This Privacy Policy describes how we collect, use and protect information in connection with:
- the HiRemote mobile application for iOS, iPadOS, watchOS and macOS (the “App”); and
- the website at https://hiremote.app, including any interactive web remote available on it (the “Website”).
Together we refer to them as the “Services”. By using the Services you acknowledge the practices described below.
1. Information we collect through the App
We use three third-party software development kits inside the App. Each receives only what is required for its function.
Apphud— manages subscriptions on top of the Apple App Store. Receives a random per-install user identifier (UUID), the App Store subscription receipt, the iOS push notification token (if push is granted) and the App Store country code. No payment-card data is processed by the App; payments are handled exclusively by Apple.
Firebase Analytics— records funnel events such as “discovery started”, “connect succeeded”, “paywall shown” or “purchase completed”, each tagged with the platform (VIDAA, Roku, Google TV, Fire TV) and outcome. Firebase derives a coarse country and region from the request IP address. The same random user identifier issued by Apphud is associated with these events so that a crash, a paywall view and a purchase by the same install can be correlated.
Bugsnag— records stack traces, handled errors and the last 100 in-app events preceding an error, together with the device model, iOS version and App version. For diagnostic purposes the locally-assigned IP address of the television (e.g. 192.168.x.x) is included; remote-control issues are almost always network issues. The same random user identifier is attached.
The App also reads and writes the following data locally on the device only; none of it leaves the device:
- TV pairing secrets (VIDAA pairing UUID, Fire TV client token, Android TV pairing certificate) stored in the iOS Keychain.
- Discovered TV identifiers, preferred app icon, onboarding progress and review-prompt counters stored in UserDefaults.
Remote-control commands sent from the App to the television travel directly over the local Wi-Fi network. They do not pass through any server we operate.
Identifiers
- The IDFA (Identifier for Advertisers) is not requested. The App Tracking Transparency prompt is not shown.
- The IDFV (Identifier for Vendor) is collected automatically by Apphud and Firebase. IDFV is per-vendor and resets when all of our apps are removed.
Permissions the App requests
- Local Network— required to discover and communicate with the television.
- Bluetooth— used only by the Google Cast SDK for Cast proximity detection.
- Microphone— required by iOS solely so the screen-mirroring Broadcast Extension can include audio from the apps being mirrored. The App does not record from the microphone.
- Notifications— used for transactional messages such as trial-end reminders. Optional.
- Location (When In Use)— requested only to satisfy iOS prerequisites for Wi-Fi APIs. No iOS API that returns location coordinates is invoked, and no location data is collected.
Information we do not collect through the App
Contents of what is watched on the television; names of television apps launched; precise location; photographs, contacts, calendar, health, financial or biometric data; browsing or search history; the content of remote-control commands transmitted between the App and the television.
2. Information we collect through the Website
The Website is a marketing and support site. It includes an interactive web-based Roku remote at https://hiremote.app/hisense-roku-tv-remote that allows a visitor to control a Roku-based Hisense television directly from the browser by entering the television's local IP address.
Microsoft Clarity— records anonymised session replays (mouse movement, clicks, scrolls, page navigation) and heatmaps. Form inputs and any sensitive fields, including the television IP address entered into the web remote, are masked at the SDK level before recording. Clarity sets first-party cookies (_clck, _clsk, MUID) with a maximum lifetime of 13 months and may derive coarse location from the visitor's IP.
Vercel Web Analytics— counts page views, top pages, top referrers and visitor country. The product is cookie-less; visitors are de-duplicated by a server-side daily-rotating hash of the IP and User-Agent, which is then discarded.
Vercel Speed Insights— collects Core Web Vitals (LCP, CLS, INP, FID, FCP, TTFB) and the corresponding page URL and device class. No identifiers are stored.
Vercel hosting— writes standard access logs containing IP address, User-Agent, referring URL, requested path and response status, retained for a short period and then aggregated.
When the web remote is used, the television IP address entered by the visitor is transmitted from the visitor's browser directly to the television over the visitor's local network using the Roku External Control Protocol. We do not receive that IP address.
The Website does not include any newsletter signup or contact form; the only way to contact us is via a mailto: link to support@hiremote.app. Email correspondence is therefore not processed by any of the SDKs above.
Cookies set on the Website
| Cookie | Source | Purpose | Lifetime |
|---|---|---|---|
_clck, _clsk, MUID | Microsoft Clarity | Returning-visitor recognition for session replay | up to 13 months |
| Server-side daily hash | Vercel Web Analytics | Page-view de-duplication | 24 hours, never written to the browser |
No advertising, remarketing, social-media or cross-site tracking cookies are set.
3. How we use the information
The information described above is used to:
- provide the Services and verify subscription state;
- diagnose and fix bugs and stability issues;
- measure and improve the product and the Website;
- respond to support enquiries.
4. Sharing and transfers
We do not sell or rent personal information. We do not share personal information with advertising networks or data brokers.
Information is shared only with the SDK providers listed above (Apphud, Google/Firebase, Bugsnag, Microsoft Clarity, Vercel), each of which acts as our processor. Those providers may store and process data in the United States and the European Union.
5. Retention
| Data | Retention |
|---|---|
| App diagnostic and crash data (Bugsnag) | 90 days, aggregated thereafter |
| App product-interaction events (Firebase) | 14 months |
| Subscription records (Apphud) | Lifetime of the anonymous install, to enable restore-purchase |
| Website session replays (Clarity) | up to 13 months |
| Website analytics aggregates (Vercel) | 12 months |
| Website access logs (Vercel hosting) | A few days raw, aggregated thereafter |
| Support emails | Until deletion is requested |
6. Your rights
You may request access to, correction of, or deletion of data tied to your install or your visit. To do so, contact support@hiremote.app. If the request concerns App data, please include the Apphud user ID shown in Settings → About inside the App. If the request concerns Website data, please include the approximate date and time of your visit. We will reply within thirty days.
You can also disable analytics by blocking third-party scripts in your browser, by enabling iOS Safari's “Hide IP from Trackers”, or by uninstalling the App.
7. Children
The App is rated 4+ in the Apple App Store. The Services are not directed to children under thirteen and we do not knowingly collect information from them. A parent or guardian who becomes aware that a child has provided information may contact support@hiremote.app to request deletion.
8. Security
All network traffic between the Services and their processors uses TLS. TV pairing secrets are stored exclusively in the iOS Keychain on the user's device and are never transmitted to us.
9. Changes to this Policy
We may update this Policy. Material changes will be reflected by updating the “Effective date” above and, where appropriate, surfaced in the App at next launch.