Privacy Policy — MyQueue
Last updated: 27 May 2026
Operator: PiHub Systems, operating MyQueue (“Service”).
Product URL: https://myqueue.pihubsystems.com
Corporate site: https://pihubsystems.com
Territory: This Policy applies to use of the Service in India, unless we state otherwise.
Contact: support@pihubsystems.com (general and data-rights requests).
1. Summary
MyQueue is a digital queue and token system for venues such as clinics, labs, restaurants, ration counters, and similar walk-in operations. Visitors check in (often via QR), staff manage the queue, and optional alerts may notify visitors when they are near the front.
We process personal data needed to run the queue, accounts, billing, and security. The Service is not designed to store medical records, diagnoses, or prescriptions.
2. Who we are
| Role | Detail |
|---|---|
| Data fiduciary (for our own account/billing data) | PiHub Systems |
| Brand | MyQueue |
| Registered office | Mahavir Nagar, Pakri, Patna-800002, Bihar, India |
When venues use MyQueue for visitor queue data, the venue is typically the data fiduciary for that visitor data; PiHub Systems acts as a data processor on the venue’s instructions (see Data Processing Addendum).
3. Who this Policy covers
- Venue owners / administrators who create an account (email/password sign-in), accept Terms and this Policy, and configure one or more venues.
- Staff who operate the queue using a staff key (and optional device PIN) on approved devices.
- Visitors (patients, customers, beneficiaries, etc.) who join the queue via check-in, tracker links, or staff-assisted entry.
4. What the Service does (context for data use)
Depending on configuration and plan, the Service may process data for:
- QR / link check-in and token assignment
- Staff console, quick-add, pause/skip/done actions
- TV / display and live tracker pages
- Near-front in-browser notifications and optional WhatsApp, SMS, or voice (when integrated)
- Venue settings (name, hours, alert thresholds, roster for healthcare, logo and roster photos uploaded to cloud storage)
- Subscriptions and invoices via Razorpay
5. Categories of personal data
| Category | Examples | Purpose |
|---|---|---|
| Owner account | Email, authentication identifiers (Firebase UID), password (held by identity provider, not stored in plain text by us), Terms/Privacy acceptance version and timestamp | Account, security, legal acceptance |
| Venue profile | Venue name, operator/doctor display names, city, slug, venue type, plan, trial/subscription status, settings | Operating the queue and displays |
| Branding media | Venue logo; optional roster member photos | Check-in page, display, staff UI (stored in Firebase / Google Cloud Storage when enabled) |
| Queue entry (visitor) | Name; optional mobile number; fields such as age/locality as configured; token; status; timestamps; alert preferences; tracker session identifiers | Queue operation, displays, optional messaging and tracker |
| Push / messaging | Phone number; device push tokens (FCM) where visitor enables browser notifications on tracker; message delivery metadata | Near-front and transactional alerts per configuration |
| Billing | Legal name, address, GSTIN (if provided), Razorpay customer/subscription references, invoice records | Payments and tax compliance |
| Technical | IP address, user-agent, request logs, abuse/rate-limit signals, cookies or local storage strictly necessary for session | Security, reliability, fraud prevention |
Do not enter clinical or sensitive health information into queue fields.
6. Phone numbers, push, and messaging
When a visitor provides a phone number and/or enables notifications, data may be used only for queue-related purposes you configure (e.g. WhatsApp template messages, SMS via DLT-registered routes, in-tab or push alerts on the tracker).
- Venues are responsible for lawful basis, counter notices, and provider compliance (including TRAI DLT for SMS and Meta/WhatsApp template rules).
- We do not use visitor phone numbers for our own unrelated marketing.
- Push tokens are used to deliver alerts the visitor requested for that visit/tracker session; they are not used for cross-site advertising.
7. Legal bases (summary)
For owners and staff using MyQueue directly: contract (providing the Service), legal obligation (tax/records where applicable), and legitimate interests (security, abuse prevention), as permitted under the Digital Personal Data Protection Act, 2023 (DPDP Act) and other applicable law.
For visitor data processed on a venue’s behalf: the venue determines collection at the premises; PiHub Systems processes under the DPA and venue instructions.
8. Sharing and subprocessors
We use subprocessors (hosting, database, authentication, storage, payments, messaging gateways). A current list is at /legal/subprocessors. We will notify business customers of material subprocessor changes by email where appropriate.
We do not sell personal data.
9. International transfers
The Service is India-first. Subprocessors (e.g. Google, Vercel) may process data in or from other countries per their infrastructure and terms. We use contractual and operational safeguards consistent with applicable Indian law.
10. Retention
See /legal/data-retention. In summary: active queue rows persist while needed for operations; done entries may remain until the owner archives them or account termination timelines apply; billing records may be kept longer for tax law.
11. Security
Measures include HTTPS, tenant separation by venue, hashed staff credentials, access controls on owner APIs, and reasonable monitoring. No method of transmission or storage is 100% secure.
12. Your rights (India)
Subject to applicable law, individuals may request access, correction, erasure, grievance redressal, and nomination, among other rights. Email support@pihubsystems.com. We may verify identity and coordinate with the relevant venue when data was collected on their behalf.
13. Grievance officer (India)
| Field | Value |
|---|---|
| Name | Ram Bilash Choudhary |
| grievance@pihubsystems.com | |
| Postal address | Mahavir Nagar, Pakri, Patna-800002, Bihar, India |
14. Children
The Service is for business use by venues. Minors may appear in queue entries under guardian supervision at the venue; we do not knowingly offer a consumer social network for children.
15. Changes
We may update this Policy and post the revised version at /legal/privacy-policy with a new Last updated date. Material changes may be communicated by email to registered owners. Continued use after notice may constitute acceptance where permitted by law.
16. Trial and billing
New venues may receive a thirty (30) day trial where enabled. Paid plans and commercial terms are in the Terms of Service.
Published by PiHub Systems for MyQueue. This Policy does not replace advice from your own legal counsel.