Uniregistry was founded on principles of openness and transparency.
Last modified: September 13, 2019
We work hard to protect our systems and you from unauthorized access to or unauthorized alteration, disclosure or destruction of Personal Data we hold. Specifically, we encrypt many of our services to provide you secure access to our site and your information. We also offer you the ability to enable two-step verification for access to your account. We review our Personal Data collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems. We restrict access to Personal Data to our employees, contractors, and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
We intend to maintain our services in a manner that protects Personal Data from accidental or malicious destruction. Because of this, after you delete Personal Data from our services, we may retain your Personal Data for a period of time sufficient to investigate suspected incidents of unauthorized access to your account, malicious destruction of data, legal disputes or instances of abuse.
We collect Personal Data we need in order to provide you the services you have purchased from us. Many of our services require you to sign up for an account using your real name and accurate contact information. When you sign up for an account, we will ask for personal information, including your name, postal mailing address, email address, and telephone number. To make purchases, we will ask you for your payment information, such as your credit card information required by payment processing services to transact your payments to us.
Within your account, we provide you with access to your Personal Data used to conduct transactions through the account. For the Personal Data we have for you, we provide tools for you to use to update your information quickly or to delete it from further use. When updating your Personal Data, we may ask you to verify your identity before we can act on your request.
Domain registration is the service of authoritatively and securely establishing you as the registrant of a domain name. In order to do so, we must inherently be able to identify and confirm you as the registrant of any domain name you have registered with us, and we must have your contact information in order to notify you of expirations and to confirm changes to your domain registration such as, renewals, transfers, or updates to your contact information. To protect against identity fraud we may contact you to confirm the accuracy of information you have provided to us, and we require that you provide redundant means of contacting you, such as by email, telephone or postal mail, to confirm that your contact information is accurate, and/or to investigate whether your contact details may have been subject to misappropriation or identity fraud. The provision of inaccurate or false contact information to us may result in the suspension or cancellation of your services.
We also collect personal data we are contractually required to collect by the Internet Corporation for Assigned Names and Numbers (“ICANN”), other domain name registry providers, credit card and payment providers, and third-parties that provide services, such as email and web hosting, that we offer to you in conjunction with our domain registration services. The applicable TLD registry, whether under the authority of ICANN or the applicable ccTLD manager, may impose additional or different data retention requirements as a condition of our being able to offer domain registration services to you. In order to safeguard your domain name registration in the event of catastrophic failure or other inability to continue to provide domain name registration services to you, we are required to use an ICANN-accredited data escrow provider, so that your services can be transferred to another provider.
When you register your domain name, we will identify your domain name as having been registered through us in public WHOIS data. If you desire to be publicly identified as the registrant of your domain name, we provide the option of having your personal data included in the public WHOIS data. If you are an organizational registrant, the name of your organization will be included in the public WHOIS data.
By default, we will provide users of our WHOIS system the ability to use a web form to contact you about your domain name. We will collect and forward information submitted by users of the web form to your email address. We will maintain a temporary log of metadata about use of the web form by visitors for diagnostic and abuse monitoring purposes, such as in the event we are unable to forward information to the email address you have provided to us.
When you provide contact information to us for registration, transfer, or updates to your registration data, you warrant that such information is accurate. For any domain name for which you are acting as agent for an organization or other person, you warrant that you have the express consent of such organization or person to provide us with the registration data. If you are unable to provide such consent, or if such party should indicate no such consent exists, we may suspend, cancel or otherwise discontinue your services.
When you select us to configure third party services for use with your domain name, we will ask you for access credentials to those third party services for the sole purpose of performing the configuration of them which you requested us to perform. We will not store or retain your access credentials for longer than necessary to perform such third party service configuration.
At all times, you may access your personal data through your account interface in order to update or correct your personal data. We will maintain your data only as long as needed in order to perform our services to you or to enforce any contractual dispute which may arise under our agreement to provide services.
When you engage our Uniregistry Marketplace services, we will ask for information enabling us to credit, deposit or wire money to your receiving account. In order to update you about inquiries received, negotiate terms, or transact a contracted domain transfer from you to another party under the terms of our Uniregistry Marketplace services we will need to reach you via your contact information.
If you have inquired to purchase a domain name through the Uniregistry Marketplace or domain brokerage service, we will ask you to provide contact information to us, so that we may update you about your your inquiry, negotiate terms of transfer, and transact a domain transfer to you in the event that an agreement is reached to transfer a domain name to you. If you are no longer interested in having us contact you about your inquiry, our communications to you include an "opt out" link to discontinue any further communications.
In the event a legal dispute may arise between the parties to a proposed Uniregistry Marketplace transaction, each of the parties will be provided with the other party's contact information, so that they may seek appropriate resolution of the dispute. If you have opted out of further contact we will retain your contact information an communications conducted in connection with your inquiry only as long as may be necessary in order to resolve any dispute which may arise from your inquiry, such as failure to perform an agreed transfer.
We may collect Personal Data about our services that you use and how you use them. We automatically collect and store certain information in server logs. This server log data may include: your Internet protocol (“IP”) address; details of how you used our service, such as your search queries; device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL; cookies that may uniquely identify your browser or your account; device-specific information (such as your hardware model, operating system version, and mobile network information including phone number);
When you contact us, we may keep a record of your communication to help solve any issues you might be facing. In the event your account has been subject to identity fraud or abuse, we will retain all such reports and account information necessary to investigate such circumstances.
We do not share Personal Data with companies, organizations and individuals outside of our organization unless one of the following circumstances applies:
With your consent: We will share Personal Data with companies, organizations or individuals outside of our company when we have your express consent to do so.
We will retain all contact information and data associated with any threat of legal action against us, and we will use such information to initiate or defend against any legal action associated with such threats. Likewise, if you we cancel your services for violations of our Terms of Service or for any abusive or unlawful activity, we will retain such information as may be necessary to prevent or block your use of our services in the future.
We will comply with applicable law and domain dispute policies concerning the disclosure of your information to third parties who may request it for legitimate purposes.
If you are a third party requester of personal data of one of the users of our service, we cannot provide you with such data absent lawful process for access to that data. The Cayman Islands is a signatory to several relevant multi-lateral and bi-lateral international agreements concerning the service of legal process in civil disputes (such as the Hague Service Convention), and the service of warrants and investigative requests in criminal matters. If you are unfamiliar with the procedure for obtaining legal assistance in civil or criminal matters, you may consult such Cayman Islands Government publications as the Cayman Director of Public Prosecutions guide, "Seeking Assistance In Criminal And Civil Matters From The Cayman Islands", or the Cayman Islands' Handbook on International Cooperation & Information Exchange. We will comply with any duly-served document under the relevant civil or criminal procedure established in the Cayman Islands for such purposes.
The provisions of this section on Legitimate Access shall not prevent us from our own investigation and/or reporting of violations of our terms of service, abuse of our services, attacks on our systems, identify fraud, theft of services, or other unlawful or abusive activity, whether we become aware of such circumstances on our own, or whether it is reported to us by a third party. We will forward third party abuse reports to you to address claims of unlawful or abusive activity associated with your account except in circumstances where it is clear to us that doing so would further advance or promote such activity.
To find out what Personal Data we hold on you or to have your Personal Data updated, amended or removed from our database, please use the tools provided in your account, or contact us at firstname.lastname@example.org.