[.UK] Data Protection

Your rights and the law
The main law in the UK on data protection is the Data Protection Act 1998, which reflects the requirements of European Union law.  The best source of advice about your rights under data protection law is the data protection authority for the UK, the Information Commissioner's Office.

You have various rights under the law, one of which is to be entitled to see personal data held by us about you (within some limits) and get us to correct it if it is wrong.

There are several ways you can do this:

  • You should have received a welcome email from us.  This will explain the process for logging into our online service where you can view and update your account details.  This service is free of charge.
  • Your registrar is able to look at our register on your behalf and update most of your contact details (except your name).  All agents have different ways of contact with you - for example, many of them will have online interfaces that you log into.  Depending on your arrangements with your registrar, this may be free or they may charge you.
  • You can use the WHOIS system, to find out some of the information held about your domain name.  This is free.
  • You can write to us, and ask for a copy of the information - we are entitled to charge a small fee for this, but will generally not do so if you only want information about a specific domain name registered in your name.

If you know the information we have is wrong (e.g. you have just moved house) and you want to update it please look at the Change Details page and if you want to change your name, cancel the domain name, or give it to someone else, please see the section on maintaining your domain name.

Our obligations
We are registered with the Information Commissioner to process personal data, and we are required to abide by the data protection principles which control how personal information (but not information about companies etc.) can be collected, used, transferred and deleted.  They seek to ensure a high level of protection for personal data throughout the European Economic Area (i.e. the European Union, Norway, Iceland and Liechtenstein).

As required by the Data Protection Act 1998, we will adopt appropriate security procedures in relation to the storage and disclosure of information provided by you in order to prevent unauthorised access.  Our security procedures mean that we may occasionally request proof of your identity before we are able to disclose personal information to you and this is reflected in condition 5 of our terms and conditions of registration.

Nominet takes protection of our WHOIS very seriously and we have sued people in Australia and the UK for attempts to misuse it.  These cases have bankrupted those involved and resulted in damages and costs orders in our favour of over £500,000.  The WHOIS is protected by automatic detection systems and we are continually looking for ways in which these can be improved.  We also ban users who do not comply with the terms of use.

What we use your personal information for
We need your personal data for various reasons, including those necessary for the purposes of the contract such as internal administration, billing, storage on the register database etc.

When we will give information to third parties
We release personal data to third parties only for the reasons set out in condition 11 of the terms and conditions of registration; i.e.;

  • to the extent that it is shown on the WHOIS (which does not include phone numbers, fax numbers or emails, and is subject to an opt out where consumers can withhold their address);
  • for the PRSS (which shows the same information, and is subject to the same opt out as the WHOIS);
  • for your registrar (who sees all the current information, but no historical information);
  • your proposed registrar (if you are planning to change registrar, your 'new' registrar will want to know a bit about you before taking you on as a customer) - they are told what your current registrar is told;
  • as part of the Dispute Resolution Service (DRS) - if someone is alleging that you are abusing their rights through our DRS system, details of the parties will be given as set out in the DRS Procedure;
  • Police, trading standards units, HM Customs and Revenue, the Office of Fair Trading and other law enforcement bodies that need the information for their investigations (depending on what they need, they can be passed any information, including historical information);
  • Intellectual Property investigators (e.g. solicitors acting for parties claiming trade mark infringement), who may be provided with an address if the opt out is being validly used; and
  • Limited other third parties with valid reasons following the principles in the Data Protection Act.

We do not permit use of your data for direct marketing or for third parties to offer you services or offers.

Telling you when we give information to third parties
From 11 January 2005 where data about a registration, in excess of that available by inspection of the WHOIS and/or PRSS, is passed by Nominet to a third party, then Nominet shall inform the registrant by email at the registrant's email contact address (or if no such address exists, Nominet shall use reasonable endeavours to use an alternative contact mechanism) of the identity of the third party and the information passed to that third party.  This shall not apply:
(a) where the passing of such information is prohibited by law, or
(b) where it has been, prior to the passing of such information, shown by the third party, to Nominet's reasonable satisfaction, that there is a very substantial likelihood that the rights of others will be damaged by disclosing the fact that such information has been passed, or that law enforcement would be prejudiced.

Data transfers outside the European Economic Area
EU data protection law puts different requirements on transfers of data outside approved countries, which mainly consists of the European Free Trade Area (EFTA, which consists of the 25 EU Member States and Norway, Liechtenstein, Switzerland and Iceland).

You should be aware that personal data posted on the WHOIS database may be accessible to countries outside the EFTA.  By registering a domain name you consent to your personal data being transferred out of the European Economic Area and to our use of your personal data for the purposes specified above.

  • 0 uporabniku/om je bi članek v pomoč
Vam je bil odgovor v pomoč?

Povezani članki

[.UK] Rules of Registration and Use of Domain Names

IMPORTANT: The purpose of this document is to describe the Nominet (UK) ("We", "Our"...

[.UK] Terms and Conditions of Domain Name Registration

Change in terminologyCrystal Mark logo of the Plain English CampaignSince these terms and...

[.UK] Dispute Resolution Service Policy

1. DefinitionsAbusive Registration means a Domain Name which either: i. was registered or...