Privacy policy

1. Who is responsible for your data? #

Domi is the data controller responsible for your personal data. We are registered in the Netherlands and comply with the General Data Protection Regulation (GDPR) and Dutch data protection laws.

2. What data do we collect? #

Account information

• Name and email address
• Password (encrypted)
• Account creation and login dates

Payment information

• Payment details (processed by Stripe, not stored by us)
• Billing history and usage
• Stripe Customer ID

Search data

• Addresses you search for
• Search results and timestamps
• Usage patterns

Technical data

• IP address and browser info
• Session data
• Log files for support

3. Why do we collect this data? #

• Service delivery: To perform property checks and deliver results
• Account management: To create and maintain your account
• Billing: To process payments and track charges
• Support: To help you when you need it
• Security: To keep our platform safe
• Legal compliance: To meet our legal obligations

4. What is our legal basis? #

We process your data based on:

• Contract: To deliver our services to you
• Legitimate interest: For service improvement and security
• Legal obligation: To comply with laws and regulations
• Consent: Where you've explicitly given it

5. Who do we share your data with? #

We share your data with:

• Stripe: For payment processing (PCI-DSS certified)
• Supabase: For secure data storage (EU servers)
• Dutch government: Kadaster, BAG, and KvK for property data

We never sell your data. We only share what's necessary for our service.

6. How long do we keep your data? #

• Account data: Up to 2 years after last activity
• Search history: Up to 7 years (fiscal requirements)
• Payment data: Up to 7 years (accounting requirements)
• Technical logs: Maximum 90 days

After these periods, your data is securely deleted.

7. What are your rights? #

Under GDPR, you have the right to:

• Access: See what data we have about you
• Rectification: Correct inaccurate data
• Erasure: Request deletion of your data
• Restriction: Limit how we process your data
• Portability: Get your data in a transferable format
• Object: Object to certain processing

Contact us through our website to exercise these rights.

8. How do we protect your data? #

We take security seriously:

• End-to-end encryption for sensitive data
• Secure authentication via Supabase
• PCI-DSS compliant payments via Stripe
• Regular security audits
• Access controls and monitoring

9. Do we use cookies? #

We use minimal, functional cookies for:

• Session management and authentication
• Storing your preferences
• Security (CSRF protection)

We don't use tracking cookies or analytics without your consent.

10. Can this policy change? #

Yes, we may update this policy. When we make significant changes, we'll let you know via email or a notice on our website.

11. How can you contact us? #

Questions about this policy? Contact us through our website at domicheck.ai.

If you're not satisfied with how we handle your data, you can file a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens).