FM
FlickMouse
FlickMouse – Remote pc control for Mac on your iPhone

Security & Development Policy

This page summarizes FlickMouse / FlickMouse Server’s security design, privacy policy, and information related to the subscription plan (FlickMouse Pro).

Design assumptions

FlickMouse is designed with the following assumptions:

  • It operates only between a Mac and an iPhone on the same local network (Wi-Fi / wired LAN).
  • It communicates directly between the Mac and iPhone without routing through third-party cloud servers.
  • The Mac side assumes Apple silicon (M1 or later) with macOS 12 or later, and the iPhone side assumes iOS 18 or later.

Operation is not guaranteed in environments that do not meet these assumptions. We will validate and expand support gradually in future updates.

Communication & encryption

When connecting, FlickMouse performs a handshake using a pre-shared key (PSK) to verify that both the Mac and iPhone are the intended peers.

Payload data such as text input and pointer operations is encrypted and transmitted using an AEAD cipher (ChaCha20-Poly1305). This design helps prevent the contents from being decrypted even if packets are intercepted in transit.

On the Mac, the PSK is stored securely using the Keychain and shared with the iPhone via a QR code. If the PSK is regenerated, the old PSK becomes invalid, preventing third parties from connecting using previously obtained information.

Data we store and data we do not store

FlickMouse / FlickMouse Server stores only the minimum information required for operation, locally.

  • Examples of data we store: connection settings (hostname/port), PSK (in Keychain), and some user preferences.
  • Examples of data we do not store: the actual text you type, pointer coordinate history, or time-series logs of detailed actions.

As an exception, development/debug builds may output more detailed logs. In public releases, logging is kept minimal so that personally identifiable information and the content you type do not remain stored long-term.

About the subscription “FlickMouse Pro”

Some features of this app (such as text input and sending shortcuts) require the auto-renewing subscription “FlickMouse Pro Monthly”.

  • Title: FlickMouse Pro Monthly
  • Duration: 1 month (auto-renewing subscription)
  • Price: See the App Store (pricing varies by region and currency)
  • What you get: All Pro features that are restricted in the free version, including keyboard input and sending shortcuts.

Subscriptions automatically renew unless auto-renew is turned off at least 24 hours before the end of the current period. The renewal fee will be charged to your Apple ID account within 24 hours prior to the end of the current period.

You can manage your subscription and turn off auto-renew in iPhone Settings > Apple ID > Subscriptions.

If a free trial is offered, any unused portion will be forfeited when you purchase a subscription.

The Terms of Use (EULA) follow Apple’s standard End User License Agreement: https://www.apple.com/legal/internet-services/itunes/dev/stdeula/

Privacy policy

This page provides an overview of the privacy policy that applies to the FlickMouse-related website provided under the https://tech-peace-lab.jp domain and to FlickMouse / FlickMouse Server (collectively, the “Service”).

  • Information we collect: We handle only the minimum information necessary to provide and operate the Service, such as connection settings (hostname/port), the PSK (stored in Keychain), and some user preferences.
  • Purchase and subscription information is processed through Apple-managed App Store / App Store servers. The developer does not have direct access to payment information that can identify an individual.
  • Purpose of use: We use the above information only to establish/maintain the connection and provide functionality, and we do not use it for marketing purposes.
  • Sharing with third parties: We do not sell or share information that could identify you with third parties, including typed content and operation history (except where required by law).
  • Integration with external services: At this time, we do not automatically integrate with external analytics or advertising services. If we introduce such services in the future, we will notify users in advance and provide an on/off choice as a basic principle.

If you have questions about privacy or requests regarding disclosure, correction, or deletion, please contact flickmouse@tech-peace-lab.jp.

Logs and analytics

In the current public distribution, integration with external analytics services (such as crash reporting tools or traffic analytics) is not assumed.

If we introduce analytics features in the future to improve quality, we will follow these principles:

  • We will announce it in advance via the official website and/or release notes.
  • We will use an opt-in approach where users can explicitly choose on/off.
  • We will clearly describe what information is collected and for what purpose.

Three core principles

FlickMouse follows these three principles as the foundation of security and privacy:

  • Local communication: Operates within the same network and avoids unnecessary external communication.
  • Encrypted data: Protects traffic using the PSK and AEAD encryption.
  • Minimal logging: Limits logs to what is necessary for troubleshooting and does not perform long-term behavioral tracking.

Future changes and notices

If we make security-related changes such as expanding supported environments or updating the communication method, we will notify you by updating the “Download”, “FAQ”, or this page on this website.

We will also improve this page over time based on development progress and feedback. If you have comments or questions, please contact flickmouse@tech-peace-lab.jp.

* This page is intended to provide technical information from the developer and does not constitute legal advice.