Back to Home

Privacy Policy

Last updated: November 23, 2025

namemyapp, a property of Yottamrk Inc. ("we," "us," or "our"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. By using namemyapp, you consent to the data practices described in this policy.

1. Information We Collect

We collect information that you provide directly to us and information that is automatically collected when you use our Service.

1.1. Information You Provide

Account Information:
  • Full name (first and last)
  • Email address
  • Password (encrypted with bcrypt)
  • Phone number (optional)
Domain Registration Information (ICANN Required):
  • Full legal name
  • Organization name (if applicable)
  • Mailing address (street, city, state, zip, country)
  • Email address
  • Phone number
  • Administrative, technical, and billing contact information
Payment Information:
  • Credit card details (processed by Stripe - we never see full card numbers)
  • Billing address
  • Payment history
Communications:
  • Support tickets and messages
  • Feedback and survey responses
  • Newsletter preferences
  • Domain search queries and preferences

1.2. Information Collected Automatically

Usage Data:
  • IP address
  • Browser type and version
  • Device information (type, operating system)
  • Pages visited and time spent
  • Referring website
  • Search queries (domain names searched)
  • Date and time of access
Cookies and Similar Technologies:

We use cookies, web beacons, and similar tracking technologies to collect information. See Section 8 for detailed cookie information.

1.3. Information from Third Parties

Payment Processors: Stripe provides payment status and fraud signals

Analytics Providers: Aggregated usage data from Google Analytics, PostHog, etc.

Social Login: If you use social authentication, we receive profile information (name, email) from the provider

2. How We Use Your Information

We use the information we collect for the following purposes:

Service Provision

  • • Process domain registrations
  • • Check domain availability
  • • Manage your account
  • • Provide customer support
  • • Send transaction confirmations

Service Improvement

  • • Analyze usage patterns
  • • Improve AI domain suggestions
  • • Enhance user experience
  • • Develop new features
  • • Fix bugs and errors

Communication

  • • Send service updates
  • • Respond to inquiries
  • • Send renewal reminders
  • • Marketing (with consent)
  • • Legal notices

Security & Compliance

  • • Detect and prevent fraud
  • • Protect against abuse
  • • Comply with legal obligations
  • • Enforce our Terms of Service
  • • Respond to legal requests

Legal Basis for Processing (GDPR)

We process your personal data based on: (1) Contract performance (domain registration services), (2) Legitimate interests (service improvement, fraud prevention), (3) Consent (marketing communications), and (4) Legal obligations (ICANN requirements, tax compliance).

3. Data Sharing

We do not sell your personal data. We share information only with third parties that help us operate, provide, improve, integrate, customize, support and market our Services.

Domain Registrars: When you register a domain, certain information is required to be shared with the registrar and registry (e.g., Name.com, ICANN) to complete the registration.

3.1. Sharing with Registrar and ICANN

When you register a domain name through our Service, we are required by ICANN policy and our reseller agreement with Global Domain Group LLC ("GDG") to share certain personal information with:

  • GDG, the sponsoring ICANN-accredited registrar
  • Dynadot Inc., GDG's affiliate
  • The relevant domain registry (e.g., Verisign for .com domains)

This information includes your full legal name, organization name (if applicable), mailing address, email address, phone number, and administrative, technical, and billing contact information. GDG and Dynadot may use your information in accordance with their respective privacy policies and terms of use, available at dynadot.com/terms-of-use.html.

3.2. WHOIS Database

As required by ICANN policy, certain registrant information will be published in the publicly accessible WHOIS database unless you purchase WHOIS privacy protection (if available for your TLD). Even with privacy protection, your information may be disclosed as required by ICANN policy, in response to legal process or enforceable governmental request, to address fraud, security, or technical concerns, or to protect against harm to rights, property, or safety.

3.3. Domain Misuse Disclosure

If we receive reasonable evidence that a domain registered through our Service is causing actionable harm, we may disclose your contact information to the complaining party within seven (7) days, as required by ICANN policy and our reseller agreement.

3.4. Data Retention

We retain domain registration data for the duration of the domain registration plus two (2) years after expiration or transfer, as required by ICANN policy, or as otherwise required by applicable law.

4. Data Security

We implement comprehensive security measures to protect your information:

Encryption

  • • TLS 1.3 for data in transit
  • • AES-256 encryption at rest
  • • Bcrypt password hashing
  • • Encrypted database backups

Access Controls

  • • Role-based access for employees
  • • Multi-factor authentication
  • • Regular access reviews
  • • Principle of least privilege

Infrastructure

  • • DDoS protection (Cloudflare)
  • • Firewalls and network security
  • • Regular security audits
  • • Automated vulnerability scanning

Monitoring

  • • 24/7 security monitoring
  • • Intrusion detection systems
  • • Real-time threat detection
  • • Incident response procedures

Important: While we implement industry-standard security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security but are committed to protecting your data to the best of our ability.

5. Your Privacy Rights

Depending on your location, you have various rights regarding your personal information:

GDPR Rights (EU Users)

Right to Access: Request a copy of your personal data
Right to Rectification: Correct inaccurate or incomplete data
Right to Erasure: Request deletion ("right to be forgotten")
Right to Restrict: Limit how we process your data
Right to Portability: Receive your data in a portable format
Right to Object: Object to processing based on legitimate interests
Right to Withdraw Consent: Withdraw consent for processing

CCPA/CPRA Rights (California Residents)

Right to Know: Request disclosure of personal information collected, used, shared, or sold
Right to Delete: Request deletion of personal information (subject to legal exceptions)
Right to Opt-Out: Opt-out of sale of personal information (we do not sell your data)
Right to Non-Discrimination: We will not discriminate for exercising privacy rights
Right to Correct: Request correction of inaccurate personal information

How to Exercise Your Rights

Via Your Account Dashboard

  • • Update personal information
  • • Manage communication preferences
  • • Download your data
  • • Delete your account

Via Email Request

  • • Request data access
  • • Request data deletion
  • • Object to processing
  • • Request data portability

Email: [email protected]

We will respond to all requests within 30 days (or as required by applicable law). We may request verification of your identity to protect your privacy. You also have the right to lodge a complaint with your local data protection authority.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

Essential Cookies: Required for the Service to function (authentication, session management). These cannot be disabled.
Analytics Cookies: Help us understand how visitors use our Service (Google Analytics, PostHog). You can opt out via your browser settings.
Preference Cookies: Remember your settings and preferences (language, theme).
Marketing Cookies: Used to deliver relevant advertisements (only with your consent).

You can control cookies through your browser settings. However, disabling certain cookies may limit functionality of the Service.

7. Children's Privacy

Our Service is not directed to individuals under the age of 13 (or the age of majority in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at [email protected] and we will delete such information promptly.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country.

Safeguards: We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses (SCCs) approved by the European Commission for transfers from the EU. By using our Service, you consent to the transfer of your information to these countries.

9. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

Domain Registration Data: Duration of registration + 2 years after expiration (ICANN requirement)
Account Data: While account is active, deleted 2 years after inactivity
Financial Records: 7 years (tax and legal compliance)
Support Communications: 3 years for quality assurance and legal compliance
Security Logs: 1 year for security monitoring
Usage Logs: 90 days (operational purposes)

10. Your Consent

By using our Service to register a domain name, you expressly consent to:

  • Our collection, use, and disclosure of your personal information as described in this Privacy Policy
  • Our sharing of your information with GDG, Dynadot, and relevant domain registries
  • The publication of certain information in the WHOIS database (unless privacy protection is purchased and available)
  • Our disclosure of your contact information within seven (7) days if we receive reasonable evidence of actionable harm caused by your domain
  • International transfers of your data as described in Section 8

Equivalent Notices: The notices and consents provided in this Privacy Policy are equivalent to those enumerated under Part II (Privacy Policy) of Dynadot's Terms of Use, as required by our reseller agreement.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by:

  • Sending an email to the address associated with your account
  • Posting a prominent notice on our website
  • Updating the "Last updated" date at the top of this page

Material changes will take effect 30 days after notification. Non-material changes or clarifications will take effect immediately. Your continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Data Protection Officer (DPO)

For GDPR-related inquiries and data protection matters:

[email protected]

General Privacy Inquiries

For general questions about our privacy practices:

[email protected]

You also have the right to lodge a complaint with your local data protection authority if you believe we have not addressed your concerns adequately.

Additional Resources

Compliance & Security

Our compliance practices and security measures

Terms of Service

Complete terms including ICANN requirements

Last updated: December 2025. This Privacy Policy is reviewed and updated regularly to reflect current data practices and regulatory requirements.