Privacy Policy

Last updated: 2026-05-06

What we collect

PingBoost is a self-hosted-friendly chat widget. We collect the minimum data needed to operate the licence and the optional server-side configuration feature.

• Email address — provided at checkout via Stripe. Used to deliver your licence key and respond to support requests.
• Stripe payment metadata — customer ID, session ID, and payment-intent ID. Stripe is the processor; we do not see card numbers. Stored to reconcile refunds and chargebacks.
• Validation log — every time the widget loads on your site we record: license key (truncated in dashboards), domain, timestamp, and the IP address that requested the bundle. Retained for 90 days; used for fraud detection and capacity planning.
• Widget configuration (optional) — if you choose to save your widget setup at /build, we store the values you submit (phone numbers, name, greeting, colour, etc.) in our database. You can delete this at any time using the export/delete endpoints below — or contact us at hello@pingboost.site.

What we don't collect

• We don't fingerprint visitors of sites running the widget. The widget makes no analytics calls — it just opens deep links to Viber/WhatsApp/Telegram apps.
• We don't use third-party analytics (Google Analytics, Segment, Hotjar, etc.). The landing page logs nothing beyond the Hetzner access log (deleted after 30 days).
• We don't share your data with any third party except Stripe (payment processor), Resend (email delivery), and your hosting provider (Hetzner GmbH, Germany).

Where data lives

All data is stored on a single VPS in Hetzner's Nuremberg datacentre, Germany (EU). Backups go to the same physical region.

Your rights (GDPR)

If you're an EU resident, the GDPR applies. You have the right to:

• Access all data we hold about you. Visit https://pingboost.site/api/widget/config/<your-key>/export — it returns a JSON blob with your licence, configuration, domain bindings, and full validation/audit history.
• Delete your widget configuration. DELETE https://pingboost.site/api/widget/config/<your-key>. Note: licence + payment records cannot be deleted while the licence is active (legal/accounting requirement).
• Refund within 14 days — refunds delete your payment metadata down to what Stripe retains by law (we retain customer ID + amount only).
• Object to processing or request a copy in another format — email hello@pingboost.site.

Security

The widget bundle is served over TLS 1.3 from the same VPS that stores your licence data. Database is local SQLite with daily encrypted off-site backups. Admin panel access is gated by GitHub OAuth and a hard-coded allow-list of GitHub usernames. We will notify you within 72 hours of becoming aware of any data breach affecting your account.

Cookies

The marketing landing page sets no cookies. The admin panel sets one HttpOnly, Secure, SameSite=Lax session cookie (pb_admin_session), which is bound to your GitHub login. The widget itself sets no cookies on host pages.

Contact

Data controller: PingBoost team. Email hello@pingboost.site for any privacy-related question.