Privacy Policy

DomainDart ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web platform, mobile applications, and related services (collectively, the "Services").

This policy applies to all information collected through our Services, regardless of how you access them - whether through our website, iOS app, Android app, or any other platform.

By using our Services, you consent to the collection and use of information in accordance with this Privacy Policy.

2.1 Personal Information

We collect personal information that you voluntarily provide to us:

• Account Information: Name, email address, password, and profile preferences
• Contact Information: Phone number, business address (if provided)
• Payment Information: Billing details, payment method information (processed by third parties)
• Communication Data: Messages, support tickets, feedback, and correspondence with us
• Profile Data: Business information, preferences, and custom settings

2.2 Domain and Business Information

• Domain Data: Domain names you track, ownership information, WHOIS data
• Portfolio Information: Domain collections, categories, notes, and valuations
• Marketplace Data: Listings, offers, transaction history, and communication
• AI Input Data: Information you provide to our AI tools for analysis and generation

2.3 Usage and Analytics Data

• Platform Usage: Features used, time spent, click patterns, and navigation paths
• Device Information: Device type, operating system, browser type, IP address
• Mobile App Data: App version, device identifiers, push notification tokens
• Performance Data: Error logs, crash reports, and diagnostic information
• Location Data: General location based on IP address (not precise location)

2.4 Subscription and Payment Data

• Subscription Information: Plan type, billing cycle, subscription status
• Transaction Data: Purchase history, invoice details, payment status
• RevenueCat Data: Subscription events, user identifiers, and analytics (mobile)
• Stripe Data: Payment processing information (web platform)

2.5 Automatically Collected Information

• Cookies and Tracking: Website cookies, local storage, session data
• Server Logs: Access logs, API calls, and system events
• Third-Party Analytics: Firebase Analytics, usage patterns, and user behavior
• Security Data: Login attempts, security events, and fraud prevention data

3.1 Service Provision

• Creating and managing your account across all platforms
• Providing domain tracking, monitoring, and management services
• Processing AI-powered analysis and generating recommendations
• Facilitating marketplace transactions and communications
• Synchronizing data between web and mobile platforms
• Delivering notifications and alerts about your domains

3.2 Business Operations

• Processing payments and managing subscriptions
• Providing customer support and technical assistance
• Sending service updates, security alerts, and administrative messages
• Conducting research and development to improve our services
• Analyzing usage patterns to optimize performance

3.3 Legal and Security

• Protecting against fraud, abuse, and security threats
• Enforcing our Terms of Service and policies
• Complying with legal obligations and responding to lawful requests
• Resolving disputes and investigating violations

3.4 Marketing and Communications

• Sending promotional emails and product updates (with consent)
• Personalizing your experience and recommendations
• Conducting surveys and collecting feedback
• Analyzing trends and user preferences

4.1 Payment Processing

• Stripe: Processes web platform payments, billing information, and transaction data
• Apple App Store: Handles iOS in-app purchases and subscription management
• Google Play Store: Manages Android in-app purchases and subscriptions
• RevenueCat: Provides cross-platform subscription analytics and management

4.2 Infrastructure and Analytics

• Firebase: Database hosting, user authentication, analytics, and crash reporting
• Google Cloud: Data storage, computing resources, and security services
• Vercel: Web application hosting and content delivery
• Various Monitoring Services: Performance monitoring and error tracking

4.3 AI and Data Services

• OpenAI: Powers our AI features for content generation and analysis
• Domain Data Providers: WHOIS information, domain statistics, and market data
• SEO Services: Website analysis and optimization recommendations
• Email Services: Transactional and marketing email delivery

4.4 When We Share Information

We share your information only in these specific circumstances:

• With Your Consent: When you explicitly authorize sharing
• Service Providers: With trusted partners who help operate our services
• Marketplace Transactions: With other users for legitimate business purposes
• Legal Requirements: When required by law or to protect rights and safety
• Business Transfers: In case of merger, acquisition, or sale of assets
• Aggregated Data: Non-personal, anonymized data for analytics and research

5.1 Data Storage

• Primary Storage: Google Firebase with servers located in secure data centers
• Data Synchronization: Real-time sync between web and mobile platforms
• Backup Systems: Regular automated backups for data protection
• Geographic Distribution: Data may be stored and processed in multiple regions

5.2 Security Measures

• Encryption: Data encrypted in transit (TLS/SSL) and at rest
• Access Controls: Role-based access with multi-factor authentication
• Monitoring: 24/7 security monitoring and threat detection
• Regular Audits: Security assessments and penetration testing
• Employee Training: Regular security awareness and privacy training

5.3 Payment Security

• We never store complete payment card information on our servers
• Payment processing complies with PCI DSS standards
• Mobile payments are handled securely by Apple and Google
• All payment data is tokenized and encrypted

6.1 Mobile-Specific Data Collection

• Device Information: Model, OS version, unique device identifiers
• App Analytics: Feature usage, session duration, crash reports
• Push Notifications: Device tokens for sending notifications
• Biometric Data: Local authentication data (not transmitted to servers)
• Camera Access: Only when explicitly granted for document scanning

6.2 Platform-Specific Policies

• iOS: Complies with Apple's App Store privacy requirements
• Android: Follows Google Play privacy and security guidelines
• Permissions: Clear explanations before requesting device permissions
• Opt-out Options: Easy controls for notifications and data sharing

6.3 RevenueCat Integration

• Manages subscription status and purchase events
• Provides anonymous usage analytics for subscription optimization
• Enables cross-platform subscription management
• Stores minimal user identifiers for service functionality

7.1 Retention Periods

• Account Data: Retained while your account is active
• Transaction Records: Kept for 7 years for legal and tax purposes
• Usage Analytics: Aggregated data retained for up to 5 years
• Support Communications: Retained for 3 years for service improvement
• Marketing Data: Retained until you opt out or request deletion

7.2 Account Deletion Process

You can request complete account deletion through:

• Profile Settings: Use the "Delete Account" option in your profile
• Support Request: Contact our support team for assistance
• Email Request: Send a deletion request to privacy@domaindart.com

7.3 What Happens When You Delete Your Account

• Immediate: Account access is terminated immediately
• Within 30 days: Personal data is permanently deleted from active systems
• Within 90 days: Data is removed from backup systems
• Exceptions: Legal obligations may require retaining certain records
• Anonymization: Some data may be anonymized for analytics rather than deleted

7.4 Subscription Cancellation

• Account deletion automatically cancels subscriptions
• Refunds are subject to platform policies (Apple, Google, Stripe)
• Subscription data may be retained by payment processors
• You can cancel subscriptions without deleting your account

8.1 General Rights

You have the following rights regarding your personal data:

• Access: Request copies of your personal data
• Correction: Request correction of inaccurate or incomplete data
• Deletion: Request deletion of your personal data
• Portability: Request your data in a portable format
• Objection: Object to certain processing of your data
• Restriction: Request limitation of data processing

8.2 GDPR Rights (EU Users)

If you are in the European Union, you have additional rights under GDPR:

• Right to withdraw consent at any time
• Right to lodge a complaint with supervisory authorities
• Right to be informed about data breaches affecting you
• Enhanced rights for automated decision-making

8.3 CCPA Rights (California Users)

If you are a California resident, you have rights under CCPA:

• Right to know what personal information is collected
• Right to delete personal information
• Right to opt-out of the sale of personal information
• Right to non-discrimination for exercising privacy rights

8.4 Exercising Your Rights

To exercise your privacy rights:

• Log into your account and update your preferences
• Email us at privacy@domaindart.com
• Use the contact form on our website
• Contact our support team through the app

We will respond to your request within 30 days and may require identity verification.

9.1 Types of Cookies We Use

• Essential Cookies: Required for basic website functionality
• Performance Cookies: Help us understand how you use our services
• Functional Cookies: Remember your preferences and settings
• Analytics Cookies: Provide insights into user behavior and usage

9.2 Managing Cookies

• You can control cookies through your browser settings
• Most browsers allow you to block or delete cookies
• Disabling certain cookies may limit website functionality
• Mobile apps use similar technologies that can be managed in device settings

9.3 Third-Party Tracking

• We use Google Analytics for website analytics
• Firebase Analytics for mobile app usage insights
• RevenueCat for subscription analytics
• These services have their own privacy policies

Your information may be transferred to and processed in countries other than your own:

• Primary Locations: United States, European Union
• Safeguards: We use appropriate safeguards for international transfers
• Adequacy Decisions: We rely on adequacy decisions where available
• Standard Contractual Clauses: Used for transfers to countries without adequacy decisions
• Data Processing Agreements: All third-party processors sign appropriate agreements

Our services are not intended for children under 18:

• We do not knowingly collect personal information from children under 18
• If we learn we have collected information from a child under 18, we will delete it
• Parents or guardians can contact us if they believe their child has provided personal information
• Users must be at least 18 or have parental consent to use our services

In the event of a data security incident:

• We will investigate and assess the incident immediately
• Affected users will be notified within 72 hours when feasible
• Relevant authorities will be notified as required by law
• We will provide regular updates during the investigation
• Steps to protect yourself will be clearly communicated

We may update this Privacy Policy from time to time to reflect:

• Changes in our services or business practices
• Legal or regulatory requirements
• Improvements in our privacy practices
• New features or technologies

We will notify you of material changes through:

• Email notifications to your registered email address
• In-app notifications on mobile and web platforms
• Prominent notices on our website
• Updates to the "Last Updated" date at the top of this policy

Your continued use of our services after changes become effective constitutes acceptance of the updated Privacy Policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Last Updated: June 28, 2025