Last modified August 1, 2017
Information we collect
We collect Personal Data we need in order to provide you the services you have purchased from us. We also collect Personal Data we are contractually required to collect by the Internet Corporation for Assigned Names and Numbers (“ICANN”), other domain name registry providers, credit card and payment providers, and third-parties that provide services, such as email and web hosting, that we may offer to you in conjunction with our domain registration services.
All of our services require you to sign up, using your real name and accurate contact information. When you sign up, we will ask for personal and corporate information, including the name of a corporation, your name, postal mailing address, email address, and telephone number.
To make purchases, we will ask you for your payment information, such as your credit card information required by payment processing services to transact your payments to us.
When you sign up for certain services that may result in payments to you, such as domain name divestiture, we may ask for information enabling us to deposit or wire money to your receiving account.
Brandsight Privacy Service, you authorize us to receive email and postal mail on your behalf and forward it to you. When you use this service, we will have access to correspondence intended for you while we are processing it for you and sending it to the email account you have on file with us.
We may collect Personal Data about our services that you use and how you use them. We automatically collect and store certain information in server logs. This server log data may include:
When you select us to configure third party services for use with your domain name, we will ask you for access credentials to those third party services for the sole purpose of performing the configuration of them which you requested us to perform. We will not store or retain your access credentials for longer than necessary to perform such third party service configuration.
How we use the Personal Data we collect We use the Personal Data we collect to comply with contractual requirements for the registration and use of domain names. This includes publishing the name and contact information for domain name registrants in publicly accessible whois databases.
We use the Personal Data we collect from all our services to provide, maintain, protect and improve our services, to develop new services, and to protect us, you, and our users.
We engage other companies and individuals to perform functions on our behalf, such as processing credit cards, archiving data, or handling postal mail. These persons have access to Personal Data needed to perform their functions. These companies do not retain, share, store or use personally identifiable information that you provide to us for any secondary purposes.
We also engage other companies and individuals to provide services to you on our behalf, such as providing SSL or DNS hosting services to you. Many of our service providers have access to Personal Data needed to perform their services. These parties are not allowed to use personally identifiable information except for the purpose of providing these services.
When you contact us, we may keep a record of your communication to help solve any issues you might be facing. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements.
We use Personal Data collected from cookies and other technologies to improve your user experience and the overall quality of our services.
How we handle and store your Personal Data Our primary location is in New York, USA, but we use servers and third-party services outside gloabbly to store, serve and transfer information and manage our services, including services that rely on the use of your Personal Data. In providing services to you, your Personal Data necessarily crosses international boundaries.
Accessing and updating your personal information
Within your account, we provide you with access to your Personal Data used to conduct transactions through the account. For the Personal Data we have for you, we provide tools for you to use to update your information quickly or to delete it from further use. When updating your Personal Data, we may ask you to verify your identity before we can act on your request. We will retain your Personal Data, even if deleted from your account, to the extent required by law or applicable policy required to provide the services to you.
ICANN Data Retention Requirements and Registry Requirements For TLD registrations authorized by the Internet Corporation for Assigned Names and Numbers (“ICANN”), we are required to comply with the ICANN Data Retention Specification which requires us to:
Collect the following information from registrants at the time of registration of a domain name (a “Registration”) and maintain that information for the duration of Registrar’s sponsorship of the Registration and for a period of two additional years thereafter:
The ICANN Data Retention Specification further requires us collect the following information and maintain that information for no less than one hundred and eighty (180) days following the relevant interaction:
Should you have concerns about the ICANN Data Retention Specification, and our obligations under it, we encourage you to contact ICANN at your regional Hub Office or Engagement Center using the ICANN contact form at http://www.icann.org/en/contact
The applicable TLD registry, whether under the authority of ICANN or the applicable ccTLD manager, may impose additional or different data retention requirements as a condition of our being able to offer domain registration services to you.
Information we share
We do not share Personal Data with companies, organizations and individuals outside of our organization unless one of the following circumstances applies:
We work hard to protect our systems and you from unauthorized access to or unauthorized alteration, disclosure or destruction of Personal Data we hold. Specifically, we encrypt many of our services to provide you secure access to our site and your information. We also offer you the ability to enable two-step verification for access to your account. We review our Personal Data collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems. We restrict access to Personal Data to our employees, contractors, and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations and may be disciplined or terminated if they fail to meet these obligations.
We intend to maintain our services in a manner that protects Personal Data from accidental or malicious destruction. Because of this, after you delete Personal Data from our services, we may not immediately delete residual copies from our active servers and may not remove some or all of the information from our backup systems.
Contact for more information
You may inform us of any changes in your Personal Data and we will update or delete your data accordingly. To find out what Personal Data we hold on you or to have your Personal Data updated, amended or removed from our database, please use the tools provided in your account, or contact us at legal-at-Brandsight.com.