Cheaper Domains has created this privacy statement in order to demonstrate our firm commitment to protecting your privacy.
The following discloses our information gathering and dissemination practices for our web site.
When you visit the Cheaper Domains web site, you can expect to be notified of:
information this site gathers / tracks about you
which organisation is collecting the information
what this site does with the information it gathers / tracks
with whom this site shares the information it gathers / tracks
what choices are available to you regarding collection, use and distribution of the information
this site's policy on correcting and updating personally identifiable information
this site's policy on deleting or deactivating your name from our database systems
security procedures to protect the loss, misuse or alteration of information under our control
links to other sites not under our control
We suggest that you practice reasonable discretion with any site when providing site operators / owners with personal information. It should also be noted that whenever you post personal information in publicly accessible places such as chat rooms or message boards, this information becomes available to anyone with access to the Internet. Therefore, we recommend that you refrain from posting any information that you do not want seen in these public areas.
You should feel free to contact any site that requests personal information from you if you have any questions regarding its policies. If you have any questions about this privacy statement, the practices of this site or your dealings with this web site, contact Cheaper Domains.
What Information Does Cheaper Domains Collect?
At different times, Cheaper Domains may collect three types of information about you. Firstly, we use a feature of your browser called a "cookie" to assign identification to your computer. The cookie automatically identifies your computer - but not you - to our servers every time you visit our site. Cookies, by themselves, cannot be used to find out the identity of any user. Unless you specifically tell us, we will never know who you are, even though we assign your computer a cookie. You can turn the cookie's feature off by using your browser preference options - although you may not be able to utilise some services properly.
Secondly, we keep track of your IP address to help diagnose problems with our server and to administer our Web site. Your IP address is also used to gather broad demographic information about you, such as your location and your Internet Service Provider. Cheaper Domains may also collect aggregate information on how our users are utilising the site. This might include information regarding traffic patterns through the site and search queries.
Thirdly, at specific times we may ask you to provide us with personal information in order for you to register for a service (e.g. Cheaper Domains Email, Web Hosting) or to enter a competition. You may choose not to provide us with this information; however, this may limit our ability to provide you with a specific service or offer you personalised content. For example, Cheaper Domain’s Product and / or Service Registration Form requests that you provide contact information (such as an email address) and demographic information (such as post / zip code, your age and income level), as well as information regarding your interests.
You may "opt-out" of receiving mailings from us (see the delete/deactivate section below). Web Hosting registrations require similar contact information, demographic information and, if purchasing a service, credit card details. All transactions are protected through encryption and are never disclosed to a third party not directly involved in the transaction. Users may "opt-out" of receiving future mailings (see the delete/deactivate section below).
What Organisation Is Collecting The Information?
Cheaper Domains usually collects the requested information, however, we have chosen select partners in order to provide you with a full-service web site. Cheaper Domain’s partners provide users with services such as secure payment services. In order to use these services, it may be necessary to enter information which then goes to our partner and is not kept by Cheaper Domains.
What Does Cheaper Domains Do With The Data It Collects?
Whenever Cheaper Domains collects data, it is intended to tailor or improve the experience of visitors to our site. From the data collected we can offer content based on the user's preferences. We analyse what our users prefer in order to improve Cheaper Domains. We may use information from a "cookie" (a feature of your browser used to assign identification to your computer) to control the frequency of individual advertisements to individual computers, as well as to target advertisements to broad demographic segments as collected in other parts of our Web site. For example, if an advertiser wants to target males between the ages of 25-40, we may limit ad presentation to this group. We may also use information about your interests to display banner advertisements.
On occasion, we will send e-mail communications to provide you with information which we think you will find useful, including information about new products and services from Cheaper Domains. We might also contact you to see if you are interested in participating in market research regarding Cheaper Domains. It is our policy to send e-mail only to customers who give us permission to do so. In every such e-mail, we will also have instructions on how to unsubscribe and avoid receiving any future e-mails from us. Please see our "Opt-Out Policy" section below.
With Whom Does Cheaper Domains Share Data?
Cheaper Domains will not disclose any of your personal information to a third party without your consent, unless we believe, in good faith, that the law requires it or that the rights or property of Cheaper Domains need to be protected/protection.
What Choices Are Available Regarding Collection, Use And Distribution Of The Information (Opt-Out Policy)?
Our site provides you with the opportunity to "opt-out" of receiving communications from us and our partners at the time we ask you for this information. In addition, whenever we contact you via e-mail, we will also have instructions on how to unsubscribe so that you will not receive any future e-mails from us if you so choose.
As previously noted, you may choose to not provide us with any of the information we request, however, this may limit our ability to provide you with a specific service or limit our ability to offer personalised content. For example, Cheaper Domain’s E-mail Registration Form requests your contact information (such as your e-mail address), demographic information (such as your post/zip code, age and income level), as well as information regarding your interests.
Deletion / Deactivation
The following avenues are provided for deletion from Cheaper records in order to stop receiving communications and/or to no longer receive our services.
You can send an email to firstname.lastname@example.org
You can send mail to the following postal address:
PO Box 887
Procedures Designed To Protect The Loss, Misuse Or Alteration Of Information Under Cheaper Domains Control
See AUDA's WHOIS policy here
Cheaper Domains has taken measures to ensure that information is accessible only to the user who has initially entered the information. Only select individuals at Cheaper Domains have access to this information. In both situations, the information is accessible only after a password has been entered.
Links To Other Sites
Cheaper Domains contains links to other sites not affiliated with Cheaper Domains. These sites have their own policies and practices with respect to online privacy, and Cheaper Domains cannot be responsible for the privacy practices or the content of these unaffiliated Web sites.
In addition, in certain instances a Cheaper Domains advertiser may ask you for personal information. Cheaper Domains cannot be held responsible for the privacy practices of its advertisers; however, Cheaper Domains encourages our partners and advertisers to adopt privacy policies similar to our own.
European Union - GDPR Addendum
Policy between Cheaper Domains and its Customers/Resellers (“Customers” )
"Cheaper Domains" and "Customers" are also referred to herein as “Party” and “Parties”.
On 25th of May 2018, it is agreed between the above Parties the following:
1.1. In this Data Processing Addendum, unless the context otherwise requires the following definitions apply:
- “Data Controller” has the meaning set out in Article 4(1) of the GDPR.
- “Data Subject” means an identified or identifiable natural person who is the subject of Personal Data.
- "Data Processing Addendum" means this addendum (including any schedule or annexure to it and any document in agreed form);
- “Data Protection Authority” the relevant data protection authority in the territories where the parties to this Agreement are established.
- “GDPR” means Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and such enabling legislation or other applicable laws Data Protection Act 1998, the Privacy and Electronic Communications EC Regulations and any laws or regulations, ratifying, implementing, adopting, supplementing or replacing the GDPR; and such laws are updated, amended or replaced from time to time.
- “Personal Data” has the meaning set out in Article 4(1) of the GDPR and relates only to personal data (whether or not comprised in registration data), or any part of such personal data.
- “Processor” and “Processing”” have the meaning set out in Article 4(1) of the GDPR and “Process” shall have a corresponding meaning.
2. Data Processing obligations
2.1. Applicability Both Parties will comply with all applicable requirements of the GDPR in relation to any European Union Data Subject wherever they may reside. This Addendum is in addition to, and does not relieve, remove or replace, a Party’s obligations under the GDPR or all other applicable laws, enactments, regulations, orders, standards and other similar instruments that apply to its personal data processing operations. Note as EU data subjects may reside anywhere in the world Cheaper Domains will apply these terms globally
2.2. Purpose and Scope. Cheaper Domains under this Agreement provides solutions to allow the Customer to offer directly or to third parties registration, renewal, and transfer of domain names and related services. The Customer acts as the Controller relating to the end user or third party contracts, if applicable but is the Processor in so far as providing any such Personal Data to Cheaper Domains which processes the data by recording of the services, transmitting such data as required to the ROs, processing data to data escrow agents and sharing of such data in relation to other third party services. Cheaper Domains manages the systems and operations in collection of data, processing to third parties and acting in compliance with its Registrar Accreditation with ICANN, or as the proxy registrant of the ccTLD registrations if applicable. In relation to policy requirements of each of the TLD, SLD or ccTLD these are set by the RO. Any additional processing is governed by the respective RRA and Registry Policy. With regards to WHOIS data, Cheaper Domains will implement Privacy Services in its sole discretion. Cheaper Domains and Customer may process (disclose) or share personal data to comply with applicable laws, court orders, dispute resolution procedures as applicable, and to avoid any liability.
2.3. Cheaper Domains is the Controller in so far as Cheaper Domains manages in the performance of the functions of clause 2.2 in relation to Personal Data provided by Customer.
2.4. Fair and Lawful processing Both Parties shall Process the Personal Data only to the extent, and in such a manner, as is necessary, in compliance with all applicable laws and in accordance with the applicable registry and ICANN requirements from time to time and shall not Process the Personal Data for any other purpose without the consent of the Data Subject. Both Parties shall keep a record of any Processing of Personal Data they carry out.
2.5. Accuracy Cheaper Domains and Customer shall promptly comply with any request from a Data Subject to amend, transfer or delete their Personal Data subject always to any legitimate interest for retention of data to meet applicable lawful or statutory requirements.
2.6. Security Cheaper Domains and Customer shall each implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk of processing Personal Data under this Agreement and to safeguard against the unauthorised or unlawful processing of Personal Data and against the accidental loss or destruction of, or damage to, Personal Data. It is the responsibility of each Party to ensure that all its staff members are appropriately trained to handle and process Personal Data.
2.7. Data Subject Rights Cheaper Domains and Customer shall each implement appropriate technical and organisational measures, insofar as possible, for the fulfillment of their obligations under Chapter 3 (Rights of the Data Subject) of the GDPR.
2.8. Controller and Processor Cheaper Domains and Customer each taking into account the nature of processing shall each ensure compliance with Chapter 4 (Controller and Processor) of the GDPR and in particular: Sections 2 (Security of Personal Data) and Section 3 (Data protection impact assessment).
2.9. Accountability Cheaper Domains and Customer shall each make available to the each other the information necessary to demonstrate compliance with this Addendum.
2.10. Complaints If either Party, receives any complaint, notice or communication which relates directly or indirectly to the Processing of the Personal Data or to either Party’s compliance with the GDRP and the data protection principles set out therein, it shall immediately notify the other Party and provide the other Party with full cooperation and assistance in relation to any such complaint, notice or communication.
2.11. Breach Response Each Party agrees and undertakes that it shall promptly and in any event within 24 hours of becoming aware of it, notify the other Party of any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to, personal data transmitted, stored or otherwise processed under this Agreement that would have a risk of harm to the rights and freedoms of Data Subjects.
2.12. Data Access Limitation Cheaper Domains and Customer shall each ensure that access to Personal Data is limited to those of its personnel who need access to the Personal Data to enable each Party to comply with its obligations under this Policy and in any case only to such part of parts of the Personal Data as is strictly necessary for the performance of the employee’s duties. Cheaper Domains and Customer shall ensure that those of its personnel handling Personal Data are informed of the confidential nature of the Personal Data and are aware of their obligations under this Policy and the law.
2.13. SARS Request Cheaper Domains shall notify the Customer within 72 hours if it receives a request from a Data Subject for access to that person's Personal Data and shall provide the Customer with full cooperation and assistance in relation to any request made by a Data Subject to have access to that person’s Personal Data. This may include referring such Data Subject to the Customer in relation to a domain name registration and directing them to such website(s). Cheaper Domains shall not disclose the Personal Data to any Data Subject or other third party other than at the request of the Customer or Data Subject, to comply with law enforcement, to comply with court orders, (or recognized legitimate interest under ICANN consensus policy) or as provided for in this Policy.
2.14. Data Audit Each Party reserves its rights to assess the other Party's arrangements for the processing of Shared Personal Data and to terminate the Agreement where it considers that the other Party is not processing the Shared Personal Data in accordance with this Agreement. In the event such Party wishes to exercise rights of inspection, the Party must produce grounds for such inspection and justification after all other inquiries have been undertaken.
2.15. Third Party Processors The Parties accept that either Party may engage with other third party processors or subcontracts to perform particular services for such parties, in the event of an engagement the Parties must have written agreements that cover all the responsibilities in relation to Personal Data set out herein and in accordance with the GDPR.
2.16. Transfers outside of the European Economic Area. Cheaper Domains and Customer agree to not transfer data originating from EEA to third parties outside of the EEA unless it: is necessary in relation to the Purpose at clause 2.2, is with the consent of the Data Subject, complies with the provisions of the GDPR in the form of contractual commitments for safeguarding Personal Data, or Binding Corporate Rules in accordance with Article 44 - 50 of GDPR. In any event the Party shall inform the Data Subject of the likelihood of transfers outside of the EEA in the provision of Services and obtain consent.
2.17. Retention and Deletion. Each Party shall not retain or process Personal Data for longer than is necessary for the purposes in clause 2.2 save that each Party may retain such Personal Data in accordance with statutory retention periods in their respective countries. Each Party agrees to destroy data in accordance with best practices to ensure it is destroyed.
2.18. Resolution of disputes with Data Subjects or the Data Protection Authority. In the event of a dispute or claim brought by a Data Subject(s) or the Data Protection Authority concerning the processing of Personal Data against either or both Parties, the Parties will inform each other about any such disputes or claims, and will cooperate with a view to settling them amicably in a timely fashion.
2.18.1. The Parties agree to respond to any generally available non-binding mediation procedure initiated by a Data Subject or by the Data Protection Authority. If they do participate in the proceedings, the Parties may elect to do so remotely (such as by telephone or other electronic means). The Parties also agree to consider participating in any other arbitration, mediation or other dispute resolution proceedings developed for data protection disputes.
2.18.2. Each Party shall abide by a decision of a competent court of the Data Discloser's country of establishment or of the Data Protection Authority which is final and against which no further appeal is possible.
2.19. Rights of Third Parties Except as expressly provided in this Addendum, a person who is not a party to this Agreement shall not have any rights under the Contracts (rights of Third Parties) Act 1999 (UK) to enforce any term of this Agreement.
3. Commencement and Termination This Data Processing Policy shall take effect from the date above and shall continue in force until stated otherwise.
4. Prevailing Terms To the extent that the provisions of this Data Processing Addendum conflict with the provisions of this Policy, this Data Processing Addendum shall prevail.