Boom Consulting LLC  ›  SplintFab Scanner

Privacy Policy

How the SplintFab Scanner app handles camera, depth, and scan data.

Last updated: June 2026

Boom Consulting LLC ("we", "our", or "us") built the SplintFab Scanner app for professional orthotics and prosthetics clinicians. This policy explains what information the app handles and how.

1. Data We Collect

We collect no personal information. The app does not create accounts, does not require a login, and does not transmit any data over the internet.

2. Camera and Depth Sensor

The app uses your iPhone's front TrueDepth camera and depth sensor solely to capture 3D scans. Camera images and depth data are processed entirely on your device in real time. No camera image, depth frame, or video stream is ever uploaded, shared with us, or accessible to any third party.

Camera permission is required for the app to function. If permission is denied the scanning feature will not be available.

3. Face Data (TrueDepth Camera)

The app uses Apple's TrueDepth camera API as a 3D measurement sensor. During a scan it captures depth maps (per-pixel distance measurements) and colour camera images of whatever is in front of the camera — normally a patient's foot, ankle, or hand. If the camera is pointed at a face, the same depth maps and images may incidentally include face data. This data is collected for one purpose only: to reconstruct a three-dimensional model (a coloured point cloud) of the scanned body part for orthotic and prosthetic fabrication. There are no other uses, planned or otherwise.

To keep the 3D scan stable while you move the device around the body part, the app uses Apple's ARKit face-tracking API (ARFaceTrackingConfiguration) purely as a motion sensor: it provides six-degrees-of-freedom camera position and orientation so successive depth frames can be aligned into a single model. We use only this position/orientation (pose) information. The app performs no facial recognition, no face identification, and no facial analysis of any kind; it does not create faceprints or biometric templates; it does not use face data for authentication, advertising, or identifying any person; and it cannot identify any person from a scan. Like all other camera and depth data, any face-tracking data is processed on the device in real time and never uploaded or shared.

Storage and retention: live depth frames and camera images are processed in memory on the device in real time and immediately discarded — they are never written to disk. Only the resulting 3D point cloud is stored, and only when you explicitly tap Save; it remains in the app's private sandbox on your device until you delete it. We never receive or retain any of this data, because the app transmits nothing.

Disclosure and sharing: face data — and all other camera, depth, and scan data — is never shared with us or with any third party, and is never uploaded to any server. It leaves your device only if you explicitly export a saved scan using the Share function. The app contains no third-party SDKs that can access camera or depth data.

4. Scan Data Storage

All 3D scans captured with the app are stored locally in the app's private sandbox on your device. Scans are never uploaded to any server, cloud service, or third-party system.

Scans are shared only when you explicitly choose to share them using the app's Share function (for example, via AirDrop or email). At that point the file is transferred by your choice; we have no involvement in or access to that transfer.

Deleting a scan in the app permanently removes the file from your device. We do not retain copies of deleted scans.

5. Analytics and Tracking

The app contains no analytics, telemetry, crash-reporting services, or advertising SDKs. No usage data of any kind is collected or transmitted.

6. Patient Data

When you scan a patient's foot or other body part, that scan constitutes sensitive health-related data. Under our architecture this data never leaves the device without your explicit action. Responsibility for appropriate handling, retention, and sharing of patient data in accordance with applicable healthcare privacy regulations (such as HIPAA in the United States) rests with the clinician and their organisation.

7. Children's Privacy

This app is intended for professional clinical use by adults. It is not directed at children under 13 and we do not knowingly collect any information from children.

8. Changes to This Policy

If we update this privacy policy we will revise the "Last updated" date above. The current version is always available at this URL and within the app under About → Privacy Policy.

9. Contact

For privacy questions or concerns please contact:

Boom Consulting LLC
SplintFab Scanner
sam@splintfab.com