Privacy, Data Protection and GDPR
In the course of registering domain names we often store or process personal data (information that relates to an identifiable natural person).
Within Europe storing and processing personal data, has, since 1984, been governed by explcit laws.
Since our foundation, we have always maintained a strong privacy-oriented policy, particularly in relation to 'WHOIS' data).
Relevant current legislation is the Data Protection (Bailiwick of Guernsey) Law 2017 and equivalent laws in adjacent jurisdictions. From May 25th 2018 the General Data Protection Regulation (GDPR) came into force throughout the EU, including the Channel Islands and the UK.
How do we deal with personal data?
For example, if you make a payment to us using a credit or debit card, we need you to give us your name and some other identifying information in order that the bank may process the payment.
If you are associated with a domain registration (whether as Registrant, or one of the people authorised to manage the registration), we shall need to collect some personal information about you, such as your name, address, telephone number and email address so that we can contact you about the domain name if we have to, and also to be able to verify your identity if you contact us.
You can ask us at any time to let you know whether we are processing personal information about you and request a copy. For security reasons, our practice is to send this by registered mail to a known address (although we might be able to send it to you electronically if we are sure of your identity).
You should also expect us to be able to tell you the purpose of the processing, the categories of personal data held, the recipients or categories of recipient to whom the personal data have been or will be disclosed, the time period for which we expect to store the data and whether we take any decisions automatically on the basis of your personal data (we don't). You may request that we correct, erase or restrict processing or tell us that you object to it. You may also ask us to inform you about the source of the data, which will usually be from you yourself, your agent ("registrar") or your company (if listed as a contact person for them). If you remain dissatisfied with anything related to how we are holding or processing your personal data, you may lodge a complaint with the appropriate Data Protection Authority
For additional information about how we store and process personal information, you may consult our entry on the Guernsey Register of Data Controllers (our registration number is 011044). You may also consult our entry on the UK's Register of Data Controllers (our registration number is Z2372188).