Privacy Policy

Last updated: 2026-06-12 / Established by XTV LLC

XTV LLC ("we" or "the Company") provides the self-commitment monitoring application "NoSurf" (product code: no-surf; "the Service") with a design philosophy of minimal data collection and the highest priority on user privacy. This Privacy Policy ("this Policy") describes how user information is handled in connection with the Service.

We literally don't know who you are.

The Service does not collect personal information such as email addresses, passwords, names, addresses, or phone numbers. This is not a technical limitation — it is a deliberate design choice to protect user privacy at the most fundamental level.

Your browsing data never leaves your device.

The Service observes DNS queries via a local VPN running entirely on-device. DNS responses are passed through unchanged, so browsing is not physically prevented, and the raw data of which websites you visited is never sent off-device. The only information transmitted to our servers is the bare minimum required for month-end settlement under the charged-on-failure model: the SHA-256 hash of each registered URL, the monthly failure flag, and the timestamp when the failure was confirmed (see Article 2).

Article 1 — Information We Do Not Collect

The Service does not collect any of the following:

Email addresses
Passwords
Name, age, gender, or date of birth
Home address
The user's phone number
Contact lists (device address book)
GPS location data
Camera, microphone, or other audio/visual data
SMS or message content
Individual website browsing history (which URLs you visited, how many times, or when)
Raw domain names from individual DNS queries

As a result, it is technically impossible for us to identify any individual user, and we have no way of knowing which specific websites you have attempted to visit.

Article 2 — Information We Collect

We collect only the following information, solely for the purpose of providing the Service:

2.1 Device Identifiers

A device-generated unique identifier (UUID): used as the account identifier, stored in the iOS Keychain (iCloud Keychain sync is not recommended)
An Apple Push Notification service (APNs) device token: used for in-app and push notification delivery

2.2 User-Provided Information

Nickname (optional; used for display purposes only)
Registered domains: the domain string entered by the user is transmitted to our server in SHA-256 hashed form only. The raw domain name is never sent to or stored on our servers; it is stored only on-device (iOS Keychain / SQLite)
The self-commitment amount and time-window settings configured for each registered URL

2.3 Monthly Failure Flag Data

A monthly failure flag per registered URL hash (a boolean indicating whether an access attempt occurred during the month)
The timestamp when the failure was confirmed (for push notification scheduling)
Dispute status (a flag indicating whether a cancellation request has been made)
Periodic heartbeat signals (daily): used to detect uninstallation

Individual DNS query logs are never sent to our servers. What our servers record is only a monthly boolean per URL hash — whether a failure occurred that month — and nothing more. The number of access attempts within the same month, or the precise time of each attempt, is not transmitted. If no failure flag is set for a URL, no detection history for that URL is retained on our servers.

2.4 Payment-Related Information

Stripe Customer ID: only this ID is stored on our servers
The month-end aggregate PaymentIntent ID and monthly billing history
Pro subscription status and Stripe Subscription ID

Regarding payment details such as card number, expiry date, and CVC
These are handled by Stripe, Inc. in accordance with PCI DSS standards. They are never stored on our servers and we have no access to them whatsoever.

Article 3 — Purpose of Collection

We use the information we collect solely for the following purposes:

Providing the Service (observing DNS queries, triggering notifications, managing registered URLs)
Processing month-end settlement under the charged-on-failure model for each registered URL
Providing and managing the Pro subscription
Processing disputes
Detecting uninstallation (absence of heartbeat signal)
Preventing unauthorized use
Improving the Service (on an aggregated, anonymized basis only)

Information collected will not be used beyond the scope of the purposes listed above.

Article 4 — Third-Party Disclosure and Sub-Processors

We do not provide collected information to third parties except in the following circumstances:

When the user has given consent
When disclosure is required by law
When necessary to protect the life, body, or property of a person

However, we entrust data processing to the following service providers solely for the purpose of delivering the Service:

Sub-Processor	Purpose	Privacy Policy
Stripe, Inc. (headquartered in the United States)	Payment processing, card data storage, authorization and capture execution, subscription management	https://stripe.com/privacy
Supabase, Inc. (headquartered in the United States)	Backend infrastructure, database management (project: sakkyo)	https://supabase.com/privacy
Apple Inc. (headquartered in the United States) / APNs	In-app and push notification delivery	https://www.apple.com/legal/privacy/
Vercel Inc. (headquartered in the United States)	Hosting for the landing page, Terms of Service, and Privacy Policy	https://vercel.com/legal/privacy-policy

These sub-processors are contractually obligated to handle data appropriately in accordance with our agreements with them and their own privacy policies.

Article 5 — International Data Transfers

Data from the Service is stored on servers operated by Stripe (US and Japan regions), Supabase (US or EU regions), Apple (US region), and Vercel (US region).
These sub-processors implement appropriate data protection measures, including compliance with applicable laws such as the GDPR and CCPA, as well as technical and organizational safeguards such as encryption.
Pursuant to Article 28 of the Act on the Protection of Personal Information (Japan), please contact us separately for information regarding the handling of personal information by the above transfer recipients.

Article 6 — Data Retention and Deletion

All user-related data stored on our servers will be deleted at the following points:
- When the cancellation flow takes effect (7 days after the request is submitted)
- When uninstallation is confirmed
- When we discontinue the Service
Data subject to deletion includes: device UUID, nickname, hashed domain list, category selection state, watch session history, self-commitment amount history, heartbeat history, APNs device token, Stripe Customer ID, and related data.
Payment records retained by Stripe (Customer ID, PaymentIntent history, billing history, etc.) will be retained for the period required under Stripe's terms and applicable Japanese law, including the Electronic Books Preservation Act (Japan).

Article 7 — User Rights

Users have the following rights regarding their own data:

Right of access: You may view your registered domains, self-commitment amount history, watch session history, and billing history through the in-app dashboard.
Right to deletion: You may delete your data from our servers by using the cancellation flow or uninstalling the app. Deletion is executed when the cancellation takes effect or when uninstallation is confirmed.
Deletion requests from sub-processors: For requests to delete data held by sub-processors such as Stripe, please contact us separately.
To exercise any of these rights, please reach out via the contact details in Article 10.

Article 8 — Cookies, Ad Tracking, and Analytics

The Service (mobile application) does not use browser cookies.
iOS advertising identifiers (IDFA) and similar advertising identifiers are not used. The Service does not display an App Tracking Transparency (ATT) prompt.
No third-party advertising networks or analytics tools are used within the Service, and no third-party advertisements are displayed within the Service.
However, our website (no-dial.com) uses Google Analytics, an analytics tool provided by Google LLC, to understand and improve how the site is used. Google Analytics uses cookies and similar technologies to collect browsing information (pages viewed, time on page, approximate region, browser type, etc.); this information does not include personally identifying details such as your name or address. The collected information is handled in accordance with Google's Privacy Policy. You can disable this data collection at any time using the Google Analytics Opt-out Browser Add-on.

Article 9 — Changes to This Policy

We may update this Privacy Policy from time to time.
When changes are made, we will notify users of the content and effective date through in-app notifications.
For material changes (such as the addition of new categories of information collected or new third-party recipients), we will obtain renewed consent from users.

Article 10 — Contact

Company name	XTV LLC (Japanese legal name: 合同会社XTV)
Representative	Tomoya Tokudome
Address	2-10-1 Ebisuminami, Shibuya-ku, Tokyo 150-0022, Japan
Contact email	info@no-dial.com

Supplementary Provisions
This Policy takes effect on June 12, 2026.