Privacy Policy
How MOSTECH INNOVATION handles your information.
Effective date: 2026-05-25
Last updated: 2026-06-15
Core Principles
- By default your data stays on your device (we store nothing on our servers)
- Bookmarks, notes, and highlights are stored locally — unless you turn on sync
- Cross-device sync is optional (opt-in) via Google Sign-In + Firebase on Android
- Purchases use Apple StoreKit (iOS) or Google Play Billing (Android)
- No tracking, analytics, or advertising SDKs — anywhere, anytime
- Contact us via LINE Official Account or company email
MOSTECH INNOVATION CO., LTD ("MOSTECH", "we", "us", "our") publishes this Privacy Policy to explain how we handle information in connection with our mobile applications — including Pramoul Tid Mue (ประมวลติดมือ) — and the mostechinnovation.com website (collectively, the "Services"). This policy is written in plain language. If anything is unclear, please contact us.
1. Scope
This Privacy Policy explains how MOSTECH INNOVATION CO., LTD (“MOSTECH”, “we”, “us”, “our”) handles information in connection with our mobile applications (currently: ประมวลติดมือ / Pramoul Tid Mue, available on the Apple App Store and Google Play) and the mostechinnovation.com website (together, the “Services”). This is a single, unified privacy policy covering both platforms so the same URL can be submitted to App Store Connect and Google Play Console. Additional apps released in the future will be added here as they ship.
2. Information We Collect
By default, the app works locally on your device and we do not collect personal data on our servers. Your highlights, notes, bookmarks, reading history, and settings are stored on your device only. There are two exceptions:
- In-app purchasesare handled entirely by Apple's StoreKit (on iOS) or Google Play Billing (on Android) when you choose to buy something — see Section 7.
- Optional cross-device sync(Android only): if you choose to sign in with a Google account, your user-generated content is synced via Google Firebase — see Section 3.
3. Cross-Device Sync (Opt-In)
Android users may optionally sign in with a Google account (Settings → Sync) to sync their highlights, notes, bookmarks, and reading history across their own devices via Google Firebase (Firestore and Firebase Authentication).
- Opt-in only— if you do not sign in, no data leaves your device.
- Data stored in the cloud: your Google account email and name, a user ID, and your user-generated content (highlights/notes/bookmarks/reading history).
- Encrypted in transit (TLS), stored under your account only, inaccessible to other users.
- Used solely for the sync feature — no advertising, marketing, or analytics, and never shared with third parties (Google Firebase acts as our data processor).
- Data may be processed on Google servers in the Singapore region (
asia-southeast1). - You can sign out at any time and request full deletion of your cloud data (see Section 11, “Account Deletion”).
4. Information We Do Not Collect
We do not collect, request, or have access to any of the following:
- Personal name, phone number, or address
- Location data (precise or coarse)
- Contacts, photos, microphone, or camera content
- Health, fitness, or motion data
- iCloud or Google Drive data
- Advertising identifiers (IDFA on iOS, AAID on Android)
- Analytics events, page views, or session recordings
- Crash logs are only shared if you have opted in via Apple's or Google's system-level setting
Exception: if you opt in to cross-device sync (Android only), we collect your Google account email and name and a user ID, used solely for the sync feature as described in Section 3.
5. Device Permissions
Our app does not request any device permissions (camera, microphone, location, contacts, photos, notifications, etc.) on either iOS or Android. On Android we also do not declare the com.google.android.gms.permission.AD_ID permission, because we never read the Advertising ID. If a future feature requires a permission, we will request it explicitly at the point of use and update this policy.
6. App Tracking Transparency (ATT) and Android equivalents
We do not track you across apps or websites.On iOS, we do not use Apple's Identifier for Advertisers (IDFA), so the App Tracking Transparency permission prompt is never displayed — there is no tracking to permit. On Android, we do not request the Advertising ID (AAID). The optional sync feature is used purely to synchronize your own content across your own devices and is never used to track you across other apps or websites.
7. In-App Purchases
In-app purchases are processed exclusively by the platform store you purchased from — either Apple via the App Store, or Google via Google Play. When you make a purchase:
- Your payment information (Apple ID or Google account, credit card, billing address) is handled by Apple or Google. We never see it.
- We receive only a validated entitlement (a list of unlocked product IDs) that allows the app to unlock the purchased content on your device.
- Previous purchases can be restored at any time using the standard Restore Purchases function inside the app.
- Refunds are handled by the platform store. For iOS, request a refund at reportaproblem.apple.com. For Android, follow Google's refund flow at support.google.com/googleplay.
Your unlock entitlement is cached locally in an encrypted, system- managed store: iOS Keychain on iOS, or EncryptedSharedPreferences backed by the Android Keystoreon Android. This cache contains only product IDs (no personal information) and lets the app work offline. The cache is reconciled with the platform's authoritative purchase records on every app launch via Transaction.currentEntitlements (iOS) or queryPurchasesAsync (Android), so refunds and entitlement revocations propagate automatically.
The in-app purchases support Apple Family Sharing on iOS and Google Play Family Libraryon Android. Eligible members of your family group can access the unlocked content without making a separate purchase, subject to each platform's family-sharing terms.
8. Third-Party Services
We do not integrate any third-party analytics services, advertising networks, or attribution SDKs. The app is built using the platform's native frameworks — on iOS: Foundation, SwiftUI, StoreKit, and CloudKit (for your own iCloud sync). On Android: AndroidX, Jetpack Compose, Google Play Billing, DataStore, and the Android Keystore. The only external service that may receive your data is Google Firebase(Firestore and Firebase Authentication), and only when you opt in to cross-device sync on Android — in which case Firebase acts as our data processor solely to provide the sync feature (see Section 3). No data is sent to any other third party.
9. Data Sharing, Sale, and Marketing
We do not sell, rent, trade, or otherwise disclose any personal information about you to any third party for advertising or marketing purposes. We do not engage in data brokering. We do not maintain mailing lists or marketing databases. The only sharing that occurs is with our service providers acting on our behalf — Apple/Google for purchase processing, and Google Firebase as our data processor for the optional sync feature — each used solely for the purposes described in this policy.
10. Data Retention and Deletion
Data stored locally by the app (such as bookmarks, notes, and highlights) remains on your device and is removed when you uninstall the app. If you opt in to cross-device sync, your synced content and account information are retained in the cloud under your account until you sign out and/or request deletion — see Section 11.
11. Account Deletion
On iOS, the app does not use any sign-in or account system — there is nothing to delete from our servers; simply uninstall the app to remove all on-device data.
On Android, signing in with a Google account is optional and used only for cross-device sync. You may:
- Sign out at any timefrom Settings → Sync; your on-device data is unaffected.
- Request full deletion of your cloud data from within the app, or by contacting us using the details in Section 27. This permanently deletes your synced content and account information (email, name, user ID) stored in Firebase.
Users who never sign in have no cloud data to delete.
12. Children's Privacy
Our apps are not directed to children. We do not knowingly collect personal information from children under 13 (per COPPA in the United States) or under 16 (per GDPR-K in the European Union). If you believe a child has provided us with personal information, please contact us at support@mostechinnovation.com and we will delete it promptly.
13. Age Rating
The Pramoul Tid Mue app is rated for general audiences on both the App Store (Apple age rating 4+) and Google Play (content rating: Everyone). The age rating reflects the nature of the legal content; no objectionable material is included.
14. GDPR (European Union and EEA)
If you are in the European Union or EEA, the General Data Protection Regulation (GDPR) applies to you. The data controller is:
MOSTECH INNOVATION CO., LTD
117/69 Moo 5, Salaya, Phutthamonthon, Nakhon Pathom 73170, Thailand
Email: support@mostechinnovation.com
If you have not opted in to sync, we do not process personal data, so most data-subject rights have no data to act upon. If you have opted in to sync, you may exercise the following rights with respect to your cloud data at any time by contacting us:
- Right of access
- Right to rectification
- Right to erasure (“right to be forgotten”)
- Right to restriction of processing
- Right to data portability
- Right to object
- Right to withdraw consent
- Right to lodge a complaint with a supervisory authority
15. UK GDPR
If you are in the United Kingdom, the UK GDPR and Data Protection Act 2018 apply. The same rights and contact information described under GDPR apply to you. You may lodge a complaint with the UK Information Commissioner's Office (ICO).
16. California (CCPA / CPRA)
If you are a California resident, the California Consumer Privacy Act (as amended by the CPRA) gives you the following rights:
- Right to know what personal information is collected (by default: none; if you opt in to sync: your Google account email/name, a user ID, and your synced content)
- Right to delete personal information
- Right to correct inaccurate personal information
- Right to opt-out of the sale or sharing of personal information — we do not sell or share personal information
- Right to limit the use of sensitive personal information — we do not collect sensitive personal information
- Right to non-discrimination for exercising your rights
To exercise any of these rights, contact us at support@mostechinnovation.com.
17. Thailand (PDPA)
Our company is registered in Thailand and complies with the Personal Data Protection Act B.E. 2562 (2019) (PDPA). The rights you are afforded under the PDPA include the right to access, rectification, erasure, restriction, objection, data portability, and to lodge a complaint with the Personal Data Protection Committee. To contact our designated point of contact for privacy questions, email support@mostechinnovation.com.
18. Brazil (LGPD)
If you are in Brazil, the Lei Geral de Proteção de Dados (LGPD) applies. You retain all rights under Article 18 of the LGPD and may contact us to exercise them.
19. Canada (PIPEDA)
For users in Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) applies where relevant. You may contact us to exercise your rights regarding any personal information we hold.
20. International Data Transfers
If you do not opt in to sync, no data leaves your device as a result of our processing. If you opt in to cross-device sync, your data may be processed and stored on Google Firebase servers in the Singapore region (asia-southeast1). Any data exchanged through Apple's StoreKit or Google Play Billing (for purchase validation) is transferred and stored by Apple or Google respectively, not by us, and is governed by Apple's Privacy Policy and Google's Privacy Policy.
21. Security
On-device data is protected by the platform's built-in sandboxing and encryption mechanisms — iOS Keychain and app sandbox on iOS, Android Keystore and EncryptedSharedPreferences on Android. If you opt in to cross-device sync, data exchanged with Google Firebase is encrypted in transit (TLS) and access-controlled so that it is accessible only under your account. We follow secure development practices for our website and app binaries.
22. Platform Privacy Declarations
iOS Privacy Manifest:In compliance with Apple's requirement effective May 2024, our app includes a Privacy Manifest file (PrivacyInfo.xcprivacy) that declares any required-reason APIs used by the app and confirms that no data is collected for tracking purposes.
Google Play Data Safety: Because the Android app offers optional cross-device sync, our Google Play Console Data Safety form declares that, when you opt in to sync, we collect and store your account info (email and name), a user ID, and your app-generated content (highlights, notes, bookmarks, reading history). This data is encrypted in transit, is not used to track users across other apps and websites, not shared with third parties (Google Firebase acts as our processor), and can be deleted on request. If you do not sign in, no data is collected. Purchase history is processed by the platform store (not collected by us).
23. Changes to This Policy
If we make material changes to this Privacy Policy, we will update the “Last updated” date and, where appropriate, post a notice on our website or within the app. The current version of the policy is always available at mostechinnovation.com/en/privacy.
24. Consent
By using our Services, you acknowledge that you have read this Privacy Policy and consent to the practices described in it.
25. Severability
If any provision of this Privacy Policy is found to be invalid or unenforceable, the remaining provisions shall remain in full force and effect.
26. Governing Law
This Privacy Policy is governed by the laws of the Kingdom of Thailand, without regard to its conflict-of-laws principles. For users in other jurisdictions, the relevant local privacy laws described in this policy also apply where they grant additional protections.
27. Contact
For any privacy questions, concerns, or requests to exercise your rights (including deletion of your synced data), please contact us:
- Email: support@mostechinnovation.com
- LINE Official Account: LINE Official Account (lin.ee/PhJXRgj)
- Postal address: MOSTECH INNOVATION CO., LTD, 117/69 Moo 5, Salaya, Phutthamonthon, Nakhon Pathom 73170, Thailand
- Response time: We aim to respond to all privacy inquiries within 30 days, in line with PDPA, GDPR, and other applicable requirements.
28. Effective Date
This Privacy Policy is effective as of 25 May 2026 and was last updated on 15 June 2026 (dual-platform coverage for Apple App Store and Google Play, including optional cross-device sync on Android).