Privacy Policy

1. Who we are

PandaSoftX is a custom software development company based in Tanzania. We build business software, mobile apps, and websites, including PSX Office — a document toolkit for reading, converting, and scanning PDFs and Office files.

In this policy, “we”, “us” or “PandaSoftX” refers to the developer of the website at pandasoftx.com and the PSX Office mobile application.

2. What we collect

We have deliberately kept data collection minimal. Specifically:

• Files you choose to process. When you use a tool that requires server processing (for example PDF → Word, OCR, compression), the file you select is uploaded to our processing server. See Files you upload.
• Anonymous device identifier. The app generates a random, device-bound identifier and stores it locally. It is used to bind your in-app purchases and your earned coins to your install so they cannot be tampered with from another device. It is not your Google Advertising ID and we do not link it to your name, email, or phone number.
• App preferences. Your theme (light/dark/system), language, and recent files list are stored on your device only.
• Diagnostic information. If a server request fails, our processing server may log the request method, status code, and a short error message for debugging. These logs do not include the file contents.

We do not collect:

• Your name, email address, phone number, or contact list.
• Your precise or coarse location.
• Your photos, videos, or other files we did not ask for.
• Browsing history outside the app.

3. Files you upload

Some PSX Office tools (such as PDF → Word, PDF → Excel, OCR, Compress, Watermark, Protect, Unlock, ZIP) need a server to do the conversion. For those tools, the app uploads your file to our processing API at https://pdf.pandasoftx.com/api/v1 over HTTPS.

What happens next:

1. The file is processed on our server.
2. The result is sent back to your device.
3. Both the source file and the result are deleted from the server.

We do not view, share, sell, or train any model on your files. We do not keep a copy after the result is delivered. Tools that run entirely on your device (such as the document Reader, the local QR/barcode generator, and the on-device scanner) do not upload anything.

4. How we use information

We use the limited information we receive only to:

• Run the tool you asked for and return the result to your device.
• Validate and restore in-app purchases on the device that bought them.
• Show ads (free users only) and prevent ad fraud.
• Detect crashes and fix bugs.
• Comply with applicable law.

We do not use your data for profiling, behavioural advertising, or to build a profile of you across services.

5. Third-party services

PSX Office relies on a small number of third parties. Each is named below with a link to its own privacy policy:

• Google AdMob — serves banner, interstitial, app-open, and rewarded ads to free users. policies.google.com/privacy
• Google Play Billing — processes in-app purchases on Android. policies.google.com/privacy
• Apple App Store / StoreKit — processes in-app purchases on iOS. apple.com/legal/privacy

We do not use Google Analytics, Facebook SDK, or any other behavioural-tracking SDK in the app.

6. Ads and advertising IDs

Free users see ads served by Google AdMob. AdMob may read your Google Advertising ID (Android) or IDFA (iOS) to limit how often the same ad is shown and to detect invalid clicks.

We request non-personalized ads only. You can reset or delete your advertising ID at any time:

• Android: Settings → Privacy → Ads
• iOS: Settings → Privacy & Security → Tracking

If you are in the European Economic Area, the United Kingdom, or Switzerland, the app shows a Google-mandated consent message before any personalized ad request. You can change that choice later inside the app.

Users who upgrade to the premium tier do not see ads at all and no advertising ID is read on their device.

7. In-app purchases

Purchases (Lifetime, Monthly, Yearly premium) are billed and processed entirely by Google Play or Apple. We do not receive your card number, billing address, or full account information — we only receive a receipt token that we use to confirm your purchase is valid.

8. App permissions

The PSX Office app asks for these permissions, and only when you trigger the matching feature:

• Camera — to scan a document or read a QR code. The image stays on your device unless you choose a tool that uploads it.
• Internet — to upload files for server-side tools, to load ads, and to validate in-app purchases.

We do not request photo, video, audio, location, contacts, microphone, or background-storage permissions. File selection uses Android’s system file picker (Storage Access Framework / Photo Picker) which gives the app access only to the file you tap.

9. Data retention

• Uploaded files: deleted from our processing server immediately after the result is returned, and in any case within 24 hours.
• Server diagnostic logs: retained up to 30 days for debugging, then automatically rotated and deleted.
• On-device data (recent files, preferences, coins): kept on your device until you clear the app’s storage or uninstall the app.

10. Security

All traffic between the app and our servers is encrypted with TLS (HTTPS). Our processing API requires a signed request header so the server only accepts traffic from the official app build. On-device caches live in the app’s private sandbox and are not readable by other apps.

No system is perfectly secure. If we ever discover a breach that affects your data, we will notify you and the relevant regulators as required by law.

11. Children

PSX Office is a productivity tool intended for general audiences and is not directed at children under 13 (or under 16 in the EEA). We do not knowingly collect personal information from children. If you believe a child has provided us with information, please contact us and we will delete it.

12. Your rights

Depending on where you live (for example under the GDPR in the EEA/UK, or under the CCPA/CPRA in California), you may have the right to:

• Access the information we hold about you.
• Ask us to correct or delete it.
• Object to or restrict certain processing.
• Withdraw consent for ad personalization at any time.
• Lodge a complaint with your local data-protection authority.

Because we do not link our identifiers to your name or contact details, the fastest way to exercise the right to deletion is to clear the app’s storage or uninstall the app — that erases every device-side identifier we use. For server-side log deletion, write to us at the address below.

13. International transfers

Our processing server is located outside the European Economic Area. When you upload a file from the EEA, UK, or Switzerland, that file is transferred across borders for the few seconds needed to process it. Transfers are protected by HTTPS in transit and the file is deleted immediately after processing as described above.

14. Changes to this policy

We may update this policy when the app changes or when the law requires it. The “Last updated” date at the top will always reflect the most recent version. Material changes will be announced inside the app before they take effect.