1. Information We Collect
When you create an account on Barrio, we collect:
- Account information: name, email address, phone number, organization name
- Property data: property details, unit information, member records, billing data that you enter into the platform
- Payment information: subscription payment proofs, transaction references (we do not store credit card numbers)
- Usage data: pages visited, features used, session cookies for authentication
2. How We Use Your Information
We use your information to:
- Provide and maintain the Barrio platform
- Process your subscription and billing
- Send transactional emails (verification, payment confirmations, trial notices)
- Improve our service and fix issues
- Comply with legal obligations
3. Data Storage & Security
Your data is stored on secure servers hosted on DigitalOcean (Singapore region). We use PostgreSQL with Row Level Security (RLS) to ensure complete data isolation between organizations. All connections are encrypted via TLS/SSL.
4. Data Sharing
We do not sell, trade, or rent your personal information to third parties. We may share data with:
- Payment processors (for subscription billing) — only transaction-related data
- Email service providers (for transactional emails) — only email addresses and names
- Law enforcement if required by Philippine law
5. Cookies
We use session cookies strictly for authentication (keeping you logged in). We use Google Analytics 4 in cookieless mode for anonymous traffic analytics on our public landing page. No tracking cookies are used inside the application.
6. Your Rights Under the Data Privacy Act (RA 10173)
Under Philippine law, you have the right to:
- Access your personal data
- Correct inaccurate data
- Request deletion of your data
- Object to processing of your data
- Data portability — export your data
To exercise these rights, contact us at the email below.
7. Data Retention
We retain your data for as long as your account is active. If you cancel your subscription and request deletion, we will remove your data within 90 days. Soft-deleted records are permanently purged after 90 days.
8. Contact
For privacy concerns or data requests, contact us at: [email protected]