Privacy Policy

Last updated: April 13, 2026

The Short Version

We collect the minimum data needed to run the service. We don't sell your information. We use it to manage your account, deliver content, and count how many articles you've read.

What We Collect

Account information: Your email address. Your password is handled by Supabase and stored as a cryptographic hash — we never see your actual password.

Reading behavior: Which articles you read and when. For free users, this powers article metering.

Payment information: Processed by Stripe. We never store your credit card number.

Technical data: IP address, browser type, device type, pages visited. Standard web server behavior.

Cookies

• Authentication cookie: Keeps you logged in.
• Metering cookie: Tracks free article reads.

We do not use cookies for advertising or cross-site tracking.

How We Use Your Data

• Account management and authentication
• Content delivery based on your subscription tier
• Free article metering
• Service improvement through reading patterns
• Transactional emails (password resets, billing)

We will not send marketing emails without your consent.

Third-Party Services

• Supabase: Authentication and database
• Vercel: Website hosting
• Stripe: Payment processing

We do not sell, rent, or trade your personal information to anyone.

Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where we are required by law to retain it (e.g., billing records for tax purposes, which we retain for up to 7 years).

Reading behavior data is anonymized after 12 months.

Data Security

We use industry-standard security measures including encrypted connections (HTTPS), hashed passwords, and access controls. However, no system is 100% secure. We cannot guarantee absolute security of your data.

Your Rights

Depending on your location, you may have the right to:

• Access: Request a copy of the personal data we hold about you.
• Correction: Request correction of inaccurate data.
• Deletion: Request deletion of your personal data.
• Portability: Request your data in a machine-readable format.
• Objection: Object to processing of your data for certain purposes.
• Withdraw consent: Where we rely on consent, you can withdraw it at any time.

To exercise any of these rights, email hello@dominoresearch.app. We will respond within 30 days.

International Data Transfers

Our services use infrastructure in multiple countries (Vercel, Supabase, Stripe). Your data may be processed outside your country of residence. We ensure appropriate safeguards are in place for any international transfers.

Do Not Track

We do not currently respond to Do Not Track browser signals. We do not engage in cross-site tracking.

Children's Privacy

Domino Research is not intended for anyone under 18. We do not knowingly collect information from minors. If we learn we have collected data from someone under 18, we will delete it promptly.

Contact and Data Controller

Domino Research is the data controller for your personal information. For any privacy-related questions or requests:

Email: hello@dominoresearch.app

Changes

We may update this policy from time to time. Material changes will be communicated by email or site notice. The "Last updated" date at the top will always reflect the most recent version.