Privacy
This is the full privacy policy for DOMINUS. It is short on purpose. We collect only what is necessary to run the game and bill the membership. We do not sell data, profile players, or share information with advertisers. The policy below explains exactly what we hold, why, and for how long.
Who We Are
DOMINUS is a premium online dominoes platform operated at playdominus.com. References to "we," "our," and "DOMINUS" mean the team that builds and operates the platform. Contact information is at the bottom of this page.
What We Hold
Your Internet Identity principal. A public anchor that lets you log in without a password. We never see your face, your fingerprint, your security key, or any biometric data. Touch ID and Face ID stay on your device. The principal is the only identifier we associate with your account.
Your display name. The designation you choose at the table. Permanent by design. We hold this on the Internet Computer auth canister so it persists across devices and sessions.
Your game history. Round and match outcomes, recorded on the Internet Computer game canister. Tile sequences, scores, opponents at the table, and timestamps. These records are public and immutable. They cannot be deleted by us or by anyone else. This is the trade-off of a verifiable platform — and it applies equally to every player.
Your subscription state. Whether your membership is active, the period it covers, and your billing cycle. Held on the Internet Computer subscription canister.
Your billing record. Held by Stripe, our payment processor. Stripe holds card numbers, billing address, and transaction history under PCI-DSS Level 1 controls. We never store full card numbers. We see only the last four digits, the card brand, and the country, surfaced to us through Stripe's dashboard for support purposes.
Your audio preference. A single first-party browser setting recording whether you have sound enabled. Held in your browser's local storage. Never sent to our servers.
What We Do Not Hold
No advertising profiles. No third-party trackers. No fingerprinting scripts. No social-media pixels. No data brokers. No analytics SDKs from Meta, Google, or any consumer-tracking provider. No location data beyond the country your card is registered in (held by Stripe, not by us).
Cookies and Local Storage
One first-party cookie associated with your Internet Identity session — a cryptographic delegation that lets us know you are signed in. This cookie expires when you sign out or when the delegation period ends.
One local-storage entry recording your audio preference. One local-storage entry remembering your last-used display name for faster sign-in.
No third-party cookies. No tracking pixels.
Why We Hold What We Hold
To run the game. To bill the membership. To verify shuffles. To prevent the same person from holding two accounts. Every piece of data on this page maps to one of those four purposes. If we cannot map a data point to one of them, we do not collect it.
Who We Share Data With
Stripe — payment processor. Stripe receives the data necessary to charge your card. Their privacy policy is at stripe.com/privacy.
The Internet Computer — the public network on which our canisters run. Game records and your principal are written to canisters that are part of a public, verifiable ledger. The Internet Computer is operated by node providers around the world; no single party controls it.
That is the complete list. We do not share data with any other third party.
Where Data Is Held
Your principal, display name, and game history are held on Internet Computer canisters. These canisters replicate across multiple node providers globally. There is no single physical location.
Stripe holds your billing data on Stripe's infrastructure, predominantly in the United States and the European Union, depending on your billing region.
How Long We Keep Data
Your subscription state and display name are held for as long as your account exists. Game history on the Internet Computer is permanent and cannot be removed — that is a property of the chain, not a choice we make. Billing records held by Stripe follow Stripe's retention policy and our tax-law obligations, which require us to retain transaction records for up to seven years in most jurisdictions.
If you cancel your membership, your game history remains on-chain (it must) but no further billing data is captured.
Your Rights
Access. Email contact@playdominus.com and we will provide a copy of the data we hold about you within thirty days.
Cancellation. You can cancel your membership at any time. Access continues until the end of the current billing period. We will not retain billing data beyond what tax law requires.
Correction. Display names are permanent — that is the whole point. Other data fields can be corrected on request through the contact email.
Deletion. We can delete your subscription record and stop charging your card. We cannot delete your principal or game history from the Internet Computer. No one can. By signing up you acknowledge this trade-off; it is the same trade-off that makes the shuffle verifiable.
Portability. Your principal is portable by design. You can use the same Internet Identity to sign in to any application that supports it. Your DOMINUS-specific data (subscription, display name, game history) is anchored to that principal and remains accessible to you.
Complaints. If you believe we have mishandled your data, write to contact@playdominus.com. If you are in the European Union or the United Kingdom, you also have the right to lodge a complaint with your local supervisory authority.
Children
DOMINUS is for adults. We do not knowingly collect data from anyone under 18. If you become aware that a minor has signed up, write to contact@playdominus.com and we will close the account and remove the subscription record.
Security
Internet Identity uses public-key cryptography. We never see your password, biometric, or security key. The auth canister verifies a signature; it does not store one. Stripe holds card data under PCI-DSS Level 1 controls. The Internet Computer protects canister state with chain-key cryptography enforced across all node providers.
For security disclosures or vulnerability reports, write to security@playdominus.com.
Changes to This Policy
We may update this policy. The "Last updated" date at the top of the page reflects the most recent revision. Material changes will be announced via the email associated with your billing account at least seven days before they take effect. If a material change requires consent under applicable law, we will obtain it before the change applies to you.
Contact
Questions about this policy: contact@playdominus.com.
Security disclosures: security@playdominus.com.