Privacy Policy

Last updated: October 21, 2025

1. Introduction

Reputable Domains ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

Account Information

  • Email address (verified via email verification)
  • Full name
  • Organization name
  • Password (stored as hashed values only)
  • Account type (Brand, Cybersecurity, or Administrator)
  • Subscription information (for Brand accounts)

Brand Information (Brand Accounts)

  • Brand names
  • Domain names
  • Brand ownership documentation (uploaded PDF/JPG files)
  • Team member information (for Agency and Enterprise plans)

Usage Information

  • IP addresses
  • API usage statistics
  • Login history
  • Audit logs of actions taken

3. How We Use Your Information

We use the collected information to:

  • Provide and maintain our service
  • Verify brand ownership
  • Process and approve submissions
  • Communicate with you about your account
  • Prevent fraud and abuse
  • Comply with legal obligations
  • Improve our service

4. Information Sharing

We share information in the following circumstances:

Reputable List

Approved brand names and domain names are included in our public reputable domains list, which is accessible to cybersecurity account holders. This is the core purpose of our service.

Service Providers

We use third-party service providers to help operate our service:

  • AWS - Database hosting and email delivery (WorkMail)
  • Stripe - Payment processing, subscription management, and customer billing information
  • hCaptcha - Bot protection and spam prevention during signup and login

These service providers have access only to information necessary to perform their functions and are obligated to maintain confidentiality. hCaptcha's use is subject to their Privacy Policy and Terms of Service.

Legal Requirements

We may disclose your information if required by law or in response to valid requests by public authorities.

5. Data Security

We implement appropriate technical and organizational security measures to protect your personal information:

  • Passwords are hashed using bcrypt
  • API keys are hashed using SHA-256
  • Database connections use SSL/TLS
  • All web traffic uses HTTPS
  • Access controls and audit logging

6. Your Rights

You have the right to:

  • Access your personal information
  • Correct inaccurate information
  • Delete your account and associated data
  • Export your data
  • Object to processing
  • Withdraw consent

To exercise these rights, please contact us at hello@reputable.domains.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. If you delete your account, we will delete your personal information within 30 days, except for information we are required to retain for legal or compliance purposes.

Approved domains in the reputable list may be retained even after account deletion to maintain the integrity of the list.

8. Cookies and Tracking

We use the following cookies:

  • Session cookies: Essential for authentication and security
  • CSRF tokens: Security protection

We do not use third-party tracking cookies or analytics that collect personal data.

9. Children's Privacy

Our service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us: