Privacy Policy

This policy describes how PingoViral ("PingoViral", "we", "us") collects, uses, stores, and shares information through the PingoViral platform at pingoviral.com and the PingoViral browser extension for Chrome, Microsoft Edge, and Firefox. By using PingoViral, you agree to this policy.

1. Who we are

PingoViral provides lead-generation tools for web agencies, freelancers, and marketing teams. We build software that helps professionals discover local businesses, generate preview websites, and contact prospects via SMS and WhatsApp. For any privacy questions, email [email protected].

2. Data we collect

Account data

When you register we collect your email address, name, password (stored as a bcrypt hash, never in plaintext), and optional profile details (business name, phone number) that you provide in Settings.

Lead data you generate

When you run a scan, the extension captures publicly listed business information from the page you are viewing — business name, phone, address, category, ratings, review counts, and whether a website is listed. This is the same information any visitor to the page can see. We do not collect any data about the person operating the browser or other tabs.

Usage data

On demo sites we deploy on your behalf, we record anonymous page view counts, button clicks ("Interest", "WhatsApp", "Call"), and the referring URL. This lets you see which prospects engaged with the demo. No personal data about site visitors is stored.

Extension data

The PingoViral browser extension stores your PingoViral API key locally in chrome.storage so you do not have to sign in on every scan. It also stores temporary scan progress so an accidental page reload does not lose work. None of this data is shared with any third party. The extension only runs when you click the Scan button — it does not run in the background and does not read browsing history.

3. How we use your data

• Operate the PingoViral dashboard and browser extension
• Deploy demo websites to our subdomains on your behalf
• Send SMS and WhatsApp messages to prospects when you initiate outreach
• Track demo-site engagement so you know which prospects are warm
• Generate invoices and process payments for paid plans
• Send transactional emails (password resets, billing receipts, engagement notifications)
• Improve the product — aggregate, non-identifying analytics only

We do not use your data to train machine-learning models and we do not sell or rent it to any third party for advertising.

4. Where your data is stored

Data is stored on servers located in the European Union (Hetzner data centre, Falkenstein, Germany / Helsinki, Finland). Passwords are stored as bcrypt hashes. API keys are stored as SHA-256 hashes. Database backups are encrypted at rest.

5. Who we share data with

We share only the minimum data needed to operate the service:

• BudgetSMS — when you send an SMS campaign, the recipient phone number and message body are passed to BudgetSMS for delivery
• WhatsApp — when you launch a WhatsApp conversation, the recipient phone number opens in a WhatsApp link on your device
• Mailcow (our email server) — for delivering transactional emails; runs on our own infrastructure
• DataForSEO — for domain-authority and traffic enrichment on dropping domains; only domain names are sent
• Payment processors — for bank transfers, we display account details; no card data passes through us

We do not sell, rent, or transfer your data to anyone else. We do not transfer data to advertising, credit-scoring, or lending services.

6. Browser extension permissions

The extension requests the following permissions. Each is used strictly for the single purpose of scanning publicly listed business information when you click Scan.

• activeTab & scripting — to inject the scanner into the tab you are viewing when you click Scan
• tabs — to open generated demo sites in a new background tab
• storage — to save your API key and active-scan state locally
• host permissions — for map search domains (to read business listings) and for pingoviral.com / api.pingoviral.com (to sync leads into your dashboard)

The extension does not use or load remote code. All executable code is bundled and reviewed by the respective browser store.

7. Cookies

We use session cookies to keep you signed in to the dashboard. We do not use advertising, tracking, or third-party analytics cookies on pingoviral.com or on any demo site we deploy.

8. Your rights

Under GDPR and similar regulations, you have the right to:

• Access all personal data we hold about you — request it from [email protected]
• Export your leads at any time — use the CSV export in the dashboard
• Delete your account and all associated data — email support; we process within 7 days
• Revoke API keys at any time from Settings → API Keys
• Archive or delete deployed demo sites from the dashboard
• Object to processing or withdraw consent at any time

9. Data retention

Account data is kept for as long as your account is active. After you delete your account, we permanently remove personal data within 7 days and purge backups within 30 days. Aggregate, non-identifying usage metrics may be retained indefinitely for service improvement.

10. Children

PingoViral is a business-to-business tool and is not directed at anyone under the age of 16. We do not knowingly collect data from children.

11. Changes to this policy

We may update this policy from time to time. The "last updated" date at the top will change. Material changes are announced via email to registered users at least 14 days before taking effect.

12. Contact

For any privacy question, data request, or complaint, write to [email protected].