DOMOMENT PRIVACY POLICY

Last Updated: 7/11/2025

Effective Date: 15/11/2025

TL;DR - THE IMPORTANT STUFF

  • Your ideas, notes, and voice recordings belong to you. Always.
  • We use AI (OpenAI) to transcribe and structure your content. Your data is processed securely and deleted from their servers within 30 days per our agreement.
  • We don't sell your data. Ever. No ads. No tracking for marketing.
  • You can export or delete everything anytime.
  • We collect minimal analytics to improve the app (crashes, feature usage).
  • End-to-end encryption for data in transit. AES-256 for data at rest.

Read below for full details.

1. INTRODUCTION

Welcome to domoment. We built domoment to help you capture and organize ideas effortlessly. This Privacy Policy explains how we collect, use, protect, and share your information when you use our mobile application and services (collectively, the "Service").

By using domoment, you agree to this Privacy Policy. If you don't agree, please don't use the Service.

2. INFORMATION WE COLLECT

2.1 Information You Provide Directly

  • Account Information: Email address, name (optional), password (hashed)
  • Content You Create: Notes, voice recordings, tasks, outlines, tags
  • Profile Settings: Preferences, notification settings, AI prompt customizations
  • Support Communications: Messages you send to our support team

2.2 Information Collected Automatically

  • Device Information: Device model, OS version, unique device identifier
  • Usage Data: Features used, session duration, frequency of use
  • Performance Data: Crash reports, error logs, app performance metrics
  • Location Data: Approximate location (city/country level) for analytics only. We do NOT collect precise GPS location.

2.3 Voice Data Processing

When you use voice capture:

  • Audio Recording: Temporarily stored on your device
  • Transcription: Sent to OpenAI Whisper API via encrypted connection
  • Processing: Audio is transcribed to text, then audio file is deleted locally
  • Third-Party Storage: OpenAI stores audio for up to 30 days per their data retention policy, then permanently deletes it
  • Your Transcripts: Stored encrypted in our database and synced to your devices

You can use Offline Mode to process voice locally (no internet required), though transcription quality may be lower.

3. HOW WE USE YOUR INFORMATION

3.1 To Provide the Service

  • Transcribe voice recordings into text
  • Generate AI summaries, outlines, and task lists
  • Sync your content across devices
  • Enable search and organization features
  • Provide customer support

3.2 To Improve the Service

  • Analyze usage patterns to improve features
  • Fix bugs and performance issues
  • Develop new features based on anonymous usage data
  • Train AI models to better understand your writing style (opt-in only)

3.3 To Communicate With You

  • Send service updates and security alerts
  • Respond to your support requests
  • Send optional product updates (you can unsubscribe anytime)

3.4 What We DON'T Do

  • ✗ We don't sell your data to third parties
  • ✗ We don't use your content for advertising
  • ✗ We don't share your notes with other users (unless you explicitly share)
  • ✗ We don't read your private notes (except for support requests you initiate)

4. HOW WE SHARE YOUR INFORMATION

We only share your information in these specific cases:

4.1 Service Providers

We work with trusted third-party companies to operate our Service:

OpenAI

Voice transcription and AI text generation

  • Data sent: Voice recordings, text content for processing
  • Usage: Transcription and AI suggestions only
  • Retention: Audio deleted within 30 days; text not used for training their models per our Business Agreement
  • Their policy: https://openai.com/policies/privacy-policy

Cloud Infrastructure (AWS/Google Cloud)

Secure data storage and hosting

  • Data sent: Encrypted database backups, user content
  • Usage: Storage and delivery only
  • Security: AES-256 encryption, SOC 2 certified

Analytics (PostHog/Mixpanel)

Anonymous usage analytics

  • Data sent: Feature usage, session data (NO personal content)
  • Usage: Product improvement only
  • Privacy: GDPR-compliant, data anonymized

Payment Processing (Stripe/Apple)

Subscription management

  • Data sent: Email, payment info (we never see your credit card)
  • Usage: Billing only

All service providers are contractually bound to protect your data and use it only for the specific services they provide to us.

4.2 Legal Requirements

We may disclose your information if required by law:

  • Court orders, subpoenas, or legal processes
  • To protect our rights, property, or safety
  • To prevent fraud or security threats
  • To comply with GDPR, CCPA, or other regulations

We will notify you of legal requests unless prohibited by law.

4.3 Business Transfers

If domoment is acquired or merged, your data may be transferred to the new owner. We'll notify you and give you options before this happens.

4.4 With Your Consent

We'll share your information with third parties only if you explicitly give permission (e.g., exporting to Notion, sharing a note).

5. DATA SECURITY

We take security seriously:

  • Encryption in Transit: TLS 1.3 for all data transmission
  • Encryption at Rest: AES-256 for stored data
  • Password Security: Bcrypt hashing with salt
  • Access Controls: Role-based access, minimal employee access
  • Regular Audits: Annual security assessments
  • Penetration Testing: Third-party security testing
  • Incident Response: 24-hour notification protocol for breaches

No system is 100% secure. If a breach occurs, we'll notify affected users within 72 hours and provide steps to protect your account.

6. YOUR PRIVACY RIGHTS

6.1 Access & Portability

You can:

  • View all your data in the app
  • Export everything as JSON, Markdown, or PDF
  • Request a complete data archive via support@domoment.com

6.2 Correction & Deletion

You can:

  • Edit or delete any note, task, or recording anytime
  • Delete your entire account in Settings → Account → Delete Account
  • Request manual deletion via info@domoment.com

When you delete:

  • Content removed immediately from all devices
  • Database backups purged within 30 days
  • OpenAI cache purged within 30 days per their policy
  • Analytics data anonymized (can't be traced back to you)

6.3 Opt-Out Rights

You can:

  • Disable analytics tracking in Settings → Privacy
  • Opt out of promotional emails (unsubscribe link)
  • Use Offline Mode to avoid cloud processing
  • Disable AI features entirely (manual note-taking only)

6.4 Rights Under GDPR (EU Users)

If you're in the EU/EEA, you have additional rights:

  • Right to access: Get a copy of your data
  • Right to rectification: Correct inaccurate data
  • Right to erasure: "Right to be forgotten"
  • Right to restrict processing: Limit how we use your data
  • Right to data portability: Transfer your data elsewhere
  • Right to object: Opt out of certain processing
  • Right to withdraw consent: Revoke permissions anytime

Contact us at privacy@domoment.com to exercise these rights.

6.5 Rights Under CCPA (California Users)

If you're in California, you have:

  • Right to know: What data we collect and why
  • Right to delete: Request deletion of your data
  • Right to opt-out: We don't sell data, so this doesn't apply
  • Right to non-discrimination: We won't treat you differently for exercising your rights

Contact us at privacy@domoment.com to exercise these rights.

7. DATA RETENTION

  • Active Content: Stored as long as your account is active
  • Deleted Content: Removed from live systems immediately; purged from backups within 30 days
  • Account Deletion: All data deleted within 30 days
  • Analytics Data: Anonymized and retained for up to 2 years for product improvement
  • Voice Recordings: Deleted from OpenAI within 30 days; local copies deleted after transcription

8. CHILDREN'S PRIVACY

domoment is not intended for users under 13 (or 16 in the EU). We don't knowingly collect data from children. If you're a parent and believe your child has used domoment, contact us at info@domoment.com and we'll delete their data immediately.

9. INTERNATIONAL USERS

domoment is based in VietNam. If you're using the Service from outside VietNam, your data may be transferred to and processed in VietNam or other countries where our service providers operate.

By using domoment, you consent to this transfer. We use standard contractual clauses approved by the EU Commission to protect EU user data.

10. CHANGES TO THIS POLICY

We may update this Privacy Policy as we add features or comply with new regulations. We'll notify you of significant changes via:

  • In-app notification
  • Email to your registered address
  • Notice on our website

Continued use after changes means you accept the updated policy.

11. CONTACT US

Questions about privacy? We're here to help:

For GDPR/CCPA requests, please include "Data Request" in the subject line.

SPECIFIC AI DISCLOSURES

How AI Processing Works in domoment:

1. Voice Input

You speak → Audio recorded locally → Sent to OpenAI Whisper API via encrypted connection → Transcribed to text → Audio file deleted

2. AI Summarization

Your text → Sent to OpenAI GPT API → Processed for summary/outline → Results returned → Your original text + AI output stored encrypted

3. Data Usage for AI Training

  • OpenAI Business Tier: Your data is NOT used to train their public models
  • domoment: We don't train AI models on your private content unless you explicitly opt-in to "Improve AI" in Settings (and even then, data is anonymized)

4. AI Accuracy Disclaimer

AI-generated content may contain errors. Always review AI suggestions before using them for important decisions. We're not liable for inaccuracies in AI-generated content.

Last Updated: 7/11/2025

Version: 1.0

domoment

App Store

X (FKA Twitter)

Terms of Service

Privacy Policy

Crafted in Da Nang, Vietnam