Privacy Policy

1. Who We Are

heyDominik LLC (“Company”, “we”, “us”) is the controller of your personal data collected through our websites, mobile applications, and programs including Creator Mentorship, CreatorSprint Lite, CreatorSprint Core, and CreatorSprint Plus, and our other offerings (collectively, “Services”).

2. Data We Collect

• Identification: name, postal address, e-mail, phone number, social-media handles.
• Account & Billing: username, password (hashed), payment tokens, invoices, VAT/Tax IDs.
• Content: photos, videos, scripts, feedback, worksheets, chat logs.
• Usage: log files, IP address, device data, referral URLs, cookies, analytics.
• Communications: e-mails, A2P SMS/MMS records (opt-in status, message history, carrier replies).

3. How We Use Data

• Perform contracts and administer accounts.
• Deliver coaching, digital content, community access, and support.
• Send transactional and marketing messages (e-mail, A2P SMS); opt out anytime.
• Prevent fraud, secure networks, troubleshoot, analyse, and improve Services.
• Comply with legal obligations (tax, bookkeeping, sanctions screening).

4. Legal Bases

(a) Contract (GDPR Art. 6(1)(b)); (b) Legitimate Interest (Art. 6(1)(f)); (c) Consent for marketing (Art. 6(1)(a) and TCPA 47 U.S.C. §227); (d) Legal Obligation (Art. 6(1)(c)).

5. A2P SMS Compliance

By providing your phone number, you consent to receive automated and/or pre-recorded SMS/MMS for account notices, authentication, coaching reminders, and promotions. Message frequency varies; carrier rates apply. Reply STOP to opt out, HELP for assistance. We use registered 10DLC sender IDs and follow CTIA guidelines. Opt-out does not affect transactional security messages.

6. Data Sharing

• Processors: hosting, payment, messaging (e.g., Stripe, Twilio, Slack) under DPA/SCC.
• Professional advisers, auditors, and authorities when required by law.
• We do not sell personal data.

7. International Transfers

Servers may be located in the USA, EU, and UAE. Where EU/UK data is transferred outside the EEA/UK, we rely on Standard Contractual Clauses and the UK Addendum.

8. Retention

• Account records: 7 years after contract end.
• Content & analytics: 3 years.
• A2P consent logs: 4 years or statutory period.

9. Security

ISO-27001-aligned controls, TLS encryption in transit, AES-256 at rest, least-privilege access.

10. Your Rights

You have the right to access, rectification, erasure, restriction, portability, objection, and marketing opt-out. EU/UK residents may lodge complaints with their supervisory authority. Exercise rights via hi@heydominik.com.

California residents (CCPA/CPRA): You have the right to know what personal information we collect, request deletion, opt out of the sale or sharing of personal information (we do not sell your data), and not be discriminated against for exercising your rights. To submit a request, email hi@heydominik.com.

11. Cookies

We use necessary, analytics, and marketing cookies. Manage through our banner or browser settings; see detailed Cookie Notice on our Site.

12. Third-Party Links

Our Services may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to read their privacy policies before providing any personal data.

13. Children

Services are not directed to anyone under 16. We do not knowingly process such data. If you believe a child under 16 has provided us personal data, please contact us at hi@heydominik.com and we will promptly delete it.

14. Do Not Track

Some browsers offer a “Do Not Track” (DNT) signal. Our Services do not currently respond to DNT signals. However, you can manage tracking preferences through our cookie banner and browser settings.

15. Changes

Material updates will be notified via e-mail or in-app. Continued use after notice constitutes acceptance.

16. Contact

Data Protection Officer: hi@heydominik.com
heyDominik LLC, 1309 Coffeen Ave STE 1200, Sheridan, WY 82801, USA