Privacy Policy for PixelRelay

Effective Date: May 31, 2026
Last Updated: May 31, 2026

Introduction

ApApps ("we," "our," or "us") operates the PixelRelay applications for macOS and Android (collectively, the "Service"). This Privacy Policy explains how PixelRelay handles your information when you use it to browse your Pixel from your Mac, download photos, videos, and files, and back up the contents of your phone.

Please read this Privacy Policy carefully. By using PixelRelay, you consent to the practices described here.

Privacy First Approach: PixelRelay is designed to keep your data on your devices. The app has no cloud component, no user accounts, and no servers we operate. Pairing and file transfer happen directly between your Pixel and your Mac over your local network — nothing is uploaded to us or to any third party.

Information We Collect

What We Collect About You

Nothing. PixelRelay collects no personal information about you.

  • There are no user accounts, sign-ups, or sign-ins
  • We do not ask for your name, email address, phone number, or any other personal identifier
  • We do not assign you a user ID, anonymous or otherwise
  • We do not contact any server we operate — ever

Photos, Videos, and Files

PixelRelay's purpose is to move your photos, videos, and other files between your paired Pixel and Mac. Here is exactly how that data is handled:

  • On your Pixel: The app reads photos, videos, audio, and documents from Android's MediaStore so you can browse and choose what to send. Files you choose are streamed directly to your paired Mac over your local network
  • On your Mac: Received files are written to a folder you pick (by default, ~/Downloads/PixelRelay). The app may also pull files from the paired Pixel on demand when you browse them
  • Direct device-to-device only: Transfers travel directly between the two devices over your Wi-Fi network. They never pass through ApApps, any cloud service, or any third-party relay
  • Encrypted in transit: All transfers are protected by TLS, with the Mac pinning the Pixel's certificate fingerprint at pairing time so only that paired phone can connect
  • Local thumbnails and indexes: To make browsing fast, both apps build a local index of file names, sizes, dates, and small thumbnails. This index lives only on the device that built it and is removed when you unpair or uninstall

Pairing Information

To establish a secure link between your Pixel and Mac, the apps generate and store the following on each device:

  • A device-generated identifier and the device's display name (e.g., "Ankit's Pixel 8")
  • The model and OS version of the paired device, so the app can show a friendly label in the UI
  • Cryptographic keys and certificates used to authenticate each side and lock future connections to the specific paired device
  • A short-lived pairing token (presented as a QR code, valid for a few minutes) used only during initial pairing

This information is generated on your devices, is exchanged only between them, and never leaves your local network. Pairing keys and certificates are stored in the platform's secure storage — the macOS Keychain and the Android Keystore.

The pairing handshake also includes a freshly generated nonce and timestamp. The phone rejects any replayed handshake within a short window, which protects you against a captured handshake being reused later. This is a local-network protection — nothing about it leaves your devices.

Local Network Discovery

To find each other on your Wi-Fi network, the apps use Bonjour / mDNS, the standard Apple and Android local-discovery protocol. While the apps are running, the Pixel advertises its display name, model, OS version, and app version on the local network so the Mac can find it. This advertisement is visible only to other devices on the same Wi-Fi network — it does not reach the internet.

App Preferences

PixelRelay stores your settings locally on each device, including:

  • Theme and appearance preferences
  • The download folder you select on the Mac
  • Transfer-related settings (such as how many files transfer at once, whether the phone stays awake during transfers, and notification preferences)
  • Whether you have completed onboarding

These settings are stored using the platforms' standard preference systems (macOS UserDefaults and Android DataStore / SharedPreferences) and never leave your device.

Local Logs

Both apps write debug logs to help diagnose issues:

  • macOS: Uses Apple's standard os.Logger system. Logs stay in macOS's local logging facility
  • Android: Uses an in-memory ring buffer (kept small — the most recent few hundred entries) plus standard Android logcat output
  • Pairing diagnostics: When pairing or reconnecting, the apps write detailed diagnostic entries that may include short pairing-token prefixes and the IP address and port of the device on the other end of the local connection. These entries help us reason about pairing failures during development; they remain inside os.Logger on macOS and logcat on Android, and are never transmitted off-device by the app
  • Never transmitted: No log entry is sent off-device by the app. If you want to share a log to help us troubleshoot, you can export it manually and email it to us — but this is entirely optional and user-initiated

What We Do NOT Collect

  • Your name, email address, phone number, or physical address
  • Account credentials of any kind — the app has no accounts
  • Payment information — the app is free and processes no purchases
  • Location data, contacts, calendars, or browsing history
  • Device identifiers or hardware IDs (Android Advertising ID, IDFA, etc.)
  • Crash reports, analytics, or telemetry of any kind
  • Any data used for advertising or marketing purposes

How Your Information Is Used

Core App Functionality

  • Pairing: Establishing a secure, encrypted link between your Pixel and your Mac the first time you connect
  • Discovery: Finding your paired device on your local Wi-Fi network when both apps are open
  • File Transfer: Streaming the photos, videos, and files you choose directly between the two devices
  • Browsing: Showing you a list of available files on the paired device, with thumbnails and metadata, so you can pick what to transfer
  • Notifications: Letting you know when a transfer completes or needs your attention. All notifications are local to your device

Product Improvement

PixelRelay does not collect product-improvement data of any kind. The app contains no analytics SDKs, no usage tracking, and no telemetry beacons. We rely solely on user-initiated bug reports, App Store reviews, and feature requests sent by email to learn how the app is used.

What We Do NOT Do

  • We do not upload, copy, or transmit your photos, videos, or files to any server we operate
  • We do not share your data with advertisers, data brokers, or third parties
  • We do not serve advertisements of any kind
  • We do not use cookies, tracking pixels, or third-party tracking services
  • We do not use third-party analytics SDKs (such as Firebase, Crashlytics, Sentry, Amplitude, or similar)
  • We do not sell, rent, or trade your information — there is nothing to sell

Data Storage and Security

Local Storage Only

All data associated with PixelRelay is stored on the device that created it:

  • App settings: Stored in macOS UserDefaults and Android DataStore / SharedPreferences
  • Pairing keys and certificates: Stored in macOS Keychain on Mac, and in Android Keystore plus EncryptedSharedPreferences on Pixel — both protected by the platform's hardware-backed security
  • Transfer history and media index: Stored in a local SQLite / Room database on each device
  • Thumbnails: Cached locally in the app's sandboxed storage, removed when you unpair or uninstall
  • Received files: Written to a location you pick (the Downloads folder on Mac, or a Storage Access Framework folder you choose on Android). PixelRelay does not retain a separate copy

Encryption in Transit

  • All connections between the Pixel and the Mac use HTTPS / TLS
  • At pairing time, the Mac locks onto the specific paired Pixel's certificate, so it will refuse to connect to any other device claiming to be that Pixel
  • Local discovery traffic (Bonjour / mDNS) is unencrypted by design — this is how the protocol works on every platform — but contains only your device's display name, model, OS version, and app version, never your files or pairing secrets

Encryption at Rest

  • Pairing keys and certificates: Encrypted by the operating system using the macOS Keychain and the Android Keystore, with AES-256 encryption
  • Your files: Stored on disk according to your operating system's normal file protections. We recommend enabling FileVault on your Mac and a screen lock with biometrics on your Pixel to keep them protected if a device is lost or stolen

Your Responsibilities

  • Trusted network: Use PixelRelay on Wi-Fi networks you trust. The TLS certificate pinning protects against impersonation, but a hostile network can still see that two devices are talking
  • Device security: Keep your devices protected with a passcode, Face ID, Touch ID, or fingerprint. Anyone with physical access to an unlocked, paired device can transfer files using PixelRelay
  • App updates: Keep PixelRelay updated to receive security improvements

Network Activity

PixelRelay's network activity is limited to two things: discovering your paired device on your local Wi-Fi, and transferring files directly between your Pixel and your Mac over an encrypted connection. The app does not connect to any host on the public internet, does not contact ApApps, and has no remote API. You can verify this by using PixelRelay on a Wi-Fi network with no internet access — all functionality continues to work.

Permissions Explained

macOS Permissions

  • Local Network: Required to find your paired Pixel via Bonjour and connect to it
  • Outgoing network connections: Required to open a TLS connection to your paired Pixel's local IP address
  • Downloads folder access: Required to save received files. You can choose a different folder in Settings
  • User-selected file access: Required when you pick a custom download location, so the app can keep using it across launches

The Mac app is sandboxed and does not request permission to access your Photos library, Contacts, Calendar, Camera, Microphone, or any other system resource.

Android Permissions

  • Internet, Network State, Wi-Fi State, Multicast: Required for Bonjour / mDNS discovery and for the embedded TLS server that the Mac connects to. No traffic leaves your local network
  • Nearby Wi-Fi Devices (Android 13+): Required to advertise and discover the PixelRelay service on your local network. Tagged neverForLocation — the app does not use it to determine your location
  • Read Media (Images, Video, Audio, User-Selected): Required to enumerate the photos, videos, and audio files you can choose to transfer. Files are read only when you select them or when you ask the Mac to browse
  • Camera: Required only to scan the QR code shown by the Mac during initial pairing. No images are saved or transmitted
  • Manage External Storage (optional): If you opt in, this lets the app browse and back up files outside your media folders. The permission is requested only when you choose to enable broader access — the app works fine without it
  • Foreground Service, Wake Lock, Boot Completed: Required to keep transfers running reliably while your phone is locked or transitioning between Wi-Fi and other states. The foreground service shows a persistent notification while it's running, as Android requires
  • Post Notifications (Android 13+): Required to show transfer progress and completion notifications
  • Ignore Battery Optimizations (optional): Requested only if you want long transfers to keep running while your phone is idle. You can decline; the app works without it

Data Sharing and Disclosure

We Do Not Sell or Share Your Data

We do not sell, rent, share, or trade your information to third parties under any circumstances. Because PixelRelay does not transmit your data to us in the first place, there is no data to share.

No Third-Party Services

PixelRelay does not integrate with any third-party services. Specifically, it does not use:

  • Cloud storage providers (AWS, Google Cloud, iCloud, Dropbox, etc.)
  • Authentication services (Sign in with Apple, Google Sign-In, etc.)
  • Analytics or crash reporting (Firebase, Crashlytics, Sentry, Amplitude, Mixpanel, etc.)
  • Advertising networks or trackers of any kind
  • Push notification services — all notifications are generated locally on your device

External Links

The app may open external links in your browser when you choose to:

  • Visit our website or contact support via email
  • Rate the app on the App Store or Google Play

These actions are user-initiated and do not transmit your files or app data. We are not responsible for the privacy practices of those external services.

Legal Requirements

Because we do not collect or store your data, we have no data to disclose in response to legal requests. In the unlikely event we are compelled to disclose information, we would only be able to disclose what we have, which is nothing relating to your use of the app.

Your Rights and Choices

Complete Control

You have full control over your data because all of it lives on your devices:

  • View your data: Your transfer history, paired devices, and settings are all visible inside the app
  • Edit your data: You can rename, delete, or move transferred files using your operating system's standard file tools
  • Unpair: You can unpair a device at any time. Unpairing removes the stored keys, certificate fingerprint, and transfer history for that device on both sides
  • Delete the app: Uninstalling PixelRelay removes all local databases, settings, thumbnails, and pairing secrets. Files you previously received and saved to your Downloads folder (or other chosen location) are not affected and remain in place — they belong to you

Stopping All Network Activity

If you want PixelRelay to perform no network activity at all:

  • On Android: stop the foreground service from the app's Settings, or force-stop the app
  • On macOS: quit the app
  • Or simply disable Wi-Fi — the app has no other network path

Data Retention

Retention

  • App settings, pairing data, transfer history: Retained on your device until you unpair, clear them in the app, or uninstall
  • Cached thumbnails and metadata: Retained until you unpair the corresponding device or uninstall the app
  • Transferred files: Retained wherever you saved them, under your control. The app does not delete them
  • On our servers: Nothing — we do not operate any servers that store your data

Account Deletion

There are no accounts to delete. Removing the app removes everything PixelRelay stored.

Children's Privacy

PixelRelay is not directed at children under 13 (or 16 in the European Union). We do not knowingly collect personal information from children. Because PixelRelay does not collect personal information from anyone, this should not arise — but if you believe a child has been harmed by their use of the app, please contact us.

International Data Transfers

PixelRelay does not transmit data across networks beyond your local Wi-Fi. There are no international data transfers because there are no transfers off your devices in the first place.

Disclaimer and Limitation of Liability

What PixelRelay does and does not do to your files

Because PixelRelay moves files between your devices, it's worth being explicit about what it touches and what it doesn't:

  • Phone files (current behavior). PixelRelay does not modify, write to, delete, or rename files on your Pixel today. The app reads media metadata and file contents so your Mac can browse, preview, and download them; it does not change them in place.
  • Phone files (future versions). If a future version of the app surfaces actions that write to your phone — such as receiving a transfer from your Mac, deleting a file, or renaming one — those actions will be user-initiated and clearly labeled. We will update this policy when that happens.
  • Mac files. PixelRelay never deletes original files on either device automatically. You are responsible for verifying that transferred files arrived intact at their destination before deleting originals from the source. If a transfer is interrupted, partial files may remain in your destination folder — cleaning those up is your responsibility.
  • Filename conflicts. If you transfer a file with the same name as one already in your chosen destination folder, PixelRelay will rename the new file with a numeric suffix to avoid overwriting. Do not assume a transfer is complete or correct without verifying destination contents.
  • Backups are your safety net. PixelRelay is a transfer tool, not a backup product. We strongly recommend keeping independent backups (Time Machine, cloud backup of your choice, external drive) of any files you cannot afford to lose, regardless of whether you use this app.

Disclaimer of Warranties

PixelRelay is provided "as is" and "as available" without any warranties of any kind, express or implied. To the fullest extent permitted by applicable law, we disclaim all warranties, including but not limited to:

  • Warranties of merchantability, fitness for a particular purpose, and non-infringement
  • Warranties that the app will be uninterrupted, error-free, or secure
  • Warranties that defects will be corrected or that the app is free of viruses or other harmful components
  • Warranties that file transfers will complete successfully or preserve every file attribute exactly

Limitation of Liability

To the fullest extent permitted by applicable law, in no event shall ApApps, its developer, officers, directors, employees, agents, or affiliates be liable for any indirect, incidental, special, consequential, or punitive damages, including but not limited to:

  • Loss of profits, data, use, goodwill, or other intangible losses
  • Damages resulting from the use or inability to use the app
  • Damages resulting from interrupted, incomplete, or corrupted file transfers
  • Damages resulting from any changes to the app or temporary or permanent cessation of the app
  • Damages resulting from unauthorized access to or alteration of your data, including by another device on your local network

In no event shall our total liability to you for all claims exceed the amount paid by you, if any, for accessing the app during the twelve (12) months preceding the event giving rise to the liability.

Indemnification

You agree to indemnify, defend, and hold harmless the developer and any associated parties from and against any claims, damages, losses, costs, and expenses (including reasonable attorneys' fees) arising from your use of the application or violation of these terms.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do:

  • We will post the updated policy on our website
  • The "Last Updated" date at the top of this policy will be revised
  • For material changes, we may also surface a notice in the app on next launch

Your continued use of the app after changes are posted constitutes your acceptance of the updated Privacy Policy.

Contact Us

If you have any questions about this Privacy Policy, our data practices, or your rights, please contact us:

ApApps
Email: ApAppsCo@gmail.com
Website: https://www.apapps.co/

For privacy-specific inquiries, please include "Privacy — PixelRelay" in your subject line.

California Privacy Rights

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected and how it's used
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (note: we do not sell or share data — we do not collect it in the first place)
  • Right to non-discrimination for exercising your privacy rights

GDPR Compliance (EU Users)

If you are in the European Union, you have rights under the General Data Protection Regulation (GDPR):

Your Rights

  • Right to Access: All your PixelRelay data is visible inside the app at any time
  • Right to Rectification: You can edit settings and rename or delete files at any time
  • Right to Erasure: Unpairing a device or uninstalling the app deletes all associated PixelRelay data
  • Right to Data Portability: Your transferred files are stored in standard formats in standard locations on your device
  • Right to Restrict Processing: You can stop using the app or revoke its permissions at any time
  • Right to Object: You can uninstall the app if you object to any data processing

Legal Basis for Processing

Because PixelRelay does not transmit your personal data to us, we do not "process" your personal data in the GDPR sense. To the extent any local processing on your device falls within the scope of GDPR, the legal basis is:

  • Consent: When you choose to install the app, pair a device, and grant permissions
  • Contract Performance: To provide the file-transfer functionality you have requested
  • Legitimate Interest: For app functionality, performance, and security

Compliance

This Privacy Policy is designed to comply with applicable privacy laws, including:

  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • Other applicable local privacy regulations

Your Consent

By using PixelRelay, you consent to the practices described in this Privacy Policy. This consent is revocable — you may stop using the app and uninstall it at any time.

This privacy policy is specific to the PixelRelay applications for macOS and Android. Thank you for trusting PixelRelay with your photos and files. Your privacy and trust are our highest priorities.

← Back to PixelRelay