GDPR, short for the General Data Protection Regulation, is a regulation in European Union law designed to give EU citizens and residents greater control over their personal data, particularly regarding how this data is controlled and processed by companies. This regulation demands careful consideration of the ways that companies handle personal information of European citizens and residents. The GDPR is effective May 25, 2018.
GDPR aims to protect EU subjects from companies using their data irresponsibly and puts them in charge of what information is shared, where and how it's shared. It also makes data protection expectations identical throughout EU member states, which helps companies because they must now comply with a standard set of rules when doing business with EU subjects.
To learn more about GDPR, please visit https://www.eugdpr.org/.
GDPR and domain names
To abide by GDPR principles, Tumalu provides a GDPR Protection setting for all domain names where any of the registrant, admin, technical or billing contact bears the personal information of a user from the European Economic Area (EEA). This setting ensures that the information of such users will be replaced with placeholder text in the public WHOIS records.
The GDPR Protection setting is applied automatically for all eligible domain names, but can be disabled by the domain name holder by providing explicit authorization.
When is GDPR Protection enabled?
The GDPR Protection setting is enabled for domain names when
- a domain name is registered or transferred in to Tumalu if at least one contact is from the EEA
- the contact information of a registered domain name is modified to use at least one contact from the EEA
Key differences between Privacy Protection and GDPR Protection
The GDPR Protection setting above is completely independent of the Privacy Protection service offered by Tumalu. The main differences are listed below.
|GDPR Protection||Privacy Protection|
|Available only for domain names with at least one contact from the EEA||Available for all domain names, except on TLDs that don’t permit this feature|
|Free of cost for eligible domain names||A cost may be charged for this service|
|Provides no means for genuine inquirers to contact the domain name holder||Allows genuine inquirers to contact the domain name holder through a web form|
If you have registered a domain name managed by a registry that requires us to provide your data to the registry, then such data may be published in a publicly available Whois database by the registry. If you do not wish to have this data shared or published, you will need to delete the domain registration with the registry.