Privacy Policy

Last updated: January 2025

Our Commitment to Privacy

At com.bond, we understand that privacy is fundamental to trust. As a service designed exclusively for verified .com domain owners, we handle your data with the highest standards of security and confidentiality.

Information We Collect

Domain Verification Data

  • Your .com domain name and DNS records
  • WHOIS information (already public)
  • Domain registration date and registrar
  • DNS TXT records for verification

Account Information

  • Company name and business email
  • Contact person name and role
  • Billing address for enterprise accounts
  • Payment method (processed by Stripe)

Usage Data

  • Subdomain creation and configuration
  • API usage and request logs
  • Performance metrics and analytics
  • Support ticket history

How We Use Your Information

We use collected information exclusively for:

  • Domain Verification: Confirming ownership of .com domains
  • Service Delivery: Providing subdomain services and features
  • Security: Protecting against fraud and unauthorized access
  • Support: Responding to inquiries and providing assistance
  • Improvement: Enhancing our services based on usage patterns

Data Security

Your data is protected by:

  • End-to-end encryption for all data transmissions
  • AES-256 encryption for data at rest
  • SOC 2 Type II certified infrastructure
  • Regular third-party security audits
  • Strict access controls and monitoring

Data Sharing

We never sell your data. We only share information:

  • With your explicit consent
  • To comply with legal obligations
  • With service providers under strict NDAs (e.g., CDN, payment processing)
  • To protect against fraud or security threats

Your Rights

As a com.bond user, you have the right to:

  • Access: Request a copy of your data
  • Correct: Update inaccurate information
  • Delete: Request deletion of your account and data
  • Export: Receive your data in a portable format
  • Restrict: Limit how we process your data

Data Retention

We retain your data for:

  • Active accounts: Duration of service + 30 days
  • Closed accounts: 90 days for reactivation
  • Legal/tax records: 7 years as required by law
  • Anonymized analytics: Indefinitely

Compliance

com.bond complies with:

  • GDPR (General Data Protection Regulation)
  • CCPA (California Consumer Privacy Act)
  • PIPEDA (Personal Information Protection and Electronic Documents Act)
  • Industry-specific regulations for our enterprise clients

Contact Us

For privacy-related inquiries:

Our Data Protection Officer is available to address any privacy concerns.

Updates to This Policy

We may update this privacy policy to reflect changes in our practices or legal requirements. We will notify you of any material changes via email and provide at least 30 days notice before changes take effect.