Sitemap Updates
English
USD $
Updates
NEW
Claude & ChatGPT — Supercharged.
All documents · 409+ AI tools · 30s setup
Claude· ChatGPT· Cursor· Gemini· +50
Connect now
Platform
50+ AI modules & tools
Solutions
Industries, processes, risks
Developer
API, SDKs, documentation
Resources
Tutorials, blog, support
Company
Team, partners, careers
Pricing
Try Live Pricing Contact
Made with in Germany
Privacy · Cookies · Legal Notice · Terms
Platform
Document + Automation AI
CAPTURE
AI-IDP IDP Agents AI-OCR Human-in-the-Loop
PROCESSING
PDF AI PDF Anonymizer PDF AI-Split Storage Mounts
ORGANIZATION
AI-DMS Workspaces Classification PaperOffice Sign
AUTOMATION
Agentic Workflow Rules & Trigger Connectors AI Orchestrator
Analytics + Relations AI
Visualization
Knowledge Graph Dashboard Timeline
Analysis
Geo-Map Audit Center Financial Analytics
Insights
Contacts & Relations Entities Document Chat
Agent + Media AI
Agents
Chat Agent Phone Agent Ticket Agent Custom Agents
Language
Voice Generator (TTS) Voice Transcription (STT) Translation
Media
Image Generator Image Recognition
Knowledge + HelpDesk AI
Knowledge
HelpDesk AI Knowledge Base FAQ Management
Support
Smart Search Auto-Responses
Scheduling
Calendar AI Meeting-Types Public Booking
Security & Data AI
Security
Device Fingerprint Anonymity Detector Fake Email Detector
Location
IP2Location Geocoding Weather API PaperOffice AI Maps
Business
Currency Exchange VAT Validator
Solutions
By Industry
Banks & Finance Insurance Tax Advisors & Law Firms Industry & Production Trade & Logistics Energy & Utilities Healthcare & Pharma Real Estate Public Sector
By Problem
Document Chaos Information not findable Knowledge loss Manual data entry Processes too slow Scaling impossible Too many errors Compliance risks Support overloaded
By Process
Invoice Processing Digitize mailroom Onboarding Contract Management HR Processes Reporting & Analytics Archiving & Compliance Customer service Quality control
By Risk
Invoice Fraud Fake documents Identity Fraud VAT Fraud Intelligence Calculation errors in invoices Data manipulation Payment fraud Compliance violations Privacy / GDPR Audit gaps
By Document Type
Invoices & Receipts Bank Statements Tax Forms Contracts IDs & Documents Forms & Applications Handwritten Documents Technical Documents Medical Documents
Developer
Get started
Why PaperOffice API Platform 250+ Endpoints Developer Partner Program YouTube Tutorials
AI-First Development
llms.txt New Publishable Keys MCP Server AI Recipes
Technical
Authentication Webhooks Postman Collection GitHub Repository
Resources
Learn
Video Tutorials 100+ Blog Webinars
Resources
Case Studies Integrations
Support
Help Center Documentation Updates
Company
About Us
About PaperOffice The Team Locations Careers
Infrastructure
PaperOffice DataCenter Security & Compliance
More
Press Contact
Partner Program
Partner Overview Partner Video
Refer
Referral Partner Influencer Partner Developer Partner Whitelabel & OEM
Sales
Solutions Partner Solutions Partner Upgrade Channel Partner
PaperOffice Legal Framework · May 2026

Device Fingerprint API — Developer Compliance Guide

Integrator guide for the Device Fingerprint / Device Intelligence API under the Customer-Responsibility model: Controller vs Processor, retention, Art. 17 forget delegation, tenant isolation, and Network Intelligence.

The English version is the legally binding original. Convenience translations may be provided for information only.

← Back to Legal Overview

Device Fingerprint API — Developer Compliance Guide

Effective Date: May 19, 2026 Document Version: May 2026 Legally Binding Original Language: English

This guide is for B2B integrators using the PaperOffice Device Fingerprint / Device Intelligence API. It does not replace legal advice. The English version is binding.

1. Role Allocation (Default)

PartyGDPR RoleResponsibility
Customer (integrator)ControllerLawful basis, end-user notices, data subject rights, records of processing
PaperOfficeProcessorProcessing on documented instructions via API; tenant isolation; technical deletion on POST /privacy/forget

PaperOffice does not provide consent banners or per-call legal-basis validation. Maximum API features remain available; compliance obligations stay with Customer as Controller.

2. Integration Checklist

Before production use, Customer should confirm:

  1. Lawful basis documented (e.g. Art. 6(1)(f) GDPR legitimate interest where applicable — Customer decides).
  2. Privacy notice updated to describe device fingerprinting, purposes (fraud prevention, authentication, abuse detection), and retention.
  3. DPA generated and accepted via the in-platform Compliance Package.
  4. Bearer authentication — all data endpoints require a valid account context.
  5. Tenant scope — fingerprint data is isolated per workspace (root account) by default.
  6. Retention — default 90 days; configurable up to 365 days per account settings.
  7. Art. 17 delegation — implement POST /privacy/forget when erasure is required.
  8. Network Intelligence — cross-tenant network_pool=true only after separate contractual approval (legal@paperoffice.ai).
  9. No raw signal storage expectation — PaperOffice stores hashes and metadata, not raw canvas/audio payloads in the database.
  10. Sub-processors — review the public Sub-Processor List and generated Compliance Package.

3. Key API Endpoints

EndpointMethodPurpose
/fingerprint/identifyPOSTRegister or update device signals (tenant-scoped)
/fingerprint/verifyPOSTVerify visitor against stored signals
/fingerprint/device/{visitorId}GETRetrieve device metadata
/privacy/forgetPOSTArt. 17 erasure delegation (tombstone + delete)
/privacy/network_intelligenceGETAddon approval status
/fingerprint/similarGETSimilar devices (tenant-scoped; network_pool gated)

Each identify response includes a compliance object with data_categories, tenant_scope, retention_default_days, and customer_responsibility_notice.

4. Art. 17 Forget (Example)

``bash curl -X POST https://api.paperoffice.ai/latest/privacy/forget \ -H "Authorization: Bearer YOUR_TOKEN" \ -H "Content-Type: application/json" \ -d '{"visitor_id": "VISITOR_ID_HERE"}' ``

Re-ingestion of forgotten identifiers is blocked (IDENTIFIER_FORGOTTEN).

5. Privacy Notice Snippet (Template for Customer)

> Where we use device fingerprinting through PaperOffice AI, we process technical device and network characteristics (such as browser signals, hashed canvas/WebGL fingerprints, IP-derived metadata, and fraud-prevention scores) to secure our services, prevent abuse, and detect fraud. PaperOffice Enterprise Operations, S.L.U. acts as our processor under Article 28 GDPR. Data is processed in the EU. Default retention is 90 days unless we configure a shorter or longer period (maximum 365 days). You may exercise your rights under applicable data protection law by contacting us at [CUSTOMER CONTACT]. We will instruct our processor to delete relevant fingerprint records where required.

Customer must adapt this text to its jurisdiction and legal basis.

6. Network Intelligence

The optional Network Intelligence addon enables cross-tenant similarity pools when network_pool=true is set and the addon is approved for the account. Without approval, pool requests return 403 NETWORK_INTELLIGENCE_NOT_ENABLED.

Customer must ensure end-user disclosure where required before enabling cross-tenant features.

Last updated: May 19, 2026

© 2002–2026 PaperOffice Enterprise Operations, S.L.U. All rights reserved.

Last updated: May 10, 2026
Legally binding language: English