diff --git a/config/permissions.yaml b/config/permissions.yaml
index 52bb8947..d1d0f94a 100644
--- a/config/permissions.yaml
+++ b/config/permissions.yaml
@@ -291,6 +291,9 @@ perms: # Here comes a list with all Permission names (they have a perm_[name] co
       timetravel:
         label: "perm.tools.timeTravel"
         bit: 14
+      label_scanner:
+        label: "perm.tools.label_scanner"
+        bit: 16
 
   groups:
     label: "perm.groups"
diff --git a/src/Controller/ScanController.php b/src/Controller/ScanController.php
index 750fccad..bff7f928 100644
--- a/src/Controller/ScanController.php
+++ b/src/Controller/ScanController.php
@@ -51,6 +51,8 @@ class ScanController extends AbstractController
      */
     public function dialog(Request $request): Response
     {
+        $this->denyAccessUnlessGranted('@tools.label_scanner');
+
         $form = $this->createForm(ScanDialogType::class);
         $form->handleRequest($request);
 
diff --git a/src/Services/Trees/ToolsTreeBuilder.php b/src/Services/Trees/ToolsTreeBuilder.php
index de082f0e..184359f8 100644
--- a/src/Services/Trees/ToolsTreeBuilder.php
+++ b/src/Services/Trees/ToolsTreeBuilder.php
@@ -118,17 +118,19 @@ class ToolsTreeBuilder
     {
         $nodes = [];
 
-        if($this->security->isGranted('@labels.create_labels')) {
+        if ($this->security->isGranted('@labels.create_labels')) {
             $nodes[] = new TreeViewNode(
                 $this->translator->trans('tree.tools.tools.label_dialog'),
                 $this->urlGenerator->generate('label_dialog')
             );
         }
 
-        $nodes[] = new TreeViewNode(
-            $this->translator->trans('tree.tools.tools.label_scanner'),
-            $this->urlGenerator->generate('scan_dialog')
-        );
+        if ($this->security->isGranted('@tools.label_scanner')) {
+            $nodes[] = new TreeViewNode(
+                $this->translator->trans('tree.tools.tools.label_scanner'),
+                $this->urlGenerator->generate('scan_dialog')
+            );
+        }
 
         return $nodes;
     }
diff --git a/templates/_navbar.html.twig b/templates/_navbar.html.twig
index f5bb5885..ac1eef49 100644
--- a/templates/_navbar.html.twig
+++ b/templates/_navbar.html.twig
@@ -17,16 +17,18 @@
 
     <div class="collapse navbar-collapse" id="navbarContent">
         <ul class="navbar-nav mr-auto">
-            <li class="nav-item">
-                <a class="nav-link" href="{{ url("scan_dialog") }}">{% trans %}navbar.scanner.link{% endtrans %}</a>
-            </li>
+            {% if is_granted("@tools.label_scanner") %}
+                <li class="nav-item">
+                    <a class="nav-link" href="{{ url("scan_dialog") }}">{% trans %}navbar.scanner.link{% endtrans %}</a>
+                </li>
+            {% endif %}
         </ul>
 
         <div class="form-inline my-2 my-lg-0 ml-auto" id="searchbar">
             <!-- Searchbar -->
             {% include "_navbar_search.html.twig" %}
         </div>
-        
+
         <ul class="navbar-nav ml-3" id="login-content">
             <li class="nav-item dropdown">
                 <a href="#" class="dropdown-toggle link-anchor nav-link" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">