Section 1 – Introduction
These SLD Registry Policies and Terms and Conditions ("Policies") are established for the second-level domains listed above (“SLDs”) by 8 Inc. (“Registry”), the operator of the second-level domain registry for the SLDs. These Policies govern the registration, management, and use of domain names within the SLDs (“Names”). These Policies also apply to any other SLDs operated by Registry that may not be listed above, which are here incorporated in the definition of “SLDs” used herein. Despite the use of the defined term “Policies” these Policies also include certain terms and conditions that form an agreement between Registry and Registrants and Applicants (each as hereinafter defined).
These Policies are designed to provide clear guidance and protections for all stakeholders (“Stakeholders”) involved in the Name lifecycle, including (a) individuals or entities (“Persons”) registering, holding or renewing Names (“Registrants”), (b) Persons attempting or seeking to register Names (“Applicants”), (c) the domain name registrars providing names to Registrants ("Registrars") and (d) CentralNic, Ltd, the party contracted with Registry to provide technical registry services for the SLDs (“CNIC”).
The Policies apply to:
- Applicants seeking to register or renew Names;
- Registrants who hold registered names; and
- Registrars authorized to facilitate Name registrations on behalf of Applicants and Registrants (but not with regard to Section 5).
By engaging with Registry’s registry services, whether through submitting an application, maintaining a registration, or providing registrar services, all such agree to abide by these Policies.
Registry reserves the right to update or refine these Policies. Any updates or amendments will be implemented with at least ninety (90) days prior notice to Registrars, unless immediate changes are necessitated by urgent circumstances such as legal compliance or security threats. Such modifications will also be published on the applicable SLD website. Stakeholders are encouraged to regularly review the latest version of these Policies, available at the SLD websites, as indicated below, to remain informed of their rights and responsibilities.
SECTION 4.7 OF THESE POLICIES CONTAIN AN AGREEMENT TO ARBITRATE ALL CLAIMS. UNLESS REGISTRANTS AND APPLICANTS OPT-OUT AND EXCEPT FOR CERTAIN TYPES OF DISPUTES DESCRIBED IN THE ARBITRATION SECTION BELOW, AEGISTRANTS ANS APPLICANTS AGREE THAT ANY DISPUTES BETWEEN THEM AND REGISTRY WILL BE RESOLVED BY BINDING, INDIVIDUAL ARBITRATION AND REGISTRANTS AND APPLICANTS WAIVE ANY RIGHT TO PARTICIPATE IN A CLASS ACTION LAWSUIT OR CLASS-WIDE ARBITRATION. (Such agreement is not applicable to Registrars.)
DNSSEC
Registry functions for the SLDs are supported by CNIC (www.centralnic.com). Information on its DNSSEC Practices are located at the CentralNic DPS, which is incorporated herein by reference.
Section 2 – Registration Policies
This section establishes the standards, requirements, and procedures governing the registration of Names within the SLDs. It outlines the process for Applicants to secure Names, the obligations of Registrants and Registrars, and the rights reserved by Registry to ensure the integrity, stability, and compliance of its operations.
2.1 Registration Process
Names within the SLDs may only be registered through Registrars contracted with Registry under a Registry-Registrar Agreement, or similar. Applicants must submit a complete and accurate request for a Name ("Application") through a Registrar, which will process the Application on a first-come, first-served basis for available Names, subject to these Policies and any applicable Registrar policies or procedures. A Name is considered registered ("Registration") once the Application is accepted by Registry, payment is confirmed, and the Name is allocated to the Registrant in the Registry’s systems.
2.2 Eligibility and Requirements
Unless otherwise specified for a particular SLD on its respective website (as listed above hereto), there are no specific eligibility restrictions for Applicants seeking to register Names. However, Applicants must provide all required information as stipulated by Registry, including accurate contact details and any additional data mandated by ICANN or these Policies. By submitting an Application, Applicants affirm their authority to request the Name and their intent to comply with all applicable laws and Registry Policies.
2.3 Technical and Syntax Standards
To ensure operational consistency, Names must meet the following technical and syntax criteria:
- For ASCII Names: Consist solely of letters (A-Z, case insensitive), digits (0-9), and hyphens, with a minimum of 1 character and a maximum of 63 characters; must not begin or end with a hyphen; and must not contain consecutive hyphens unless in the third and fourth positions preceded by "xn--".
- For Internationalized Domain Names (“IDNs”): Conform to language scripts supported by Registry.
Language scripts supported by Registry can be found at the CNIC website, located at the following URL: https://centralnicregistry.com/support/information/idn
Registry may impose additional technical requirements as needed, which will be published on the relevant SLD website.
2.4 Registration Term
Names may be registered for a term ranging from one (1) year to ten (10) years, beginning on the date Registry accepts the Application. The specific term must be indicated in the Application. Registrars are responsible for notifying Registrants of impending expiration dates, and Registry bears no obligation to provide such reminders directly to Registrants.
2.5 Representations and Warranties
By submitting an Application, Applicants represent and warrant that:
- The Application is submitted with full authority and does not violate any applicable laws;
- The Name, once registered, will not be used in a manner contrary to law or these Policies; and
- All provided information is accurate, complete, and current, with an ongoing commitment to update it as necessary.
2.6 Registry’s Rights to Deny or Modify Registrations
Registry reserves the right, at its sole discretion, to deny an Application, or to revoke, suspend, cancel, transfer, or lock a Registration, under the following circumstances:
- To safeguard the integrity and stability of Registry’s systems or the SLDs;
- To comply with applicable laws, government regulations, law enforcement requests, or legally enforceable dispute resolution outcomes;
- To prevent civil or criminal liability for Registry, its affiliates, or personnel;
- To enforce compliance with these Policies or the Registry-Registrar Agreement;
- If a Registrant fails to maintain accurate or up-to-date Whois data;
- To address abusive use as defined in Section 4 (Acceptable Use and Anti-Abuse Policy);
- To correct errors by Registry or a Registrar in processing a Registration;
- During the resolution of a dispute involving the Name.
2.7 Availability and Allocation of Names
Names not previously reserved, restricted, or registered ("Available Names") are eligible for registration. Registry may designate certain Names as reserved, as outlined in Section 3 (Reserved Name Policy), and allocate them through methods such as auctions, premium sales, or other mechanisms in Registry’s sole discretion.
Applicants acknowledge that submitting an Application does not guarantee allocation of the requested Name.
2.8 Transfers
Registrants may transfer a Name to another Person eligible under these Policies, provided the transferee agrees to abide by all applicable terms. Transfers must be facilitated through a Registrar that offers the SLDs. Registry may reverse or deny a transfer if it violates these Policies.
2.9 Monitoring and Verification
Registry may periodically review Registrations to ensure ongoing compliance with these Policies. If Registry suspects inaccurate or outdated information, it may request clarification from the Registrant via the Registrar. Registrants must respond within fourteen (14) days to confirm or update details. Failure to respond or provide adequate information may result in suspension or cancellation of the Name.
2.10 Reserved Names
Registry may reserve Names in its sole discretion for any reason, including, without limitation, to facilitate the technical operation of the SLDs, to comply with contractual obligations, to maximize its economic interests or those of its Registar or other partners, and to address other strategic or regulatory considerations. Reserved Names are not available for registration through the standard first-come, first-served process outlined in Section 2.7 (Availability and Allocation of Names).
2.11 Additional Considerations
Applicants and Registrars acknowledge that fees associated with Applications, Registrations, or premium Name processes are distinct and non-refundable unless otherwise specified. Registry assumes no responsibility for errors in Applications (e.g., misspellings or payment issues) and may reject or cancel affected Registrations accordingly.
Section 3 – Acceptable Use and Anti-Abuse Policy
This section defines the acceptable use of Names within the SLDs and establishes measures to prevent and address abusive behavior. Registry is committed to maintaining a secure, stable, and lawful domain environment for all Stakeholders, and this policy outlines prohibited activities, enforcement mechanisms, and reporting procedures to achieve that goal.
3.1 Purpose and Commitment
Registry aims to ensure the SLDs operate reliably and ethically, benefiting Registry, Registrants, Registrars, and the broader Internet community. Abusive use of Names undermines this mission by creating security risks, stability issues, and harm to users. Accordingly, all Registrants and Registrars must adhere to this Acceptable Use and Anti-Abuse Policy ("AUP") when registering, managing, or using Names.
3.2 Prohibited Uses
Registrants agree not to use Names in any manner that constitutes an illegal, disruptive, malicious, or fraudulent action, including, without limitation, the following (“Abusive”) uses:
- Illegal Activity: Engaging in or promoting activities that violate applicable laws, such as distributing malware, hacking, or illegally selling pharmaceuticals without proper authorization.
- Intellectual Property Violations: Infringing on trademarks, copyrights, patents, or trade secrets, including cybersquatting or distributing counterfeit goods.
- Fraud and Deception: Conducting phishing, pharming, or financial scams (e.g., Ponzi schemes, money laundering, or advance fee fraud) to mislead or harm users.
- Spam: Sending unsolicited bulk messages via email, instant messaging, mobile platforms, or forums.
- Malicious Software: Disseminating viruses, worms, trojans, keyloggers, or other harmful code designed to damage or infiltrate systems without consent.
- DNS Manipulation: Hijacking or poisoning DNS traffic to redirect users to fraudulent or harmful destinations.
- Botnets and Fast-Flux Hosting: Operating command-and-control systems or using techniques to obscure malicious activities behind rapidly changing IP addresses.
- Child Exploitation: Distributing or promoting child pornography or any content involving the abuse or exploitation of minors.
- Violence: Engaging in incitement to violence against individuals or groups.
3.3 Registrant Obligations
By submitting an Application or maintaining a Registration, Registrants acknowledge, agree, represent and warrant:
- To use Names solely for lawful and non-Abusive purposes consistent with these Policies; and
- Not to permit or enable others to use Names in violation of this AUP
Registrants are solely responsible for content hosted under their Names. While Registry does not proactively monitor such content, it may investigate complaints or suspected violations as outlined below.
3.4 Detection
Registry may, but is under no obligation to, detect abusive behavior through:
- Internal monitoring and analysis of Registration patterns or system activity;
- Reports from Stakeholders, law enforcement, government agencies, or third parties; and
- Other methods that comply with applicable law.
3.5 Detection and Reporting
To report suspected abuse, anyone may contact Registry via the abuse point of contact located at the relevant SLD website. Reports should include specific details of the alleged violation, such as the Name involved and evidence of abuse.
3.6 Enforcement Actions
Registry reserves the right, at its sole discretion, to take action against a Name or Registrant found to violate this AUP, including but not limited to:
- Suspending, canceling, transferring, locking, or redirecting the Registration;
- Denying future Applications from repeat offenders;
- Reporting violations to law enforcement, regulatory bodies, or industry partners when required or deemed necessary; and/or
- Disclosing Registrant data to authorities or affected parties if legally compelled or critical to resolving abuse.
Actions may be taken with or without prior notice. Any notice will be provided through the Registrar and not to the Registrant directly. Registry is not obligated to provide detailed explanations for its actions but may do so at its discretion.
3.7 Limitation of Liability
REGISTRY SHALL NOT BE LIABLE TO REGISTRANTS, REGISTRARS, OR THIRD PARTIES FOR ACTIONS TAKEN IN GOOD FAITH UNDER THIS AUP TO ADDRESS ABUSE OR ENSURE COMPLIANCE. THIS INCLUDES ANY INCIDENTAL IMPACTS RESULTING FROM SUSPENSION, CANCELLATION, OR TRANSFER OF A NAME.
Section 4 – General Terms and Conditions
This section establishes the legal terms governing the relationship between Registry and Registrants and Applicants (collectively, "Users") engaging with Registry’s services for the SLDs. These General Terms and Conditions ("Terms") apply exclusively to Users and do not bind Registrars, whose obligations to Registry are governed by separate Registry-Registrar Agreements. By submitting an Application or maintaining a Registration, Users agree to be bound by these Terms, in addition to the other sections of these Policies.
4.1 Agreement to Terms
Submitting an Application for a Name or maintaining a Registration constitutes acceptance of these Terms and the Policies as a legally binding agreement between Registry and the User. If a User does not agree to these Terms, they must not submit an Application or maintain a Registration. Users acknowledge that Registry provides its services through Registrars, and these Terms supplement (and do not replace or modify) any agreements Users may have with their chosen Registrar.
4.2 Intellectual Property
All systems, processes, trademarks, service marks, logos, and materials provided by Registry (collectively, "Registry Materials") are the property of Registry or its licensors, protected by applicable intellectual property laws. Users are granted a limited, non-exclusive, non-transferable license to use Registry Materials solely for the purpose of applying for and managing Names in accordance with these Policies. Users may not reproduce, modify, distribute, or use Registry Materials for any other purpose without Registry’s prior written consent.
4.3 Disclaimers
Registry provides its services on an "as-is" and "as-available" basis. To the fullest extent permitted by law, Registry disclaims all warranties, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, or non-infringement. Registry does not guarantee:
- The uninterrupted, secure, or error-free operation of its services or the SLDs;
- The accuracy or completeness of information provided through its services;
- That a Name will be allocated upon Application or remain available for Registration;
- The actions or performance of Registrars, over whom Registry has no direct control.
Users assume all risks associated with their use of Registry’s services, including reliance on third-party systems or Internet connectivity.
4.4 Limitation of Liability
To the fullest extent permitted by law, Registry, its affiliates, officers, directors, employees, agents, and contractors shall not be liable to Users for any indirect, incidental, consequential, special, or punitive damages arising from or related to the use of Registry’s services, including but not limited to loss of profits, data, business opportunities, or goodwill. Registry’s total liability to a User for any claim, whether in contract, tort, or otherwise, shall not exceed the fees earned and received by Registry for the specific Registration at issue, if any. This limitation applies even if Registry has been advised of the possibility of such damages.
4.5 Indemnification
Users agree to indemnify, defend, and hold harmless Registry, its affiliates, officers, directors, employees, agents, and contractors from and against any claims, losses, damages, liabilities, costs, or expenses (including reasonable attorneys’ fees) arising out of or related to:
- Their use or misuse of a Name or Registry’s services;
- Any breach of these Policies, including representations and warranties under Section 2.5;
- Any violation of applicable laws or third-party rights (e.g., intellectual property or privacy rights);
- Disputes involving a Name, including those resolved under ICANN policies such as UDRP or URS.
This indemnification obligation: (a) shall not apply to the extent the obligation arose from the gross negligence or willful misconduct of Registry and (b) survives the termination or expiration of a Registration or the User’s relationship with Registry.
4.6 Governing Law and Disputes
These Terms and the Policies shall be governed by and construed in accordance with the laws of the State of Nevada, United States, without regard to its conflict of law principles. Except to the extent covered under the Arbitration Agreement contained in Section 4.7, any legal action or proceeding arising out of or related to these Terms shall be brought exclusively in the state or federal courts located in Clark County, Nevada. Users irrevocably submit to the jurisdiction and venue of such courts.
4.7 ARBITRATION & CLASS ACTION WAIVER
4.7.1 As used in this section, “Agreement to Arbitrate” means the terms and conditions of this section of these Terms.
4.7.2 User (also referred to herein as “you”) and Registry (also referred to herein as “we”) each agree to resolve exclusively through final and binding arbitration any and all disputes or claims that have arisen or may arise between you and us (including any affiliates, officers, directors, employees, and agents), whether or not such dispute or claim involves a third party, relating in any way to any aspect of our relationship or any contact between us, direct or indirect, or arising out of this or previous versions of these Terms, or your use of or access to our registry services or other services (“Dispute”).
4.7.3 You and we agree as follows:
- (a) To submit the Dispute to a single arbitrator under the then-current Commercial Arbitration Rules of the American Arbitration Association (AAA), including when applicable the Optional Rules for Emergency Measures of Protection and the Consumer Arbitration Rules, or, by separate mutual agreement, at another arbitration institution. The AAA’s rules, information regarding initiating a claim, and a description of the arbitration process are available at www.adr.org. The location of the arbitration and the allocation of fees and costs for such arbitration shall be determined in accordance with the AAA rules. As an alternative, you or we may bring a claim in your local “small claims” court, if permitted by that small claims court’s rules.
- (b) The Federal Arbitration Act governs the interpretation and enforcement of this Agreement to Arbitrate, and the arbitrability of the Dispute. The arbitrator will decide whether the Dispute can be arbitrated.
- (c) You and we agree that each of us may bring a Dispute against the other only on our own behalf, and not on behalf of a government official or other person or entity, or a class of persons or entities. You and we agree, if we are a party to the proceeding, not to participate in a class action, a class-wide arbitration, a claim brought in a private attorney general or representative capacity, or a consolidated claim involving another person’s use of the site or our services. You and we agree not to combine a claim that is subject to arbitration under these Terms with a claim that is not eligible for arbitration under these Terms. You and we agree to waive the right to a trial by jury for all disputes.
- (d) If the prohibition against class actions and other claims brought on behalf of third parties contained in this provision is found to be unenforceable, then all of this provision will be null and void as to that Dispute.
- (e) This Agreement to Arbitrate will survive the termination of your relationship with us.
4.7.4 To the extent permitted under applicable law, all aspects of the arbitration proceeding, and any ruling, decision, or award by the arbitrator, will be strictly confidential for the benefit of all parties.
4.7.5 Unless you and we agree otherwise, if the Agreement to Arbitrate is found by a court to be unenforceable, if your claim is not covered by the Agreement to Arbitrate, or if you neither are a resident of nor have a principal place of business in the US, you agree that any Dispute that has arisen, or may arise, between you and us must be resolved exclusively by a state or federal court located in Clark County, Nevada. You and we agree to submit to personal jurisdiction in such court.
4.7.6 Notwithstanding any provision in these Terms to the contrary, you and we agree that if we make a change to this Agreement to Arbitrate (other than a change to the notice address or the site link provided herein) in the future, that change shall not apply to a claim that was filed in a legal proceeding between you and us prior to the effective date of the change. The change shall apply to all other disputes or claims governed by the Agreement to Arbitrate that have arisen, or may arise, between you and us. We will notify you of a change to this Agreement to Arbitrate by posting the amended terms on the Site at least 30 days before the effective date of the change.
4.7.7 You may opt out of this Agreement to Arbitrate. If you do so, neither you nor we can require the other to participate in an arbitration proceeding. To opt out, you must notify us in writing within 30 days of the date that you first became subject to this arbitration provision. Notice must be provided through the contact form maintained on the website for the relevant SLD (as provided for above hereto) with the subject line “Arbitration Opt-Out.”
4.8 Amendments
4.7.1 As used in this section, “Agreement to Arbitrate” means the terms and conditions of this section of these Terms.
4.7.2 User (also referred to herein as “you”) and Registry (also referred to herein as “we”) each agree to resolve exclusively through final and binding arbitration any and all disputes or claims that have arisen or may arise between you and us (including any affiliates, officers, directors, employees, and agents), whether or not such dispute or claim involves a third party, relating in any way to any aspect of our relationship or any contact between us, direct or indirect, or arising out of this or previous versions of these Terms, or your use of or access to our registry services or other services (“Dispute”).
4.7.3 You and we agree as follows:
- (a) To submit the Dispute to a single arbitrator under the then-current Commercial Arbitration Rules of the American Arbitration Association (AAA), including when applicable the Optional Rules for Emergency Measures of Protection and the Consumer Arbitration Rules, or, by separate mutual agreement, at another arbitration institution. The AAA’s rules, information regarding initiating a claim, and a description of the arbitration process are available at www.adr.org. The location of the arbitration and the allocation of fees and costs for such arbitration shall be determined in accordance with the AAA rules. As an alternative, you or we may bring a claim in your local “small claims” court, if permitted by that small claims court’s rules.
- (b) The Federal Arbitration Act governs the interpretation and enforcement of this Agreement to Arbitrate, and the arbitrability of the Dispute. The arbitrator will decide whether the Dispute can be arbitrated.
- (c) You and we agree that each of us may bring a Dispute against the other only on our own behalf, and not on behalf of a government official or other person or entity, or a class of persons or entities. You and we agree, if we are a party to the proceeding, not to participate in a class action, a class-wide arbitration, a claim brought in a private attorney general or representative capacity, or a consolidated claim involving another person’s use of the site or our services. You and we agree not to combine a claim that is subject to arbitration under these Terms with a claim that is not eligible for arbitration under these Terms. You and we agree to waive the right to a trial by jury for all disputes.
- (d) If the prohibition against class actions and other claims brought on behalf of third parties contained in this provision is found to be unenforceable, then all of this provision will be null and void as to that Dispute.
- (e) This Agreement to Arbitrate will survive the termination of your relationship with us.
4.7.4 To the extent permitted under applicable law, all aspects of the arbitration proceeding, and any ruling, decision, or award by the arbitrator, will be strictly confidential for the benefit of all parties.
4.7.5 Unless you and we agree otherwise, if the Agreement to Arbitrate is found by a court to be unenforceable, if your claim is not covered by the Agreement to Arbitrate, or if you neither are a resident of nor have a principal place of business in the US, you agree that any Dispute that has arisen, or may arise, between you and us must be resolved exclusively by a state or federal court located in Clark County, Nevada. You and we agree to submit to personal jurisdiction in such court.
4.7.6 Notwithstanding any provision in these Terms to the contrary, you and we agree that if we make a change to this Agreement to Arbitrate (other than a change to the notice address or the site link provided herein) in the future, that change shall not apply to a claim that was filed in a legal proceeding between you and us prior to the effective date of the change. The change shall apply to all other disputes or claims governed by the Agreement to Arbitrate that have arisen, or may arise, between you and us. We will notify you of a change to this Agreement to Arbitrate by posting the amended terms on the Site at least 30 days before the effective date of the change.
4.7.7 You may opt out of this Agreement to Arbitrate. If you do so, neither you nor we can require the other to participate in an arbitration proceeding. To opt out, you must notify us in writing within 30 days of the date that you first became subject to this arbitration provision. Notice must be provided through the contact form maintained on the website for the relevant SLD (as provided for above hereto) with the subject line “Arbitration Opt-Out.”
Registry may amend these Terms as part of broader Policy updates, as described in Section 1. Changes will be posted on the applicable SLD website with at least thirty (30) days’ notice before taking effect, unless immediate action is required for legal or security reasons. Continued submission of Applications or maintenance of Registrations after the effective date of amendments constitutes acceptance of the updated Terms.
4.9 Severability
If any provision of these Terms is found to be invalid or unenforceable by a court of competent jurisdiction, the remaining provisions shall remain in full force and effect, and the invalid provision shall be reformed to the extent necessary to make it enforceable while preserving its original intent.
4.10 No Waiver
Registry’s failure to enforce any provision of these Terms shall not constitute a waiver of such provision or any other right. Any waiver must be in writing and signed by an authorized representative of Registry to be effective.
4.11 Contact Information
Users may contact Registry with questions or concerns about these Terms via the contact details provided on the applicable SLD website (listed above hereto).
Section 5 – Privacy Policy
Last Updated: February 1, 2025
Registry values the privacy of Registrants and Applicants (collectively, "Users") who engage with our registry services for the SLDs. This Privacy Policy explains how and why we collect, use, and disclose personal information provided to Registry in connection with Applications and Registrations. Personal information includes data such as names, addresses, telephone numbers, email addresses, and other details that could directly or indirectly identify an individual ("Personal Information").
Users are encouraged to review this Privacy Policy carefully. For questions or to exercise your rights as described herein, please contact us through any method indicated in the “Contact Us” page for the relevant SLD website.
5.1 Collection of Personal Information
User-Provided Information
Registry collects Personal Information from Users via Registrars when they submit Applications or maintain Registrations for Names in the SLDs. This includes information Users voluntarily provide, such as contact details required for registration.
Website Interaction
We may collection information when Users visit an SLD website (listed above hereto). Such use is covered by the Privacy Policy included on such website.
5.2 Domain Name Registration Data
Registration Data We Collect
Registry collects data from Registrars necessary to register and manage Names in the SLDs ("Registration Data"), as required by our agreements with ICANN. This data, which Registrars provide on behalf of Users, includes:
- Domain Name
- Nameservers
- Registrant Name, Organization (if applicable), Address, Email, Phone Number, Fax (if applicable)
- Administrative Contact Name, Organization (if applicable), Address, Email, Phone Number, Fax (if applicable)
- Technical Contact Name, Organization (if applicable), Address, Email, Phone Number, Fax (if applicable)
- Billing Contact Name, Organization (if applicable), Address, Email, Phone Number, Fax (if applicable)
Purpose of Processing
We use Registration Data to:
- Facilitate the registration and functionality of Names;
- Mitigate DNS abuse, including investigating violations of Section 3 (Acceptable Use and Anti-Abuse Policy);
- Maintain an authoritative database for security, stability, and continuity of the SLDs;
- Enhance our services and systems through aggregated, anonymized analysis.
Registry does not collect Registration Data directly from Users; it is provided by Registrars chosen by Users.
5.3 Data Controller Roles
Registry’s Role
Registry acts as a joint data controller with Registrars for Registration Data, processing only what is necessary to operate the SLDs. Our responsibility is limited to this scope.
Registrars’ Role
Registrars are responsible for:
- Collecting Registration Data from Users;
- Providing notice of their own privacy policies and this Privacy Policy;
- Offering Users means to exercise privacy rights (e.g., access, correction, deletion).
Users should direct privacy inquiries to their Registrar first, as Registry has no direct relationship with end-users. We are not liable for Registrars’ privacy practices.
5.4 General Privacy Conditions
Disclosure of Data
Registration Data, including Personal Information, may (but is not required to) be made publicly available via Whois services, except where restricted by law.
Third-Party Processing
Registry may engage third parties (e.g., CNIC) to process Registration Data on our behalf. These parties are required, via written agreements, to comply with this Privacy Policy and applicable data protection laws.
Data Escrow
Registry may, but is not required to, deposit Registration Data with a secure escrow provider to ensure continuity in case of a catastrophic event. This data may be transferred to another registry operator if needed.
5.5 Exceptions to Disclosure Limitations
Registry limits disclosure of Personal Information to the terms of this Privacy Policy, but may disclose it:
- To fulfill a registration-related transaction or provide requested information;
- In emergencies affecting a User’s or another’s vital interests;
- As required by ICANN or applicable law (e.g., court orders, subpoenas);
- To enforce Section 3 (Acceptable Use and Anti-Abuse Policy) or protect DNS integrity;
- To defend Registry’s rights, property, or safety, or that of Users and the public;
- To comply with lawful requests from public authorities, including for national security or law enforcement.
5.6 Information Security and Retention
Security Measures
Registry employs physical, electronic, and procedural safeguards to protect Personal Information from unauthorized access, loss, or misuse. While we use industry-standard measures, no system is entirely secure, and we cannot guarantee absolute protection.
Retention Periods
- Registration Data: Retained for the life of the Registration, plus up to six (6) years post-expiration if needed for legal defense, unless erased earlier per User request (see the Data Subject Rights subsection below).
- Orphaned Contact Data: Data not tied to active Registrations is purged within ninety (90) days.
- Abuse-Related Data: Retained up to six (6) years.
5.7 Data Subject Rights
Access and Rectification
Users may request confirmation of whether Registry processes their Personal Information and, if so, access details such as categories of data, recipients, and retention periods. To correct inaccurate data, Users should first contact their Registrar to update Registration Data, which will sync with Registry’s systems. If unable to do so, Users may contact Registry directly through the contact methods provided in the Contact Us page for the relevant SLD website, and we will rectify verified inaccuracies.
Erasure
Users may request erasure of their Personal Information if:
- It is no longer needed for its original purpose;
- They withdraw consent (where applicable);
- They object to processing without overriding legitimate grounds;
- It was unlawfully processed; or
- Erasure is legally required.
Registry will comply unless an exception applies (e.g., legal obligations).
Portability
If Registry ceases to operate an SLD, this data may be transferred to another registry operator to ensure DNS continuity.
EEA, Swiss, and UK Residents
For Users in these regions, Registry transfers data to the U.S. in compliance with the EU-U.S. Data Privacy Framework (DPF), UK Extension to the EU-U.S. DPF, and Swiss-U.S. DPF, certified by the U.S. Department of Commerce. See https://www.dataprivacyframework.gov/ for details. Users may contact Registry directly through the contact methods provided in the Contact Us page for the relevant SLD website for complaints, with unresolved issues referred to BBB DPF Services (https://bbbprograms.org/programs/all-programs/dpf-consumers/).
5.8 Changes to This Privacy Policy
Registry may update this Privacy Policy periodically. Updates will be posted on SLD websites (listed above hereto) with at least thirty (30) days’ notice, unless immediate changes are required. Continued use of Registry’s services after the effective date constitutes acceptance of the revised Privacy Policy.
5.9 Contact Us
For questions, concerns, or to exercise your rights, contact Registry directly through the contact methods provided in the Contact Us page for the relevant SLD website (listed above hereto).
For EEA residents, complaints may also be directed to:
Office of the Data Protection Commissioner
Canal House, Station Road
Portarlington, Co. Laois, R32 AP23
Ireland
Email: info@dataprotection.ie