Privacy Policy - Lan Signer

Scope

This policy describes how we collect, use, disclose, and protect personal data when you use the Lan Signer mobile app (iOS/iPadOS) and related in-app experiences. Lan Signer helps individuals and businesses view, sign, summarize, and autofill PDF documents with on-device AI assistance. This is a PDF signing and document management tool and does not provide legal, tax, accounting, or notarization services. Your PDF documents, signatures, and AI summaries are stored locally on your device; optional iCloud backup is user controlled.

What we collect

Account and identifiers: We collect device identifiers such as the Firebase App Instance ID, the RevenueCat subscriber ID, and a push notification token if you enable notifications. We do not require email, password, or user accounts.

PDF documents and signatures: We store the PDF files you import, the electronic signatures you create using PencilKit, AI-generated document summaries, and autofill data locally on your device. This data remains on-device except when you enable iCloud backups.

User profile information: We process information you voluntarily enter for autofill purposes, including name, email, phone number, and address. This data is stored locally on your device in Core Data.

Preferences: We process in-app settings, onboarding completion, notification settings, backup preferences, and consent choices for optional analytics and crash reporting.

Usage and diagnostics (optional, requires consent): If you opt in to crash reporting, we collect crash logs, stack traces, and diagnostic information via Firebase Crashlytics. If you opt in to analytics, we collect app events, feature usage metrics, approximate device and app metadata (model, OS version, app version, timezone), and IP-derived coarse location via Firebase for analytics. These are configured without advertising features.

Payments/subscription metadata: We process store receipts, transaction identifiers, product identifiers, and active subscription status through Apple App Store and RevenueCat. We do not collect full payment card numbers.

Support communications: We process messages you send to us (e.g., via email) to handle support and feedback.

Why we process data (GDPR legal bases)

Provide and operate the service (Art. 6(1)(b)): We persist your PDF documents, signatures, user profile data, and AI summaries on-device, manage subscription entitlements and in-app purchases, deliver service notifications (processing status, subscription updates), and enable optional iCloud backup you choose to activate.

Improve and secure the app (Art. 6(1)(f)): If you opt in, we use analytics and diagnostics to understand performance, detect and remedy crashes, prevent fraud or misuse, and maintain service quality. These legitimate interests are balanced against your rights.

Comply with law (Art. 6(1)(c)): We retain purchase and accounting records and may respond to lawful requests where applicable.

Consent (Art. 6(1)(a)): We send optional marketing or non-essential notifications only with consent where required. We collect crash reports and analytics only with your explicit consent. You can withdraw consent at any time in-app or by emailing us.

What we don't do

We do not provide legal, tax, accounting, notarization, or authentication services; electronic signatures and AI summaries are your responsibility to review and validate. We do not enable advertising SDKs or cross-context behavioral advertising and ad tracking features are disabled. We do not sell, rent, or trade personal data. We do not collect full payment card numbers. We do not automatically upload your PDFs, signatures, or summaries to our servers; iCloud backup is optional and under your control. We do not authenticate signatory identity or guarantee legal validity of electronic signatures.

How we use data

We use your data to deliver core PDF viewing, electronic signature creation, AI-powered document summarization (using on-device Apple Intelligence), autofill suggestions, subscription entitlement validation, and optional iCloud backup. If you opt in, we use diagnostics to understand crashes and performance and to protect against abuse. If you opt in, we use analytics to measure feature adoption. We aggregate usage metrics for internal planning and do not sell them.

Sharing and disclosures

We share data only with service providers (processors) who help us run Lan Signer and who are bound to process it solely under our instructions:

• Google Firebase (Cloud Messaging, optional Crashlytics, optional Analytics) for push notifications, and optional crash reporting and analytics (policies: https://firebase.google.com/support/privacy)
• Apple App Store for in-app purchase processing and receipt validation (policies: https://www.apple.com/legal/privacy/)
• RevenueCat for subscription entitlements and receipt validation (policies: https://www.revenuecat.com/privacy/)
• Apple Intelligence (Foundation Models) for on-device AI summarization and autofill - no data leaves your device (policies: https://www.apple.com/legal/privacy/)

Analytics configuration: We do not enable Google Signals or advertising features; ad-related consents (ad_storage, ad_personalization, ad_user_data) are set to denied; we do not use IDFA; we disable IDFV collection on iOS.

Corporate transactions: If we merge, acquire, or sell assets, personal data may transfer under this policy.

Legal: We may disclose data to comply with law or protect rights, security, or integrity.

Refund-Related Data Sharing with Apple App Store Customers

If you request an Apple App Store refund, Apple may ask us to confirm limited consumption data (purchase identifier, subscription tier, time-stamped logs of premium feature access). We share only what is necessary to help Apple verify refund eligibility and prevent misuse.

International transfers

We are based in Sweden and may transfer data internationally. Where data leaves the EEA/UK, we rely on appropriate safeguards such as Standard Contractual Clauses together with technical and organizational measures.

Retention

PDF documents, signatures, user profile data, and AI summaries remain on your device while you actively use the app and for a reasonable period after last activity unless you delete them or request deletion. Diagnostics and analytics data (if you opt in) are typically retained for 14–26 months unless a shorter period is configured or longer retention is needed for security or legal obligations. Purchase and subscription records are retained as required for accounting, tax, and fraud prevention. iCloud backups (if enabled) reside in your personal iCloud Drive and follow Apple's retention; we do not access them.

Security

We apply technical and organizational measures appropriate to the risk, including encryption in transit (HTTPS/TLS), a local-first data model (Core Data on device), access controls and least privilege for service integrations, and iCloud encryption managed by Apple when you enable backup. No system is entirely secure and you are responsible for validating the accuracy and legal validity of electronic signatures, AI summaries, and autofill data before external use. We practice data minimization and retain only what is needed to operate and improve the service.

Children and age restrictions

Lan Signer is not directed to individuals under 18 and we do not knowingly collect personal data from users under 18. If you believe a minor has provided data, contact us so we can remove it.

Your rights

EEA/UK (GDPR): You may request access, rectification, erasure, restriction, portability, and object to processing based on legitimate interests, and you may withdraw consent at any time. You can also lodge a complaint with a supervisory authority.

California (CPRA): You have rights to know/access, correct, delete, and to non-discrimination. Sale/share disclosure: We do not sell or share personal information as defined by CPRA (including no cross-context behavioral advertising). Global Privacy Control (GPC): We honor applicable opt-out preference signals where required.

How to exercise: Use in-app privacy or backup settings (e.g., export or delete data) or email us. We may need to verify your request and will respond within 45 days (extendable once by 45 days where necessary).

Applicability note: California disclosures apply to the extent required by law; where not required we provide them voluntarily for transparency.

CalOPPA disclosures (California Online Privacy Protection Act)

Do Not Track (DNT) signals are not standardized and we do not currently respond to them. For California residents we honor applicable opt-out preference signals such as GPC where required. Our analytics and diagnostics providers (if you opt in) may collect information about app usage as described above.

State-specific notes (summary)

California (CPRA): We do not sell or share personal information, we provide access/correction/deletion rights, we honor opt-out preference signals as applicable, and we do not use sensitive personal information for additional purposes beyond delivering and securing the service.

Other US states: Where state privacy laws grant similar rights you may exercise them using the methods described.

Push notifications

Service-related notifications (e.g., subscription status, processing updates) are part of the app experience. You can control notifications via in-app settings or device system settings. Marketing or non-essential notifications are sent only with consent where required and you can opt out at any time.

On-Device AI Processing

Lan Signer uses Apple Intelligence (Foundation Models framework) to generate document summaries and suggest autofill values. All AI processing occurs entirely on your device. Your PDF content, extracted text, and AI-generated summaries never leave your device or transmit to our servers. Apple's privacy policies govern on-device AI features. We do not train models on your data or share your documents with third parties for AI purposes.

iCloud Backup

iCloud backup is optional, disabled by default, and entirely under your control. If you enable iCloud backup in Settings:

• Encrypted PDF files and Core Data backups are copied to your personal iCloud Drive
• Backup frequency, encryption, and storage are managed by Apple under iCloud Terms and Conditions
• We do not access, view, decrypt, or control your iCloud backups
• iCloud storage costs and limits are managed through your Apple account
• Restoration from iCloud backups is subject to Apple's availability and policies

You can disable iCloud backup at any time in Settings > Backup.

Electronic Signatures Legal Notice

Electronic signatures created using Lan Signer may or may not be legally valid, enforceable, or compliant with applicable laws in your jurisdiction. We do not verify signatory identity, authenticate documents, provide notarization, or guarantee acceptance by courts or third parties. You are solely responsible for determining whether electronic signatures are appropriate for your use case and complying with all applicable laws (including U.S. ESIGN Act, UETA, EU eIDAS Regulation, and other international electronic signature laws).

Changes to this policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact

Email: [email protected]

Address: Loheden AI Solutions AB, Vretavägen 26, 71993 Vintrosa, Sweden

Website: https://loheden.com