ISP Billing Software Privacy Policy
At ISPbills, we are committed to protecting your privacy and ensuring the security of your data. This policy explains how we collect, use, store, and safeguard your information.
Last Updated: March 2026
Table of Contents
01. Information We Collect
We collect information necessary to provide and improve our ISP billing and management services. The types of data we collect include:
Personal Data
- β’Full name, email address, phone number, and mailing address
- β’National ID or business registration details for KYC verification
- β’Account credentials (passwords are hashed and never stored in plain text)
Billing Data
- β’Invoice history, payment records, and transaction amounts
- β’Payment method details (processed securely via third-party gateways)
- β’Subscription plans, package assignments, and billing cycles
Network Data
- β’MikroTik router and OLT device connection logs
- β’PPPoE/Hotspot session data including IP addresses and MAC addresses
- β’Bandwidth usage statistics and RADIUS authentication logs
Usage Data
- β’Pages visited, features used, and time spent within the platform
- β’Browser type, operating system, device information, and screen resolution
- β’Referral sources and navigation patterns
02. How We Use Your Information
We use the collected information for the following purposes:
- β’Provisioning and managing ISP subscriber accounts and network connections
- β’Generating invoices, processing payments, and sending billing reminders
- β’Monitoring network health, bandwidth usage, and detecting service disruptions
- β’Providing customer support and resolving technical issues
- β’Sending service updates, maintenance notifications, and security alerts
- β’Analyzing usage patterns to improve platform performance and features
- β’Ensuring compliance with legal obligations and preventing fraudulent activity
- β’Personalizing the user experience and recommending relevant features
03. Data Storage & Security
We implement industry-leading security measures to protect your data at every layer:
Encryption at Rest
AES-256
All sensitive data is encrypted using AES-256 encryption, the same standard used by financial institutions and government agencies.
Encryption in Transit
TLS 1.3
All communications between your browser and our servers are secured with TLS 1.3, ensuring data integrity and confidentiality.
Tenant Isolation
Multi-Tenant
Each ISP operatorβs data is logically isolated using strict multi-tenant architecture. No operator can access anotherβs data.
Backups
Daily
Automated daily backups with point-in-time recovery ensure your data is protected against loss or corruption.
Our infrastructure is hosted on enterprise-grade cloud servers with 24/7 monitoring, DDoS protection, firewalls, and intrusion detection systems. Access to production systems is restricted to authorized personnel with multi-factor authentication.
04. Third-Party Services
We integrate with carefully vetted third-party services to deliver a seamless experience. These providers process data only as instructed and under strict contractual obligations:
- β’Payment Gateways β bKash, Nagad, SSLCommerz, and other providers process transactions securely. We never store your full card or mobile wallet credentials.
- β’SMS Gateways β Transactional SMS (billing reminders, OTPs, service alerts) are sent through authorized SMS providers in compliance with BTRC regulations.
- β’Analytics β We use privacy-conscious analytics to understand platform usage trends. Data is aggregated and anonymized wherever possible.
- β’Cloud Infrastructure β Our hosting providers adhere to SOC 2 and ISO 27001 security standards.
- β’Intercom β We use Intercom for live chat support. Conversations may include data you voluntarily share during support interactions.
05. Data Retention
We retain your data only for as long as necessary to fulfill the purposes outlined in this policy:
- β’Active account data is retained for the duration of your subscription and service agreement.
- β’Historical data including SMS records, payment logs, and session data is retained for up to one year for troubleshooting and auditing purposes.
- β’Network and session logs are retained for up to 12 months for troubleshooting and security auditing purposes.
- β’Usage analytics data is retained in anonymized form and may be kept indefinitely for trend analysis.
- β’Upon account deletion, personal data is purged within 30 days, except where legal obligations require longer retention. A 30-day recovery window is available before permanent deletion.
06. Your Rights
We respect your data rights in accordance with GDPR and applicable data protection laws. You have the right to:
Right to Access
Request a copy of all personal data we hold about you in a structured, machine-readable format.
Right to Rectification
Request correction of any inaccurate or incomplete personal data we maintain.
Right to Erasure
Request deletion of your personal data, subject to legal retention obligations.
Right to Portability
Receive your data in a portable format and transfer it to another service provider.
Right to Restriction
Request that we limit the processing of your data under certain circumstances.
Right to Objection
Object to processing of your data for direct marketing or legitimate interest purposes.
To exercise any of these rights, please contact us at support@ispbills.com. We will respond to your request within 30 days.
08. Children's Privacy
ISPbills is a business-to-business platform designed for ISP operators and their authorized staff. Our services are not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a child under 16, we will take immediate steps to delete that information. If you believe a child has provided us with personal data, please contact us at support@ispbills.com.
09. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by posting the updated policy on this page with a revised "Last Updated" date. For significant changes that affect how we process your personal data, we will provide additional notice via email or an in-app notification. We encourage you to review this policy periodically to stay informed about how we protect your data.
10. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out to us:
Ready to Transform Your ISP Business?
Join hundreds of ISPs across Bangladesh and South Asia who trust ISPbills to manage their operations. Start your free trial today β no credit card required.