Data Processing Addendum (DPA)
Last updated: 27 May 2026
This Data Processing Addendum (“DPA”) forms part of the agreement between PiHub Systems (“Processor”, “we”) and the business customer (“Controller”, “you”) using MyQueue (“Service”).
Territory: India (unless otherwise agreed in writing).
Contact: support@pihubsystems.com
1. Roles
- Controller: The venue (clinic, shop, office, or other registered organisation) and its affiliates determine why and whether visitor and staff-related data is collected at the premises.
- Processor: PiHub Systems hosts and processes that data only on documented instructions from the Controller (configuration and use of the Service), unless Indian law requires processing and informing the Controller is prohibited.
2. Subject matter and duration
Subject matter: Hosted queue management—including check-in, staff console, quick-add, public display, live tracker, optional messaging (WhatsApp/SMS/voice/push), venue branding uploads, owner multi-venue account, and subscription billing for each venue.
Duration: For the trial/subscription period and until deletion per retention rules or termination, unless law requires longer retention.
Processor registered office: Mahavir Nagar, Pakri, Patna-800002, Bihar, India.
3. Nature and purpose of processing
Processing includes storage, structuring, retrieval, display on authorised interfaces, authentication (owner email/password via Firebase; staff key flows), file storage for logos/roster images, logging, rate limiting, and API calls to payment and messaging providers when enabled.
Purposes: Operating the queue as configured, security, abuse prevention, billing, and Processor’s legal obligations.
4. Categories of data subjects
- Visitors joining the queue
- Staff and owner users authorised by the Controller
- Billing contacts for the Controller’s organisation
5. Categories of personal data
| Type | Detail |
|---|---|
| Identity / contact | Visitor name; optional mobile; owner/staff account email |
| Queue | Token, status, timestamps, optional alert preference, tracker identifiers |
| Demographic (non-medical) | Age, locality/area or other configured check-in fields |
| Media | Venue logo; optional roster photos (if uploaded) |
| Technical | IP, device/browser signals, logs, push tokens where enabled |
| Billing | Invoice and Razorpay-related metadata |
Excluded by design: Clinical records, diagnoses, prescriptions, lab results. Controllers must not enter such data into queue fields.
6. Phone numbers, push, and messaging
- Phone numbers are processed for queue operations and configured transactional messages only.
- Push tokens (e.g. Firebase Cloud Messaging) may be used when a visitor opts in on the tracker for near-front alerts.
- Controllers remain responsible for lawful basis, notices, DLT (SMS), and WhatsApp/Meta template compliance.
7. Sub-processors
Sub-processors are listed at /legal/subprocessors. Processor remains responsible for their performance under contract.
Changes: Material sub-processor changes will be notified to Controllers by email where feasible.
8. Controller obligations
Controller warrants that it:
- Has authority to instruct processing and to bind the venue.
- Collects visitor data lawfully at the premises (including consent where required).
- Will not instruct unlawful processing or misuse messaging channels.
- Maintains staff key and device security.
9. Security
Appropriate technical and organisational measures having regard to risk, including access controls, venue tenancy separation, encryption in transit, and operational practices described in the Privacy Policy.
10. Assistance
Processor will reasonably assist Controller with applicable Indian law obligations (e.g. security, breach consultation) where proportionate and documented in writing.
11. Breach notification
Processor will notify Controller without undue delay after becoming aware of a personal data breach affecting Controller data in Processor systems, consistent with applicable law and investigation needs.
12. Return or deletion
On termination or Controller’s written email request, Processor will delete or return Controller data within 90 days unless law requires longer retention or data is irreversibly anonymised for non-identifying statistics.
Done queue entries may be deleted earlier using archive controls (see /legal/data-retention).
13. Audit
Upon reasonable written request (no more than once per year unless required by a regulator), Processor may provide security summaries or questionnaires in lieu of on-site audits unless mandatory under Indian law.
14. Records
Processor maintains processing records required under applicable Indian law.
15. Order of precedence
If this DPA conflicts with a separately signed enterprise agreement between the parties, that agreement controls.
Published by PiHub Systems for MyQueue business customers.