Last updated: February 8, 2026
Apeirya LLC ("Company," "we," "us," or "our") operates Domere.ai, an AI-powered sovereign digital asset investment platform. This Privacy Policy describes how we collect, use, store, and protect your personal information when you use our services.
By accessing or using Domere.ai, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, you should not use our services.
We use Firebase Authentication and Google OAuth to manage user identity. We collect and store your email address, unique user identifier (UID), and authentication tokens. We do not store plaintext passwords; all authentication credentials are managed securely by Firebase.
When you connect a domain portfolio or add domains manually, we collect domain names, registration dates, expiration dates, registrar information, and related metadata. API keys for third-party registrars (e.g., GoDaddy, Namecheap) are encrypted at rest using AES-256-GCM encryption and are never exposed to the client or transmitted in plaintext.
All payment processing is handled by Stripe, our payment processor. We do not collect, store, or process credit card numbers or other sensitive payment information. We only retain your Stripe customer ID, subscription status, and billing history to manage your account and provide our services.
We collect usage data to improve our services, including pages visited, features used, search queries, AI interactions, browser type, IP address, device type, and timestamps. We use privacy-preserving analytics tools (such as PostHog) that minimize the collection of personally identifiable information.
We store messages sent to our AI assistant, investment notes, portfolio configurations, and other content you create within the platform. This data is used to provide personalized services and improve your experience.
We use the information we collect for the following purposes:
Our platform's "Brain" layer utilizes advanced Large Language Models (LLMs) via Google Vertex AI and other enterprise-grade AI providers to process your requests and provide intelligent analysis.
We guarantee that your private portfolio data, financial inputs, strategic queries, and personal information are NOT used to train or improve foundational AI models. Your data exists in an isolated "Sovereign Context Window" that is ephemeral and discarded after processing. Once a session or analysis is complete, the context is either destroyed or securely stored in your private, encrypted database shard—never aggregated into training datasets.
We work exclusively with AI providers that offer enterprise-grade data protection agreements and guarantee that customer data submitted via their APIs is not used for model training or improvement without explicit consent.
We use a single encrypted cookie (domere_session) managed by Iron Session to maintain your authenticated state. This cookie is essential for the operation of our services and contains an encrypted session token. No unencrypted identifiers are stored in cookies.
We use privacy-preserving analytics tools (such as PostHog) to understand how users interact with our platform. These tools may set cookies to track anonymous usage patterns. We do not use advertising cookies, Facebook Pixel, Google Ads tracking, or other third-party behavioral trackers.
You can control cookie settings through your browser preferences. However, disabling essential cookies will prevent you from using authenticated features of the platform.
We adhere to a strict Zero-Sharing Policy. We do not sell, rent, or trade your personal information to third parties for marketing purposes. We only share data with necessary service providers and infrastructure sub-processors who assist us in operating our platform:
All third-party service providers are contractually obligated to protect your data and use it only for the purposes of providing services to us. They are prohibited from selling or sharing your data with other parties.
We implement industry-standard security measures to protect your data from unauthorized access, disclosure, alteration, or destruction:
Multi-factor authentication (MFA) for all internal systems, role-based access control (RBAC) for team members, and principle of least privilege for all service accounts.
Our infrastructure is hosted on Google Cloud Platform, which maintains SOC 2 Type II, ISO 27001, and other security certifications. We implement regular security audits, vulnerability scanning, and penetration testing.
While we use best-in-class security measures, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your information to the best of our ability.
You have the following rights regarding your personal data:
You have the right to request a copy of your personal data in a structured, machine-readable format. You can export your portfolio data and account information at any time through the dashboard settings.
You can update your account information, email address, and portfolio data directly through the platform. If you need assistance, contact our support team.
You have the right to request deletion of your personal data and account termination at any time. You can initiate account deletion through Settings → Account → Delete Account. This action is irreversible and will permanently delete your portfolio data, account information, and all associated records. Encrypted API keys are cryptographically destroyed.
We retain your data for as long as your account is active or as needed to provide services. After account deletion, we may retain certain information for legitimate business purposes (e.g., fraud prevention, legal compliance) or as required by law, but this data will be de-identified where possible.
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have additional rights under the General Data Protection Regulation (GDPR):
If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):
To exercise any of these rights, please contact us at privacy@apeirya.com. We will respond to your request within 30 days.
Domere.ai operates globally, and your data may be transferred to, stored, and processed in countries other than your country of residence, including the United States. These countries may have data protection laws that differ from those in your jurisdiction.
When we transfer personal data from the EEA, UK, or Switzerland to other countries, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission, to protect your data in accordance with applicable data protection laws.
Domere.ai is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal data from a child under 18, we will take steps to delete that information as soon as possible. If you believe we have collected information from a child, please contact us immediately at privacy@apeirya.com.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by email (to the address associated with your account) and/or by posting a prominent notice on our platform.
The "Last updated" date at the top of this policy indicates when it was last revised. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: