IMPORTANT NOTE: The summaries here at the top of each section (in green ) are for easy referencing; they are not meant to have any legal effect or in any way substitute the text of the Privacy Policy, which should be read and understood in full detail.
This privacy policy (“Privacy Policy” or “Policy”) explains the privacy practices of DOM, Inc., (collectively, “We,” “Us,” “Data Controller,” “Company,” or “DOM”) and applies to users (“User(s)” or “You”) of DOM’s services, including, among other things, the DomVPN service (“Service”) and DOM website at domvpn.com (“Website”).
The processing of personal data, such as the email address or payment information of a user, shall always be in line with the General Data Protection Regulation (GDPR) and in accordance with any country-specific data protection regulations applicable to DOM. By means of this data protection declaration and Privacy Policy, we are informing the general public of the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, users are informed, by means of this Privacy Policy, of the rights to which they are entitled.
As the data controller for personal data, we administer the strictest policies in safeguarding your privacy and security. By agreeing to these policies written herein, you signify your acceptance of, and agree to be bound by, this Policy as interpreted in line with the Term of Service, the Cookie Policy, and the Digital Millennium Copyright Act (DMCA) policy which are hereby incorporated as references (the DMCA policy, Terms of Service, and the Privacy Policy are sometimes referred to collectively as the “Policies") into this Privacy Policy.
Summary of this section: We collect as little personal information as possible – only what’s needed to activate your account and allow you to experience our world-class service. We need two things to sign you up for a subscription: 1) an email address, and 2) payment. That’s it. Once we get that, your account will be active and ready to use. We also collect as little anonymized data as possible – only what’s needed to gather overall usage metrics (not user metrics) so we can continue providing and improving our service. We DO NOT collect or store browsing history, connected content, user IPs, connection time stamps, bandwidth logs, DNS queries, or anything like that. We collect and retain zero user logs.We were founded on a message of “Your Privacy Is Our Policy”, and we take pride in the fact that we are the most transparent, honest, and trustworthy VPN provider out there.
Please note that we do retain general location info for the purposes of paying sales tax in the US. This information is willingly provided by the user at checkout when paying with non-anonymous methods – and since the user’s general location is already included when paying with non-anonymous methods, this is a non-issue. That said, because DOM is a true friend to the privacy community (and the cryptocurrency community!), we’ve implemented a system where we cover the cost of sales tax for all crypto payments – meaning that we a) pay the sales tax of crypto users, and b) don't ask for, know about, or store location information when a user pays with crypto, making paying with crypto a truly anonymous (anonymous to DOM at least!) way to enjoy using our VPN service.
“Personal Data” means any information that relates to or may be associated with an identifiable person. The Personal Data we collect will vary depending on your use of DOM’s Website or Service, as follows:
From VPN Users:
From Emails & Visitors to the DOM Website:
“Non-personal Data” is not associated with or linked to any Personal Data. Any usage metric collected while using the Service is irreparably separated from the account user. Thus, Non-personal Data does not allow for the identification of any individual person. Non-personal Data we collect includes:
From All VPN Users:
“Non-personal Data” is not associated with or linked to any Personal Data. Any usage metric collected while using the Service is irreparably separated from the account user. Thus, Non-personal Data does not allow for the identification of any individual person. Non-personal Data we collect includes:
From VPN Users Who Opt-in & Willingly Send Reports:
From Emails & Visitors to the Dom Website:
Summary of this section: We need to know where to send account management correspondence, and we need to be able to receive your subscription fee. Your email address and payment can be as personal as you want them to be (and, as mentioned above, our anonymous payment methods are truly anonymous). We also need to get you access to our product in the most convenient and safest way possible. In general, we don’t need to know anything other than the fact that you love using our product so much that you’re willing to pay for our service and appropriately correspond with us.
Summary of this section: DOM’s raison d'etre is to provide our users with the most high-privacy online security products possible; and as such, we strive to do all we can to protect the privacy rights of our customers as they continue to use our service. We keep minimal personal data. We will NEVER share any of the data we have on our users with anyone, anything, or any entity unless doing so is absolutely necessary for us to keep providing our award-winning service. We DO NOT collect or store browsing history, connected content, user IPs, connection time stamps, bandwidth logs, DNS queries, or anything like that. We collect and retain zero user logs. In terms of what we do share – 1) service-level identifiers with our customer service infrastructure partner, Deskpro; 2) payment information with our payment partners, Stripe, Amazon Payments, BitPay, and PayPal; and 3) legally appropriate requested information – importantly, as can be seen in our transparency reports, while we are required to comply with valid subpoena requests from law enforcement, we are never able to provide law enforcement with any useful personal data because we never stored any in the first place. Note that all countries, including the most “privacy-friendly” ones (and we consider the USA to be one), operate under a similar legally compelling requirement. Every VPN provider in the world is required to comply with their country’s law and jurisdictional requests for information; as we are a US company, we are merely compelled to comply with a request, but we are not legally required to store user logs, so we don’t – that's why we’re never able to produce anything useful for any part of any investigation. Simply put, we share the tiny amount of personal data we collect with a few third parties that help us run our service better.
We do not now, nor have ever, nor ever will, share, sell, rent, or trade any user’s Personal Data with third parties other than as disclosed within this Privacy Policy. While we may disclose collected Personal Data to necessary members in our group of companies (across our ultimate holding company and all its subsidiaries) insofar as is reasonably necessary to continue our Service in line with this Policy, we regard our commitment to user privacy as paramount.
Furthermore, we may share your personal information with third-party service providers so that we may continue to improve our Service. In particular, in order to assist you if you have questions while using our website, or to assist you regarding your order and provide comprehensive customer support, we offer the possibility of online chat where, you will be requested to provide Personal Data such as a name and email. When a user visits the DOM online chat page, we use Deskpro to assist our customer service coordination. Deskpro stores in its own database: a visitor_id (a unique identifier randomly generated when someone visits the page, stored in their cookies), what browser the user used to log in, the country of the user, and the date visited. Name, account ID, and email address may be collected and stored if this information is provided for support tickets submitted to DOM. We may also use Deskpro as a medium for communications, either through email or through direct messages within the Deskpro platform. As such, any messages sent via live online chat, tickets, or emailed to
[email protected] will be stored on DOM servers. We may use this data collected via Deskpro in order to improve customer experience. Your data may be internally analyzed to understand trends in customer behavior, demographics, and selections. We will never sell information to any third parties. Deskpro maintains its own separate Privacy Policy that is separate from DOM and can be located at https://www.deskpro.com/legal/privacy/.Additionally, DOM itself does not process any orders or payments. We work exclusively with the payment processors Stripe, Amazon Payments, BitPay, and PayPal. You can find information about the payment services providers' privacy policies and practices at
https://stripe.com/us/privacy (Stripe) https://pay.amazon.com/help/201212430 (Amazon), https://bitpay.com/about/privacy/ (BitPay) and https://www.paypal.com/us/webapps/mpp/ua/privacy-full (PayPal). Each payment processor’s Privacy Policy governs the collection and use of the information collected during the checkout process, and while we have found each third-party Privacy Policy to be in accordance with our strict privacy standards, we recommend you review each applicable Privacy Policy prior to placing an order or providing any kind of information, personal or otherwise.Additionally, although we will comply with all valid subpoena requests, our legal team scrutinizes each and every legal request that we receive for compliance with both the "spirit" and “letter” of the law. For invalid or overly broad subpoenas, we will first question and attempt to narrow the scope of any subject matter sought. DOM will not participate with any law enforcement request that is unconstitutional or illegal. Moreover, when it is possible and a valid option, we will provide the user an opportunity to object to any requested disclosures.
Civil or law enforcement requests are allowed to be sent to [email protected]. If there’s a request that requires mailing or a courier, that information is allowed to be sent to:
DOM Inc.
Attn: Legal Department
9200 E Mineral Ave #100
Centennial, CO 80112
United States
While DOM agrees to accept service of law enforcement requests based on the methods listed, DOM does NOT waive any legal rights based on this accommodation.
Summary of this section:The State of California requires us to write very specific language related to our Privacy Policy. It’s a bit of a legalese jungle, but here’s the gist: If you live in California and want to request what data we have for you, you're allowed to request it once per year by sending an email to [email protected] And in general, you have the right to own your data. So if you have any questions about the things you’re reading in this Privacy Policy or you want more detail about what information we have or how we use it, or if you want to request that we destroy all of your data (keeping in mind that we may not be able to offer you our services if we do that), you can send an email to [email protected]
Pursuant to California Civil Code Section 1798.83, if you live in the State of California and your business relationship with us is mainly for personal, family, or household purposes, you may ask DOM about the information we release to other organizations for their marketing purposes. To make such a request, please send an email to [email protected]with “CCPA privacy request” as the subject. You are allowed under California law to request this information one time each calendar year. We will email you a list of categories of Personal Data we may have revealed to any third parties in the last calendar year, along with their names and addresses. Not all Personal Data shared in this form is included under Section 1798.83 of the California Civil Code. Please also see this California-specific privacy notice for more details related to your rights as a California resident under the CCPA.
By default, DOM does not share your Personal Data with any third parties aside from the disclosures already made in this Privacy Policy. However, if you wish to inquire into how DOM does not share our users’ Personal Data with third parties for direct marketing purposes, you may contact our Data Protection Officer (DPO) at
[email protected]The Children’s Online Privacy Protection Act (COPPA) was passed to give parents increased control over what information is collected from their children online and how such information is used. The law applies to websites and services directed to, and which knowingly collect information from, children under the age of 13. Our online Services are not directed to children under the age of 13 nor is information knowingly collected from them. For additional information on COPPA protections, please see the FTC website at: https://www.consumer.ftc.gov/articles/0031-protecting-your-childs-privacy-online
Dr. Venetia Argyropoulou
Attn: Legal Department
9200 E Mineral Ave #100
Centennial, CO 80112
United States (347)586-9467 (Ext. 904)
In the event that you make such a request, note that we may require certain information from you in order to verify your identity and locate your data, and the process of locating and deleting your data may take a sizable amount of time and effort. Data privacy and related laws in your jurisdiction may provide you with different or additional rights related to the data we collect from you, which may also apply.
Summary of this section:We have strict data-privacy protocols and procedures that include storing personal data in an encrypted form and notifying you if we need to store your personal data outside of the United States.
Only key employees of DOM and DOM’s Group with a need to administer or process Personal Data are granted access to the servers and information where Personal Data is stored. Furthermore, Personal Data is always maintained in a highly encrypted form.
We collect information globally, and we primarily store that information in the United States. If we transfer the storage of your Personal Data from the United States, we will request your consent.
Summary of this section:We reserve the right to adjust the contents of this Privacy Policy as needed without your approval if we deem fit. If there’s anything substantive that fundamentally changes our approach to user privacy or handling of user data, we will make every effort to clearly and effectively communicate that change.Again, as a fundamental rule, neither DOM nor anyone at Kape Technologies logs or stores any kind of substantiative Personal Data, user browsing data, or individual connection data other than what has been outlined here, nor do we share any personal or usage information with third parties for marketing purposes. The minimal usage data we do collect is completely anonymized, separated from personal identifiers, and necessary to keep our services operating. As a testament to our honesty, integrity, and transparency, this can be independently verified by examining the code of our 100% open-source applications and clients (found here).
If we decide to make changes to our Privacy Policy, at our sole discretion, such changes and updates will be effective immediately upon the display of the revised Privacy Policy. Thus, we encourage you to check this Privacy Policy regularly for updates, so that you are fully informed on how your data is collected and used. The date this Privacy Policy was last modified is reflected at the bottom of the page under the heading “Last revised”. Your continued use of the Services following the display of such amendments constitutes your acknowledgement and consent to such amendments to the Privacy Policy and your agreement to be bound by the terms of such amended policy.
If we make material changes to this Privacy Policy, we will notify you through the account or the Website or the in-app Service, and we will make our best efforts to notify you via email or by means of a notice on our home page prior to the change becoming effective.
Dr. Venetia Argyropoulou
Attn: Legal Department
9200 E Mineral Ave #100
Centennial, CO 80112
United States (347)586-9467 (Ext. 904)
DOM has 10+ years of experience in leading the VPN industry with a strict no-usage-logs policy, world-class server infrastructure, and 100% open-source software. Above all else, DOM prioritizes user privacy, security, and freedom from unnecessary, unethical, and illegal surveillance.
Last revised: September 7th, 2022