Privacy & Security Protocol

Privacy Policy

Your security is built into our architecture. Discover how the Pingoo QR doorbell software handles and protects your identity.

Last updated: June 11, 2026 • Version 2.0 (Active)

30-Day Auto Prune

All call history, visitor messages, and voice note attachments are permanently wiped every 30 days.

Zero Shared Details

Visitors never see your name, phone number, or email. Connections are fully isolated.

WebRTC Audio Isolation

Signaling channels run via strictly verified web sockets, avoiding exposure of IP addresses.

1. Introduction

Welcome to Pingoo. We design security software aimed at providing smart doorbell calling without hardware installation. Our core mission is absolute privacy for residents.

This Privacy Policy details how we handle the network streams, visitor messages, and account details in our WebRTC-based doorbell platform.

2. Data Collection & Flow

Unlike traditional calling services, we minimize data footprint through a segmented layout structure:

Hosts / Property Owners

We collect basic credentials (email, hashed password) to store your account, link your generated QR codes, and deliver visitor notes to your dashboard.

External Visitors

No installation, sign-ups, or credentials required. We exchange temporary session parameters (WebRTC SDP/ice candidates) to route the live audio call.

Core Data Comparison Table

Data CategoryWe Safely CollectWe NEVER Access
Phone NumbersNoneYour phone numbers are never stored/displayed.
Audio StreamsRouted in real timeWe never record or listen to live call audio.
Offline MessagesSaved (Wiped after 30 days)No long-term archive or third-party transfer.

3. How We Process Your Signals

We process data to maintain service functionality, including routing calls from QR scan points to host dashboards, delivering push alerts for incoming visits, and checking thresholds to prevent visitor calling spam.

GDPR Compliance Policy: Our servers prune inactive database records and messages automatically on a daily cron routine.

4. Absolute Data Minimization

To prevent surveillance profiling, visitor records have a strict shelf life. Voice note recordings, text notifications, and signaling history are permanently and automatically deleted 30 days from creation.

5. End-to-End Encryption & Security

All active WebRTC streams are fully **End-to-End Encrypted (E2EE)** using DTLS-SRTP protocols directly between the visitor's browser and the resident app. This guarantees that no third party, including Pingoo servers, can view, record, or intercept active video or audio media payloads.

Additionally, our software applies cryptographic validation on signaling channel handshakes, rate-limits API endpoints to prevent brute-forcing, and mandates secure TLS configurations for metadata transit.

6. Network Routing & STUN/TURN

To bridge network NAT firewalls, we utilize standard STUN/TURN nodes. These nodes only inspect routing IP addresses in real time to establish peer streams and cannot decrypt or store the media payload.

7. Resident Rights

You retain full control. Delete logs instantly from your dashboard, or delete your entire account in profile settings to instantly purge all related database records.

Contact Legal Team

Email: legal@pingoo.com

Subject: Privacy Infrastructure Request