MoYu Timer Privacy Policy

Effective Date: January 26, 2026

This Privacy Policy is provided in English for users in the European Union/European Economic Area (GDPR) and residents of California (CCPA/CPRA). Users in China (subject to the Personal Information Protection Law) may request a Chinese version via lmjwzklsjlstcz@gmail.com.

APPIFUN (hereinafter referred to as "we" or "us") operates the MoYu Timer mobile application (hereinafter referred to as "this app" or "the app"). This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use this app. We are committed to protecting your privacy and complying with applicable data protection laws and regulations, including but not limited to the Personal Information Protection Law of the People’s Republic of China (PIPL), the European Union General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and its amendment, the California Privacy Rights Act (CPRA).

By downloading, installing, or using this app, you agree to the terms of this Privacy Policy. If you do not agree, please do not use this app. We may update this Privacy Policy from time to time and notify you of significant changes through in-app announcements or other prominent means. Your continued use of this app after changes are made constitutes acceptance of the revised policy.

This Privacy Policy applies only to this app and does not cover information collected through other channels, such as our website or third-party services linked within the app.

1. Information We Collect

We collect mobile device information to provide, maintain, and improve app functionality, including optimization and ad delivery. Device information refers to any data that can identify or be used to identify a device (as defined by PIPL, GDPR, and CCPA/CPRA).

Categories of Personal Information Collected

Overview: We only collect the minimum information necessary to implement app functions (such as device ID and usage data) to support app operation, enhance user experience, and serve ads. We do not collect sensitive information (such as health data or precise location). Data you enter (such as work hours) is stored locally on your device only.

• Device Information: With your explicit consent, we collect unique device identifiers (e.g., Google Advertising Identifier GAID) for personalized ad services. Additionally, to ensure stable app operation, we collect necessary information through Google AdMob, such as device model and operating system version, for data analysis and ad delivery.
• Usage Data: Information about how you use the app, such as ad views or clicks. This data helps us improve the app and provide relevant ads.
• User-Provided Information: Data you voluntarily enter, such as work hours or salary details, is stored locally on your device and not uploaded to our servers.
• No Sensitive Personal Information: We do not collect sensitive personal information, such as health data, biometric information, or precise geolocation, unless explicitly required and with your consent. Under CCPA/CPRA, sensitive personal information includes categories like racial or religious beliefs, which we do not process.

We collect only the minimum personal information necessary for app purposes, in accordance with the data minimization principle of PIPL. Information collection is based on your consent provided through in-app prompts.

App Permissions and Their Purposes

To implement the core functionality of the app (such as real-time timing, salary display, reminders, ad display, and widget updates), we request the following Android system permissions as needed. All permissions are used solely for the stated purposes and will not be misused or exceeded. We do not secretly use permissions in the background. You can view, enable, or disable permissions at any time in your phone’s “Settings → Apps → MoYu Timer → Permissions” (disabling may limit corresponding features).

• Network and Ad-Related Permissions (automatically granted at installation)
  • INTERNET: Allows the app to access the internet for loading ads, sending anonymous crash logs, uploading AppsFlyer attribution data, and other network functions.
  • ACCESS_NETWORK_STATE: Allows the app to check network status (e.g., whether Wi-Fi/mobile data is available) to determine if it is suitable to load ads or upload data, preventing unnecessary data usage.
  • com.google.android.gms.permission.AD_ID: Allows access to the Google Advertising Identifier (GAID) for personalized ad delivery, AppsFlyer attribution tracking, and ad performance analysis. You can reset or opt out of personalized ads in your phone’s “Settings → Google → Ads.”
• Notification Permissions
  • POST_NOTIFICATIONS (Android 13+): Allows sending notifications for reminders, etc. A prompt appears on first use for your manual consent; if denied, you can enable it in system settings.
  • POST_PROMOTED_NOTIFICATIONS: Allows sending promoted/pinned notifications or Live Updates (e.g., real-time progress bar updates) to make reminders more prominent in the notification bar/lock screen. You can disable Live Updates in system settings.
• System Interaction and Foreground Service Permissions
  • SYSTEM_ALERT_WINDOW: Allows creating floating windows for displaying floating widgets. Must be manually enabled in “Settings → Apps → Special App Access → Display over other apps.”
  • SCHEDULE_EXACT_ALARM & USE_EXACT_ALARM: Allows scheduling and using exact alarms for timely reminders (e.g., sedentary reminders, hydration reminders). Requires user consent on Android 12+ and can be managed in system settings.
  • FOREGROUND_SERVICE & FOREGROUND_SERVICE_SPECIAL_USE: Allows starting foreground services to keep long-running tasks active (e.g., background timer). On Android 14+, specific purpose (timer_countdown_service) is declared; no additional user consent is required, but system restrictions may apply.
• Custom Signature Permissions
  • com.appifun.fishingtimer.permission.WIDGET_UPDATE: Internal custom permission used only for the app’s own widget (home screen widget) data updates, preventing malicious external access. Does not involve collection of personal information.

We commit that all permissions are limited to enabling the functions you use and will not be used for other purposes or shared with unrelated third parties. Disabling permissions will not affect core local features (such as salary calculation), but may impact reminders, floating windows, ads, and other online/interactive features. For questions, please contact us using the information in “10. Contact Us.”

How We Collect Information

• Direct Collection: With your consent, we collect device information to our servers for purposes such as app usage statistics or ad analysis.
• Automatic Collection: Through device sensors, software development kits (SDKs, e.g., for ads), or analytics tools.
• Third-Party Sources: Ad networks or analytics providers may share aggregated data with us.

For PIPL (Chinese users), we ensure collection is lawful, necessary, and transparent. For GDPR (EU/EEA users), processing is based on consent or legitimate interests (e.g., advertising). For CCPA/CPRA (California residents), we declare that device IDs may be considered personal information and are not "sold" without your opt-out consent.

2. How We Use Your Information

We use collected personal information for the following purposes:

• App Functionality: To support core functions such as time tracking, salary calculation, reminders, and floating window display.
• Analysis and Improvement: Device IDs and usage data are used to analyze performance, troubleshoot issues, and optimize user experience.
• Advertising: Device information (such as device ID and IP address) is used to deliver personalized ads via third-party networks, targeted based on your interactions and preferences.
• Compliance and Security: To comply with legal obligations, prevent fraud, and maintain data security.

Under PIPL, we process personal information only for specified purposes; non-essential uses (such as advertising) require separate consent. Under GDPR, the legal basis includes consent (for ads) and legitimate interests (for analysis). Under CCPA/CPRA, these purposes are considered "business purposes," and personal information will not be used for incompatible purposes without further notice.

Purpose	Information Used	Legal Basis (GDPR/PIPL/CCPA)
App Functionality	User-provided data, device information	Contract necessity / Necessity / Business purpose
Analysis	Usage data, device ID	Legitimate interests / Consent / Business purpose
Advertising	Device ID, IP address	Consent / Explicit consent / Opt-out
Security	All data	Legitimate interests / Legal obligation / Business purpose

3. Information Sharing and Disclosure

Third-Party SDK List and Privacy Information

To enable free usage, ad monetization, marketing optimization, and animation effects, we only integrate the following necessary and compliant third-party SDKs. These SDKs are maintained by reputable providers, and we have filtered and limited their data usage. The data collected by these SDKs does not include your name, phone number, salary records, or other sensitive personal information. Links to detailed privacy policies are provided, and you can manage related permissions/identifiers on your device at any time (e.g., reset ad ID or opt out of personalized ads).

SDK Name and Version	Purpose and Function	Main Data Collected/Processed (by default)	Privacy Controls	Official Privacy Policy
com.appsflyer:af-android-sdk:6.17.5 (AppsFlyer Android SDK)	Mobile app attribution analysis, installation source tracking, event tracking, fraud prevention, and marketing optimization. Primarily used to measure ad performance, calculate user acquisition ROI, and analyze user behavior to optimize marketing strategies.	Google Advertising ID (GAID), IP address (approximate location), device model/OS version/language, network type, app launch/session/custom event data (reported by developers).	Reset ad ID within the app or device settings; developers can call anonymizeUser to anonymize data; turning off “Data Collection” stops uploads.	AppsFlyer Services Privacy Policy
com.google.android.gms:play-services-ads:23.6.0 (Google Mobile Ads SDK / AdMob)	Google Mobile Ads SDK, used to display ads within the app (supports banners, interstitials, rewarded videos, native ads, etc.), enabling app monetization and free services.	Google Advertising ID (GAID), IP address (approximate location), device model/OS version, ad interaction behavior (views, clicks), diagnostic information (crash logs, etc.).	Opt out of personalized ads via device settings (Android: Settings > Google > Ads > Opt out of Ads Personalization; iOS: Settings > Privacy > Ads > Limit Ad Tracking); non-personalized ads may still be shown.	Google Privacy Policy (see AdMob section)
com.google.android.gms:play-services-ads-identifier:17.0.1	Provides access to the Google Advertising ID (GAID / Advertising Identifier) for ad personalization, attribution tracking, and user matching. Serves as a foundational library for play-services-ads.	Mainly provides GAID interface, collects minimal additional data (relies on play-services-ads collection behavior).	Same as above: reset/disable GAID or opt out of personalized ads via device settings.	Google Privacy Policy
com.airbnb.android:lottie-compose:6.6.2	Jetpack Compose version of the Lottie animation library, used to render high-quality, interactive vector animations (JSON files exported from Adobe After Effects), enhancing UI visuals (e.g., loading animations, icon animations).	Does not collect any user data or device information (purely local rendering, no network requests, no data upload).	No additional controls needed (does not involve privacy data).	No dedicated privacy policy (Airbnb Lottie is an open-source local library)

All SDKs comply with their respective privacy policies. We do not actively transmit local sensitive data such as your salary or work hours to SDKs. Disabling personalized ads or data collection will not affect core local features (such as timing or salary calculation), but ads may become non-personalized, and attribution analysis may be limited. For more details or options to disable, please contact us (see Section 10).

We may share your personal information with the following entities:

• Third-Party Service Providers: Ad networks (e.g., Google AdMob) for ad delivery, and analytics providers (e.g., Google Analytics) for performance tracking. These providers are bound by data processing agreements to protect your data.
• Affiliated Companies: Our affiliated companies for operational purposes.
• Legal Authorities: As required by law, subpoena, or to protect our rights (e.g., fraud investigations).
• Business Transfers: In the event of mergers, acquisitions, or asset sales.
• Google AdMob: We use Google AdMob to provide personalized ads, which may share device information (such as Google Advertising ID) with Google’s advertising partners to deliver relevant ads within our app and across other platforms. AdMob data processing is governed by Google’s Privacy Policy (see Google Privacy Policy). You can opt out of personalized ads via device settings (e.g., iOS “Limit Ad Tracking” or Android “Opt out of Ads Personalization”) or contact us.

We do not sell your personal information to unrelated third parties. However, under CCPA/CPRA, sharing device IDs with ad networks for personalized ads may be considered a “sale” or “sharing.” You can opt out via device settings or by contacting us.

Regarding international data transfers:

• Data may be transferred outside of China (for PIPL users) or outside the EU/EEA (for GDPR users), e.g., to the United States (where Google AdMob servers are located). We use Standard Contractual Clauses (SCCs), security assessments (such as PIPL-required outbound data security assessments), or adequacy decisions to ensure data protection complies with applicable laws.
• For CCPA/CPRA, we notify such transfers and ensure compliance with California privacy law requirements.

AdMob and Google Compliance Statement

This Privacy Policy complies with Google Publisher Policies, the AdMob Program Policies, and the Google Play Developer Program Policies. We fully disclose AdMob-related data practices. For EU/UK/Swiss users, we support consent mechanisms (e.g., integrated Google User Messaging Platform) for personalized ads and analytics. You can manage or withdraw consent in-app (if implemented) or via device settings. We prohibit invalid activity and ensure non-deceptive ad experiences.

4. Data Security

We take appropriate technical and organizational measures to protect your personal information, including encryption of device ID transmission and storage, access controls, and regular security audits. However, no system is completely secure, and we cannot guarantee absolute security. In the event of a data breach, we will notify affected users and relevant authorities via email or in-app announcements in accordance with PIPL (within a reasonable time, usually 3 business days), GDPR (within 72 hours), and CCPA/CPRA (if there is a risk of harm).

5. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this policy or as required by law. For example:

• Device IDs and usage data: Retained for up to 48 months for analysis and advertising, after which they are anonymized or deleted. You may request early deletion by contacting us (see Section 10 “Contact Us”).
• User-provided data: Stored locally on your device and deleted upon uninstalling the app or clearing data. Please note that ad-related data collected via Google AdMob (e.g., Google Advertising ID) may be stored and processed by Google according to its Privacy Policy (see Google Privacy Policy).

We comply with PIPL, GDPR, and CCPA/CPRA retention rules, deleting or anonymizing personal information when no longer needed or upon your request.

6. Your Rights

Depending on your location, you have the following rights regarding your personal information:

• PIPL Rights (Chinese Users): Access, correction, deletion, withdrawal of consent, processing explanation, and data portability. Please exercise your rights via the contact information provided, and we will process requests within 15 business days (in accordance with PIPL requirements).
• GDPR Rights (EU/EEA Users): Access, correction, deletion (“right to be forgotten”), restriction, data portability, objection (e.g., to ads), and withdrawal of consent. Requests will be processed within one month, extendable to two months for complex cases.
• CCPA/CPRA Rights (California Residents): Know the personal information collected, delete, opt out of sale/sharing (e.g., “Do Not Sell or Share My Personal Information”), correct inaccurate information, and limit use of sensitive personal information. We will respond within 45 days (extendable to 90 days) and will not discriminate against you for exercising your rights.

Please contact us via email lmjwzklsjlstcz@gmail.com or phone +8618986000384 to exercise your rights. To verify your identity, we may require your device ID, email, or other verifiable information. If a request is denied, you may appeal using the same channels. To opt out of ads, use device settings (e.g., iOS “Limit Ad Tracking” or Android “Opt out of Ads Personalization”).

7. Children’s Privacy

This app is not intended for children under the age of 16 (GDPR consent age; 14 under PIPL; 13 under COPPA, or as required by local laws). We do not knowingly collect personal information from children. If we discover that personal information from a child has been collected, we will delete it immediately. Parents or guardians may contact us (see Section 10 “Contact Us”) to review or delete such data.

8. Cookies, Trackers, and Advertising Technologies

This app uses SDKs and trackers (similar to cookies) for advertising and analytics, collecting device information to provide personalized ads. You can manage your preferences through device settings. Under GDPR and PIPL, we obtain consent for non-essential trackers. Under CCPA/CPRA, you can opt out of targeted advertising using the contact methods above.

9. Changes to This Privacy Policy

We may update this policy due to operational or legal requirements. We will notify you through in-app announcements, email, or other prominent methods. The updated policy takes effect from the date of publication.

10. Contact Us

If you have questions, complaints, or wish to exercise your rights, please contact:

Under PIPL, our Personal Information Protection Officer can be contacted via the above email or phone. Under GDPR, our Data Protection Officer can be contacted in the same way. Under CCPA/CPRA, you may also contact the California Attorney General.

We have submitted a Data Safety disclosure to Google Play, detailing the app’s data collection and usage. You can view this information on the app’s page in the Google Play Store. For further details, please contact us.

11. Disclaimer of Liability

This Privacy Policy applies to APPIFUN, which, as the data controller or personal information processor for this app, is fully responsible for the collection, use, disclosure, and protection of personal information described in this policy and assumes all related legal liabilities. For any questions or to exercise your rights, please contact APPIFUN directly (see Section 10 “Contact Us”).