Back to main page

Privacy Policy for the App “TextGrabber”

Last Updated: 24.09.2025

1. Introduction and Scope

This Privacy Policy informs you about the nature, scope, and purpose of the processing of personal data (hereinafter "Data") within our mobile app "TextGrabber" (hereinafter "App").

Protecting your privacy is the foundation of our App, which was developed according to the principles of "Privacy by Design" and "Privacy by Default." The core functions of the App—text recognition and translation—are performed exclusively on your device. Your images and the text extracted from them are not transmitted to us or to any external servers.

This policy outlines which data is processed locally on your device, what limited data is processed by third-party providers, and explains your rights under the EU General Data Protection Regulation (GDPR) and relevant U.S. data protection laws, such as the California Consumer Privacy Act (CCPA), as amended by the CPRA.

2. Controller and Point of Contact for Data Protection

The controller responsible for data processing within the meaning of the GDPR is Unifyzer.

Our full contact details, including our official postal address, can be found in our Website Imprint (Legal Notice).

For all data protection-related inquiries—particularly for exercising your rights—you can reach us directly at the following email address, which serves as your central point of contact:

Email: textgrabber@unifyzer.de

We strive to respond to inquiries without undue delay and at the latest within the statutory period of one month.

3. No Obligation to Appoint a Data Protection Officer

a) Legal Situation in the European Economic Area (EEA)
Pursuant to Art. 37 GDPR and relevant national laws (such as § 38 of the German Federal Data Protection Act - BDSG), we are not currently obligated to appoint a Data Protection Officer. Our core activity consists neither of large-scale processing of special categories of personal data (Art. 9 GDPR) nor of operations that require large-scale, regular, and systematic monitoring of data subjects. An obligation to appoint may arise under certain circumstances, for instance, if a Data Protection Impact Assessment (Art. 35 GDPR) becomes necessary. We continuously evaluate these criteria. Should an obligation to appoint a Data Protection Officer arise, we will promptly designate a qualified individual and publish their contact details here.

b) Legal Situation in the USA
Under U.S. law, there is no uniform federal requirement to appoint a "Data Protection Officer." However, certain federal or state laws (e.g., CCPA/CPRA) may establish specific responsibilities. We ensure compliance with all applicable regulations through ongoing review.

4. Types of Data Processed, Purposes, and Legal Bases

a) Data Processing on Your Device (Core Functionality)

The App processes the following data exclusively locally within your device's storage. This data never leaves your device to be sent to our servers.

  • Type of Data: Images you capture using the camera function or import from your photo library, as well as the text data extracted from them via optical character recognition (OCR). This content may potentially contain personal or sensitive information.
  • Purpose of Processing: To enable the text recognition and translation features and to store the recognized texts in a local history for your subsequent access.
  • Legal Basis (GDPR): The processing is necessary for the performance of the user agreement to provide the App's features (Art. 6(1)(b) GDPR). You actively initiate this processing by capturing or selecting an image.
  • Retention Period: The images used for recognition are held only temporarily in memory for the duration of the processing task and are discarded immediately thereafter. The extracted text is stored locally within the App until you delete it yourself or uninstall the App from your device.

b) Data Processing by Third-Party Providers (Service Stability)

For the text recognition and translation functionality, we integrate the "ML Kit" Software Development Kit (SDK) from Google.

  • Type of Data: According to Google, the ML Kit collects diagnostic data to maintain and improve the service. This includes performance metrics, information about API usage (e.g., which API and version are used), an installation-specific ID, device type, and crash logs. IP addresses may be processed for a short time. Your images and the recognized text are not collected.
  • Purpose of Processing: To ensure the stability, functionality, and security of the ML Kit service.
  • Legal Basis (GDPR): Our legitimate interest in using a functional and stable third-party library to provide our App's features (Art. 6(1)(f) GDPR).
  • Data Controller: For this data collection, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) or Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) is the independent controller. For more information, please refer to the Google Privacy Policy.

Our legitimate interest lies in providing a technically functional and stable app. We have carefully assessed that this technical interest does not override your rights and freedoms, especially since no content data (images, texts) is transferred to Google in this process, and the diagnostic data collected is limited to the necessary minimum.

c) Data Processing Upon Contact

  • Type of Data: Your email address and any other information you provide to us in your inquiry.
  • Purpose of Processing: To process and respond to your support or general inquiries.
  • Legal Basis (GDPR): The processing is necessary to handle your request (Art. 6(1)(b) GDPR) or is based on our legitimate interest in providing support (Art. 6(1)(f) GDPR).
  • Retention Period: Your inquiries will be deleted after final resolution, provided there are no legal retention obligations.

5. App Permissions

To provide its full functionality, the App requires access to certain device functions. These permissions are requested before first use and can be revoked by you at any time in your device's settings.

  • Camera: Needed to take photos for text recognition directly within the App.
  • Photo Library / Media Access: Needed to select existing images from your gallery for text recognition.
  • Network Access: Needed for the one-time download of language packs for offline translation and for the transmission of the diagnostic data described in Section 4.b) by Google ML Kit. The core functions (recognition, translation) work without an internet connection after the download.

6. Data Disclosure and Transfer to Third Countries

We do not disclose your personal data to third parties, with the exception of the limited diagnostic data collected by Google ML Kit as described in Section 4.b).

The transfer of this diagnostic data to Google's servers in the USA is based on an adequate level of data protection. Google LLC is certified under the EU-U.S. Data Privacy Framework, for which the EU Commission has issued an adequacy decision for such transfers.

7. Your Rights as a Data Subject

You have several rights regarding your personal data.

Rights under GDPR (for users in the EEA):

  • Right of Access (Art. 15 GDPR): You can request information about your data processed by us. As content data (saved texts) is stored only locally, you can access it directly in the App.
  • Right to Rectification (Art. 16 GDPR): You can request the correction of inaccurate data. You can edit your saved texts directly in the App.
  • Right to Erasure (Art. 17 GDPR): You can request the deletion of your data. You can delete your saved texts at any time within the App or by uninstalling the App.
  • Right to Restriction of Processing (Art. 18 GDPR): You can request the restriction of the processing of your data. Regarding email inquiries sent to us (Chapter 4.d), this would mean that we would store your inquiry but not process it further (except for storage) until the matter is resolved.
  • Right to Data Portability (Art. 20 GDPR): You can export a copy of your saved texts from the App.
  • Right to Object (Art. 21 GDPR): You have the right to object at any time to the processing of data based on our legitimate interests (e.g., the transmission of diagnostic data by ML Kit). As the use of ML Kit is technically essential for the App's functionality, an objection would, in practice, mean that you can no longer use the App. You can informally object to the processing of your data in the context of support requests by sending us an email.
  • Right to Withdraw Consent (Art. 7(3) GDPR): Consent given (e.g., for app permissions) can be withdrawn at any time with future effect.
  • Right to Lodge a Complaint with a Supervisory Authority (Art. 77 GDPR).

To exercise your rights concerning the diagnostic data collected by Google ML Kit, please contact Google directly. For all other inquiries, please contact us.

Additional Rights for Residents of U.S. States (e.g., California under CCPA/CPRA):

  • Right to Know: The right to know what personal information we collect about you.
  • Right to Delete: The right to request the deletion of your personal information.
  • Right to Correct: The right to correct inaccurate personal information.
  • Right to Opt-Out of Sale/Sharing: We do not sell or share your personal information.
  • Right to Limit Use of Sensitive Personal Information: As all sensitive data is processed exclusively on your device, this requirement is met by design.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights.

To exercise these rights, please contact us. Many of these rights are already fulfilled by the local-first design of the App's core functionality: you have full control over the texts stored on your device (Right to Know, Right to Delete, Right to Correct). Since we do not sell or share data, the Right to Opt-Out is also inapplicable. The remaining rights primarily relate to data generated during contact inquiries.

8. Data Security

We have developed the App using secure coding practices to protect the data stored within the App's sandboxed environment on your device. The security of the data also depends on the security mechanisms of your operating system and your own practices (e.g., using a device passcode). We cannot guarantee absolute security for data transmitted over the internet, such as when you contact us via email.

9. Children's Privacy

This App is not directed at children under the age of 16 (in the EEA) or 13 (in the U.S.). We do not knowingly collect personal information from children. If a parent or guardian becomes aware that their child has provided us with data (e.g., through a support request), please contact us so that we can delete such information promptly.

10. Changes to this Privacy Policy

We reserve the right to amend this Privacy Policy to ensure it always complies with current legal requirements or to implement changes to our services. In the event of material changes, we will inform you in an appropriate manner, for example, via a notice within the App.