Privacy Policy
Effective July 8, 2026
At DomainGuard LLC ("DomainGuard", "We" or the "Company"), We prioritize the protection of your privacy and are dedicated to maintaining transparent practices in handling your personal information. We value the privacy of our esteemed customers, users of our products, and visitors to our public sites. Upholding exemplary ethical standards is ingrained in our business ethos, ensuring strict compliance with laws and regulations governing the safeguarding of personal data. This document serves as a comprehensive guide, outlining how DomainGuard collects, manages, stores, and safeguards your personal information within the scope of our services.
Scope of this policy. This Privacy Policy applies to all of DomainGuard, LLC's public properties: our marketing website at guardyourdomain.com, our Managed Service for customers, and our public, self-service domain scanner at domainguard.org. The general sections below apply across all of these properties. Because the public scanner collects and shares information differently from our marketing site and Managed Service, its specific practices are set out separately in The Public Domain Scanner (domainguard.org) below.
Table of Contents
- Protecting Your Data
- Information We Collect
- Cookies and Tracking Technologies
- How We Use Your Information
- How We Share Your Information
- How To Access & Control Your Information
- Data Retention
- Third-Party Websites & Applications
- Children's Information
- International Users & Visitors
- US State Law Requirements
- Changes To This Policy
- Contact Us
See also: The Public Domain Scanner (domainguard.org) — the scanner-specific practices that supplement the general sections below.
The Public Domain Scanner (domainguard.org)
DomainGuard operates a public, self-service domain security scanner at domainguard.org. This section describes the information practices specific to that scanner. The general provisions of this Privacy Policy also apply to it; where they differ, this section controls for the scanner.
Information the scanner collects
- Email address. If you request a comprehensive ("Active") scan, or submit a scoping request for a managed assessment, we collect the email address you provide. For an Active scan we email a verification link to that address and only proceed once you click it, and the address must be at the same domain you are scanning. We retain verified requester addresses as a business contact.
- IP address. We record the IP address of each scan request and of later requests to view or download a report. We use it to operate the service, apply rate limits, and detect and prevent abuse.
- Browser and device information. We record your browser's user-agent string and derive general browser, operating-system, and device-type information from it.
- Approximate location. We derive an approximate location (city, region, country, and network/ASN) from your IP address using a geolocation database held on our own servers. Your IP address is not sent to a third party to perform this lookup.
- The domain you submit. We collect the domain name you ask us to scan and the report we generate for it. Results for a basic ("Fast") scan are treated as public (see "Public visibility of scans" below).
- Scoping-request details. If you use the assessment-scoping form, we collect the domains, network ranges, exclusions, and contact details you enter.
How the scanner shares information
Running a scan necessarily transmits the domain you submit (and, in some cases, its resolved IP addresses) to third-party security and infrastructure providers that help us produce the report. For the scanner we use the following categories of service providers:
- Email delivery. An email delivery provider sends our verification and "scan ready" emails and receives the recipient's email address and the message content.
- Bot protection and network. A bot-protection and content-delivery provider secures our forms and network edge. Its bot-protection challenge receives your IP address and sets its own cookie for bot detection.
- Artificial intelligence. A third-party artificial-intelligence provider helps identify brand information and generate report summaries.
- Threat-intelligence and reputation providers. To assess exposure we query third-party threat-intelligence, reputation, and domain-registration services using the target domain, its subdomains, and/or its resolved IP addresses, together with publicly available certificate-transparency and domain-registration records.
- Scanning infrastructure. Some scan traffic to the target domain is routed through a third-party proxy provider.
- Internal security operations. Our own security monitoring may surface a requester's email address and IP address to our operations team, including through an internal messaging channel, for abuse detection and response.
These providers process the information to deliver their service to us; we do not sell your personal information. Third-party results included in a report may be subject to the originating provider's own terms.
Cookies on the scanner
The scanner does not set first-party cookies and does not use analytics, advertising, or cross-site tracking technologies. The only cookie associated with the scanner is the one set by the third-party bot-protection challenge described above.
Public visibility of scans
A basic ("Fast") scan is public: the bare domain name may appear in a "Recent Scans" list on the site, and the resulting report is reachable by anyone who has the report's link. A comprehensive ("Active") scan is private to the verified requester and is not listed publicly. Please do not submit a domain for a Fast scan if you do not want the existence of that scan to be visible.
Retention (scanner)
Scan records, submission logs, captured contact details, and related scanner data are automatically deleted after approximately 60 days. Report-access links expire within 30 days. Internal security and audit logs may be kept longer as needed for security and recordkeeping.
Availability
The scanner is offered to visitors located in the United States by default.
1. Protecting Your Data
DomainGuard holds the data entrusted to us by our clients and prospective clients in the highest regard. While we cannot guarantee the security of personal information, DomainGuard is committed to ensuring stringent security protocols for all personal data under our purview. DomainGuard takes technical and organizational measures to protect your information against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure, or access.
We use Transport Layer encryption to protect your personal information during the transmission of data between your web browser and our servers. Please be aware any information you send by email is not encrypted and is susceptible to interception over the internet.
Our Managed Service data is hosted with SOC 2 compliant providers who have signed a Non-disclosure agreement with DomainGuard. This infrastructure is audited by external experts to ensure fully up to date SOC 2 compliance. No personal client information is ever disclosed to our service providers.
While we take steps to protect your personal information, you also play a role in protecting your information, including by not sharing your log-in or password with anyone. DomainGuard will never ask you for this information.
2. Information We Collect
We collect information when you provide it to us, when you use our website or services, and when other sources provide it to us, as further described below.
Information you provide to DomainGuard
- Account and Profile Creation: When you create an account or profile or otherwise use the Services, we collect information such as your name, email address, password, role within your team or enterprise, and an optional profile photo.
- Your Communications with Us: We collect information from you such as email address, phone number, or mailing address when you request information about our Services, register for our newsletter, request customer or technical support, or otherwise communicate with us. We also collect the contents of messages or attachments that you may send to us.
- Surveys: We may contact you to participate in surveys. If you decide to participate, you may be asked to provide certain information including contact information.
- Conferences, Trade Shows, and Other Events: We may attend conferences, trade shows, and other events where we collect contact information from individuals who interact with or express interest in the Services.
- Job Applications: We may post job openings on the Website or Services. If you reply to one of these postings by submitting your application, CV and/or cover letter, we will collect and use your information to assess your qualifications.
Information we automatically collect through your use of DomainGuard
- Information you provide in workspaces, tasks, questionnaires, comments, and other features. Information uploaded to DomainGuard, such as attachments.
- Information regarding your device, including IP address, user settings, cookie identifiers, mobile carrier, mobile advertising and other unique identifiers, details about your browser, operating system or device, location information (including inferred general location based on your IP address).
- Internet service provider, pages that you visit before, during and after using the Website or Services, information about the links you click, information about how you interact with the website or services.
- Any other information you choose to provide while using DomainGuard that identifies or can be reasonably associated with you.
Information we collect from third parties
- We may receive information about you from other Service users, from third-party services, from our related companies, social media platforms, public databases, and from our business and channel partners.
- We may combine this information with information we collect through other means above. This helps us to update and improve our records, identify new customers, and suggest services that may be of interest to you.
3. Cookies and Tracking Technologies
Our Sites and Services (including some of our Service Providers) utilize "cookies", anonymous identifiers, pixels, container tags and other technologies to provide and monitor our Services and Sites, ensure they perform properly, analyze our performance and marketing activities, and personalize your experience. Such cookies and similar files or tags may also be temporarily placed on your device.
Please note that we do not change our practices in response to a "Do Not Track" signal in the HTTP header from a browser or mobile application; however, most browsers allow you to control cookies, including whether to accept them and how to remove them. You may set most browsers to notify you if you receive a cookie, or to block or remove cookies altogether.
The cookies and tags described in this section relate to our marketing site and Managed Service. The public domain scanner at domainguard.org sets no first-party cookies; see The Public Domain Scanner (domainguard.org) above for its specific practices.
4. How We Use Your Information
Our use of personal information is subject to the policy in effect at the time of use. The provisions of this policy supersede all previous notices or statements regarding our privacy practices with respect to this public site and our managed service. We use the personal information we collect to help us better maintain and develop our public sites and products to meet the needs of our visitors and customer users. We sometimes use aggregated data (independent of any personal identifiers) for research and commercial purposes.
We use the personal information we collect through our applications only to perform the services for which we are contractually engaged. Each employer submitting personal information to us is responsible for ensuring the information is accurate, complete, and current. We may make automated decisions on cyber-security issues based on our customer's instructions.
By analyzing this data, we gain insights into visitor preferences and trends, enabling us to optimize our public sites and products for enhanced usability. At times, we may share this anonymized data with trusted third parties to assist us in refining and developing our public sites and products.
5. How We Share Your Information
We may share your personal information as follows:
- To comply with laws or protect ourselves: This may include responding to a court order or subpoena, or in connection with a request from a governmental or quasi-governmental agency or regulatory agency or investigative body, or to enforce our terms and conditions of use, acceptable use policies and the like.
When you use the public domain scanner, we also share information with the service providers that help us run a scan and produce your report. Those scanner-specific recipients (including our email, bot-protection, artificial-intelligence, and threat-intelligence providers) are listed in The Public Domain Scanner (domainguard.org) above.
6. How To Access & Control Your Information
Individuals whose personal information is processed by DomainGuard have the right to access, correct or delete their personal information. We have different methods of addressing changes depending on how we collected information.
If personal information about you has been provided to DomainGuard through the delivery of our services to customers, please contact your employer. Employers are responsible for providing you a mechanism to update, correct, delete, or make changes to your personal information.
If you provided any personal information through our public site(s) you may contact us at [email protected].
7. Data Retention
We store the information we receive as described in this Privacy Policy for as long as you use our services or as necessary to fulfill the purpose(s) for which it was collected, provide our services, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, enforce our agreements, and comply with applicable laws.
Records generated by the public domain scanner are retained on the shorter, automated schedule described in The Public Domain Scanner (domainguard.org) above.
8. Third-Party Websites & Applications
DomainGuard's public sites and applications may contain links to third-party websites, plug-ins, and other online services. When you access these external resources, the owners of those resources may collect certain information about you subject to their own separate policies. Access to those resources is not subject to this policy. We do not endorse, screen, or approve, and are not responsible for, the privacy practices or content of such other websites or applications.
9. Children's Information
Our Services are intended for general audiences and are not directed at children. If you are under the age of 18, you may not have a DomainGuard account or use the Company's products or services. We do not knowingly process any information from, or direct any of our products or services to, children under the age of 18.
10. International Users & Visitors
If you are visiting our public site from outside the United States, you expressly and affirmatively consent to our processing of your personal information in the United States. You acknowledge and agree the level of data protection in the United States may not be equal to the level of protection under the laws of other countries.
When you and your employer use our products, you and your employer are responsible for compliance with all data security laws and regulations applicable to DomainGuard's collection of personal information whether directly or indirectly through your employer.
11. US State Law Requirements
This Privacy Policy describes the categories of personal information we may collect and the sources of such information (in Section 2 above), and our retention (Section 7) and deletion (Section 6) practices. We also include information about how we may process your information (in Sections 1 through 8), which includes "business purposes" under the CCPA. We do not sell your personal information for the intents and purposes of CCPA.
If you have any questions or would like to exercise your rights under the CCPA, you can contact [email protected].
12. Changes to This Privacy Policy
We may change this privacy policy from time to time. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice. We will also keep prior versions of this Privacy Policy in an archive for your review. We encourage you to review our privacy policy whenever you use the Services.
13. Contact Us
Should you have any inquiries or require further clarification regarding the handling of your personal information, please do not hesitate to contact us at [email protected].
DomainGuard, LLC
518 Kimberton Rd Suite 360
Phoenixville, PA 19460
United States