Privacy Policy

PisoTrack ("we," "us," or "our") is a cloud-based management platform operated by DigiVault for PisoNet (internet café) business owners in the Philippines. Our website is available at pisotrack.com.

We collect the following types of information:

Account Information

• •Full name, email address, and hashed password (we never store plain-text passwords)
• •Telegram Chat ID (if you opt in to Telegram notifications)
• •Two-factor authentication secrets (encrypted)

Business & Device Data

• •Branch names and addresses
• •PC identifiers (PC number, agent key, hardware ID)
• •Session data: start/end time, duration, revenue calculated
• •PC status (online, offline, in-use) and last heartbeat timestamps
• •App blocking rules configured per branch

Operational Data

• •Screenshots captured on demand or via Live View (uploaded by the agent, stored temporarily)
• •IP addresses logged during login attempts (for security / login history)
• •User-agent strings (browser and OS information)
• •Audit logs for plan enforcement and administrative actions

We use your data to:

• •Provide and operate the PisoTrack platform (monitoring, remote control, analytics)
• •Authenticate your identity and protect your account (password hashing, 2FA, login history)
• •Enforce plan limits and billing (branch/PC counts, plan expiration)
• •Send Telegram notifications you have opted into (PC status, session updates, remote commands)
• •Generate business analytics (revenue tracking, session trends, peak hours)
• •Detect and prevent unauthorized access or abuse

Your data is stored in a PostgreSQL database hosted on our self-managed servers. We protect your data through:

• •Passwords hashed with bcrypt (industry-standard, one-way hashing)
• •HTTPS encryption for all data in transit
• •Session tokens using next-auth with secure, HTTP-only cookies
• •Agent keys with hardware ID binding to prevent unauthorized device connections
• •Role-based access control (users can only access their own branches/PCs)
• •Automated daily database backups with 7-day retention

When you request a screenshot or start a Live View session, the PisoTrack Agent on the target PC captures the screen and uploads it.

• •Screenshots are uploaded to our server and stored temporarily
• •Only the account owner with the correct session can view their screenshots
• •Old screenshots are automatically cleaned up via a periodic cleanup job
• •Live View streams are not recorded — they are ephemeral screenshot loops

We do not sell, rent, or share your personal data with third parties. We may share data only:

• •With your explicit consent
• •To comply with applicable Philippine laws (e.g., lawful court orders)
• •With Telegram, only to deliver notifications you have explicitly opted into (via Telegram Bot API)

As a Philippine data subject, you have the right to:

• •Access — request a copy of your personal data
• •Correct — update inaccurate or incomplete data
• •Delete — request deletion of your account and associated data (available in Settings → Account → Delete Account)
• •Object — object to processing not necessary for the service
• •Portability — request your data in a portable format (available via Settings → Export Data)

To exercise these rights, email us at [email protected].

• •Account data is retained while your account is active
• •Session/revenue data is retained for analytics and business records
• •Login history: retained for 90 days
• •Screenshots: automatically purged periodically via cleanup cron
• •Upon account deletion, all personal data and associated resources are permanently removed

PisoTrack uses:

• •Session cookie — a secure, HTTP-only auth cookie managed by next-auth (essential for login)
• •Local storage — to remember UI preferences (e.g., sidebar state, monitor grid size)

We do not use third-party tracking cookies, analytics scripts, or advertising pixels.

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of PisoTrack after changes constitutes acceptance of the revised policy.

For privacy-related inquiries, contact us at:

• •Email: [email protected]
• •Data Privacy Officer: DigiVault