Privacy Policy
Last updated: 2026-06-09
1. Who is responsible
The controller for the processing described here is the operator of DeviceShelf named in the Imprint. Questions and data-subject requests: [email protected].
2. The short version
DeviceShelf is a local-first network scanner. Your scan results — the devices on your network, their addresses, open ports and any notes — are stored only on the device that ran the scan. There is no DeviceShelf account, no DeviceShelf cloud, and the app contains no analytics or telemetry. Personal data is only processed for the few things a paid product genuinely needs: selling a licence, delivering it by email, answering your messages, and serving the website and downloads. Those are described below.
3. The app: scan data & telemetry
Scan data stays on your device. It is never transmitted to us. You can export it (JSON, CSV, XML, HTML, PDF) or delete it at any time. Licence verification runs offline via an ed25519 signature — the app does not phone home to check your licence.
Telemetry: none. The app does not report what you scan, what it finds, or that you launched it.
Optional features that send data — only if you enable them. These are off by default and run on your consent (Art. 6(1)(a) GDPR), which you can withdraw at any time by turning the feature off again; the data then goes straight to the third party you chose, never through us:
- AI features: if you add your own API key, prompts (which may include scan details) go directly from your device to the provider you chose — Anthropic, OpenAI, OpenRouter, Mistral, Groq, Google Gemini, or a local Ollama model. We never see or proxy them; their terms and privacy policies apply.
- Fingerbank lookup: if enabled, a device's DHCP fingerprint may be sent to fingerbank.org to help identify it.
- WAN-IP info: on demand, your public IP may be sent to ip-api.com to show your internet-facing details.
Don't trust us — verify it
With every opt-in feature turned off, DeviceShelf never connects to a DeviceShelf server — no telemetry, no update check, no license check, no analytics. License verification is offline (ed25519). The CVE hints and vendor names in the security report come from data bundled in the app (refreshed only when you update the app), so they make no network calls either.
What a packet capture will show — and what it means:
- Local scan traffic. DeviceShelf is a scanner, so it opens many connections to devices on your own network (ping/port sweeps, mDNS, SNMP…). That traffic stays within your LAN.
- DNS lookups go to whatever resolver your system is configured to use (possibly on the internet, e.g. your router or 1.1.1.1). That is your network's resolver, not a DeviceShelf endpoint.
- OS / WebView traffic. The app uses your operating system's built-in web view (WKWebView on macOS, WebView2 on Windows). The OS may make its own certificate/OCSP or vendor calls — that is macOS/Windows, not DeviceShelf.
- The only data that reaches the internet from DeviceShelf is from an optional feature you switch on — AI device-ID (to the provider whose key you supplied), Fingerbank, or WAN-IP — and it goes straight to that service, never through us.
Check it yourself with a per-app firewall (Little Snitch, or the free LuLu), or a capture filtered to non-local destinations:
sudo tcpdump -n 'not (net 192.168.0.0/16 or net 10.0.0.0/8 or net 172.16.0.0/12 or net 169.254.0.0/16 or net 224.0.0.0/4 or host 127.0.0.1)'
Launch DeviceShelf with opt-in features off — it starts a scan of your own
network automatically. Expected result: plenty of local LAN traffic, but
nothing to deviceshelf.app or any other
non-LAN destination beyond the OS/WebView/DNS noise above. If DeviceShelf
itself ever phones home with opt-ins off, that is a bug — please report it.
4. The website & downloads
Hosting & server logs. The website, our API endpoints and the download files are hosted on Cloudflare. To deliver content and defend against attacks, Cloudflare processes connection data (including IP address, request time and user-agent) in short-lived server/security logs. Legal basis: our legitimate interest in a secure, functioning service (Art. 6(1)(f) GDPR; Art. 31(1) Swiss FADP).
No tracking cookies, no analytics. deviceshelf.app sets no
advertising or analytics cookies and embeds no third-party trackers. The
only browser storage is a lang entry in localStorage that
remembers your chosen interface language (strictly functional).
Download statistics. When you download an installer we record an anonymous, aggregate entry — date, platform, version and a coarse country — to understand demand. We deliberately store no IP address, no user-agent and no other identifier, so this is not personal data. Legal basis: legitimate interest (Art. 6(1)(f) GDPR).
5. Contact form
If you use the contact form we process the name, email address, topic and message you enter, in order to receive and answer your request. Spam is filtered by a simple server-side method (a hidden “honeypot” field) — there is no CAPTCHA, no third-party anti-spam service and no tracking. Your message is relayed to our support inbox via our email provider (Resend); we do not store it in a database. Legal basis: steps prior to / performance of a contract and our legitimate interest in answering enquiries (Art. 6(1)(b) and (f) GDPR; Art. 31 Swiss FADP). We keep the correspondence only as long as needed to handle your request and any follow-up.
6. Buying a licence
Checkout and payment are handled by Polar as our Merchant of Record (see Imprint). Polar collects the data needed to process the order and issue an invoice (e.g. email, billing and payment details) under its own privacy policy. We receive your email address and licence key, which our licence service (a Cloudflare Worker) uses to generate and email your licence via Resend. Legal basis: performance of a contract (Art. 6(1)(b) GDPR). We retain purchase email and licence records as required for accounting and warranty purposes.
7. Processors & recipients
We use the following service providers, acting as our processors under Art. 28 GDPR where applicable. Where a provider is based outside Switzerland/the EEA, the transfer is safeguarded by the EU Standard Contractual Clauses and, where the provider is certified, the EU-US Data Privacy Framework. You can request a copy of the relevant safeguards from [email protected].
| Provider | Purpose | Location |
|---|---|---|
| Cloudflare, Inc. | Website & download hosting, API/licence/contact workers, anonymous download stats, inbound email routing, security logs | USA (EU edge) |
| Resend | Sending licence and contact emails | USA |
| Polar | Checkout, payment & invoicing (Merchant of Record) | USA |
| fingerbank.org | Optional, in-app device identification (only if you enable it) | Canada |
| ip-api.com | Optional, in-app WAN-IP lookup (only on demand) | EU |
8. Retention
We keep personal data only as long as necessary for the purpose it was collected, or as long as statutory retention periods (e.g. for invoices) require. Anonymous download statistics contain no personal data and are kept indefinitely in aggregate.
9. Your rights
Under the EU GDPR and the Swiss Federal Act on Data Protection (FADP) you have the right to access, rectification, erasure, restriction, data portability and to object to processing based on legitimate interests. Where processing is based on your consent, you may withdraw it at any time with effect for the future, without affecting the lawfulness of prior processing. To exercise any of these, email [email protected].
You also have the right to lodge a complaint with a supervisory authority — in Switzerland the Federal Data Protection and Information Commissioner (FDPIC/EDÖB), or your local EU/EEA data-protection authority.
10. Automated decisions & profiling
We do not carry out automated decision-making producing legal or similarly significant effects (Art. 22 GDPR), and we do not create personality or behaviour profiles. The optional in-app AI features identify devices, not people. The service is not directed at children.
11. Changes
We may update this policy as the product evolves. The date at the top reflects the latest version.
Contact
See the Imprint for legal contact details.