at any time.
• OCR images — discarded after text extraction unless explicitly saved to a product report.
• Server logs — 90 days, then aggregated.

You can, at any time:

• Request a copy of your data, including scan history and the rule-engine verdicts attached to each scan.
• Correct inaccurate profile data.
• Delete your account, which removes account data and disconnects scan history from your identity.
• Withdraw consent for any optional processing.

For any of the above, email privacy@sihhascan.com. We respond within 30 days.

SihhaScan is widely used by parents on behalf of their children — that is part of who we built the product for. The account itself, however, must belong to an adult (18+). When you create a child profile inside your account, that profile is tied to your account and the child does not have a separate login.

The website uses a single first-party cookie ( sihha_lang) to remember your language preference between visits. That is the only cookie we set. We do not use third-party advertising cookies.

For traffic analytics we use Plausible Analytics — a privacy-first, EU-hosted service that does not use cookies, does not collect IP addresses or any other personally-identifying data, and never builds a profile of you across sessions or sites. Plausible reports only aggregated counts (page views, referrers, country at the regional level) — there is nothing in those reports that can identify you. No data is shared with advertisers or third parties.

We update this policy when we change how we collect or store data. The “last reviewed” date at the top of this page reflects the most recent change. For material changes (e.g. a new data category or region) we will notify active users via the app and email.

Privacy and data-rights inquiries: privacy@sihhascan.com. Security disclosures: security@sihhascan.com.