Privacy Policy

The following page provides a full copy of our Privacy Policy and all relevant definitions.

For relevant definitions and a glossary of terms, please click here. 

1. Policy Statement

The IE Domain Registry Limited is committed to protecting the privacy of personal information provided to us through the use of our Site and Services.

Accordingly, our Privacy Policy has been designed to ensure all users of these facilities have a clear and transparent understanding of how their personal data is handled and maintained after its provision to us.

All parties are asked to ensure that they familiarise themselves with this policy before providing any personal information through our Site or Services.

This Privacy Policy is a legal requirement and you must read through it and accept it. If you disagree with any part of this Privacy Policy, wish to query it, or refuse the processing permitted below, you are welcome to contact us, however please ensure you do not attempt to input any personal data into the Site, or use our web Services, as any such information submission will be subject to the terms outlined in the Privacy Policy.

Personal data provided to the IEDR is used solely as outlined in this policy, and is not held by the IEDR for longer than is necessary for the purposes for which it was obtained.

Our contact email address is privacy@iedr.ie and our telephone number is 01-2365400. You may use these contact details to discuss any matters relating to the processing of your personal data collected from you by us.

2. Authority

2.1. By agreeing to the terms of this Privacy Statement, you undertake:

2.1.1 that if you are the Registrant, that the information you provide us with (including personal data) relates to you and not anyone else;

2.1.2 that if you are a Contact, or a Registrar acting for the Registrant, that you have the authority of the Registrant to supply the information (including personal data) to us, to modify it and to authorise us to collect and process the personal data in order to operate the System and provide the Services, in accordance with the terms of this Privacy Statement, the Whois terms and conditions and the general Site terms and conditions;

2.1.3 where you are a Registrar, that all information (including email address) or data, (including personal data) submitted/inputted by you is the data of the Registrant for whom you act as a Contact for the registration of the domain name concerned and not Registrar’s own data. After the initial registration process, the Registrar undertakes that the data in the Whois database is at all times the data of the Registrant for whom he acts and not his own data.

2.1.4 where you are a Registrar, not to register or seek to register domain names without being specifically instructed to do so by Registrants. Notwithstanding the foregoing, the Registrar may register domain names solely for his own use in accordance with the IEDR Registration and Naming Policies without being specifically instructed to do so by Registrants.

2.1.5 if you are the Registrant or the Registrar acting on behalf of the Registrant, to notify IEDR immediately of any change in the information (including personal data) relating to the Registrant.

2.2 The Registrant or the Registrar acting for the Registrant as the case may be, hereby authorise us to process personal data in accordance with the terms of this Privacy Policy.

Without prejudice to the foregoing this includes the authority for us:

2.2.1 in response to a request from an Admin Contract to make any changes, transfers or deletion of the domain names as the Admin Contact may request;

2.2.2 in response to a request from a Tech Contact to process and or to modify as requested, details of the nameservers listed on the Registrant’s domain name;

2.2.3 in response to a request from a Billing Contact to accept payment of the initial registration fee and the annual renewal fees for the Registrant’s domain name, or to reinstate or reactivate an unpaid domain name.

2.2.4 in response to a request from a Billing Contact to accept Admin Contact, and Tech Contact changes.

3. Collection of Personal data

The following personal data is collected for the internal use of IEDR (some of which is also made available through the Whois look-up facility provided in clause 5.1 below):

  • the full legal name of the Applicant;
  • the Class of the Applicant;
  • email address;
  • the category of domain name;
  • the name and contact details of the contact persons for the domain name;
  • the fully qualified domain name (FQDN) for a minimum of two distinct nameservers for the new domain and the IP number of a nameserver (if it is technically required);
  • information relating to Applicants real and substantive connection with Ireland and data or information which supports the Applicant’s claim to the Domain Name;
  • information in any self-issue letter outlining a claim to a domain name;
  • such additional data or information as we may request from time to time in connection with the provision of the Services.

Finally, we collect details of all searches and use made of the Site including of the Whois facility, Registrar Console and the Registrar API for the purposes of; the determination of the availability of the Site, pinpointing specific points of failure on the Site, characterising attacks on the Site, detecting and preventing unacceptable use of our System, identifying mis-configurations of the System, and identifying compromised parts of the System.

4. Processing of Personal data.

4.1 The Registrant agrees that we may use his personal data:

4.1.1 to control, operate, develop, and maintain the Register; to provide the Services and to develop the Services and to exercise the rights and authorities granted to us by Registrant’s or their Registrars;

4.1.2 to process a request (made by him, his Contact or the Registrar on his behalf) to register or renew or transfer or accept a deletion request of a domain name in compliance with the IEDR Registration and Naming Policies, Rules and the IEDR terms and conditions;

4.1.3 to acknowledge and deal with requests (including make changes) emanating from a Registrant or Registrar and follow the status tracking thereof;

4.1.4 to inform a Registrant or Registrar about procedures for a Registrant to renew the domain name and for recording a transfer, surrender or change of Registrant or Registrar for the domain name;

4.1.5 to transfer a domain name following a decision of an ADR Provider or following a decision of a competent legal or judicial or regulatory authority;

4.1.6 to offer secure payment services in respect of the Services and to process payments;

4.1.7 to provide the Whois facility;

4.1.8 to block access to a domain name or to suspend or reactivate a domain name or to lock a domain name or delete a domain name in accordance with the IEDR Registration and Naming Policies and Rules;

4.1.9 as provided in clause 8 below.

5. Disclosure

5.1 Disclosure on the Whois facility

5.1.1 As indicated above, certain information including personal data is collected as part of providing the Services. The Registrant acknowledges and agrees that certain parts of that information (as detailed below) can be accessed and viewed by any user of the Site (including a user outside the EEA) on the Whois facility, accessible on the Site.

Irrespective of whether the Registrant is a private individual (natural person) or is a legal person or another form of organisation, the Registrant agrees that IEDR may publish the following information in its Whois facility;

  • the full legal name of the Registrant;
  • the Class of the Registrant;
  • the category of domain name;
  • the name of the Admin Contact person for the Registrant;
  • the Nic Handle specified by IEDR associated with the Admin Contact of the Registrant;
  • The name of the Tech Contact person for the Registrant.

5.2 Disclosure to Registrars

Where a Registrant has appointed a Registrar to act on his behalf, the Registrant authorises IEDR to grant full online access to the System via the Site to the Registrar to the Registrant’s information, held in electronic format by IEDR including the Registrant’s name, email address, postal address, phone number, fax number and his or her name server details/labels.

5.3 Disclosure to Registrars on the Registrar Console and/or API

5.3.1 The Registrant authorises IEDR to disclose and make available the following information (including personal data) to Registrars through the Registrar Console and/or API in relation to those Registrants for whom they act, including, but not limited to:

5.3.1.1 a list of Registrar’s portfolio of domain names;

5.3.1.2 a list of new Registrants (registered by Registrar) over a selected time period;

5.3.1.3 viewing of domains that will be billable in the coming months

5.3.1.4 viewing of domains transferred at their request to other Registrars;

5.3.1.5 examination of past invoices;

5.3.1.6 viewing of Registrant’s Technical and Administrative Contacts by domain name;

5.3.1.7 statistical analysis of the Registrar’s portfolio of registered .ie domains.

5.4 Disclosure generally

5.4.1 Registrant authorises IEDR:

5.4.1.1 to make Registrant’s personal data available in the Register as provided herein;

5.4.1.2 to make certain of Registrant’s personal data available on the Whois (access details are contained within the Whois Policy) and Registrars Console in accordance with clause 5.1 and 5.3 above respectively;

5.4.1.3 to make personal data available to Registrant’s current Registrar or Contact;

5.4.1.4 to disclose Registrant’s personal data to the Administrative Panel as required by the DRP;

5.4.1.5 to disclose Registrant’s personal data to third parties (including to ComReg), in order for us to comply with law, regulatory requirement or legal process, or for any of the following purposes, obtaining legal advice, taking legal proceedings, establishing, exercising or defending legal rights, including to enforce the IEDR Registration and Naming Policies and Rules, and/or the Whois terms and conditions or these conditions.

5.5 Registrant and Registrar agree that their respective IP addresses may be supplied to regulatory or legal authorities in connection with fraud or other formal investigations.

5.6 Registrant or Registrar as the case may be also agree that if a Registrant or Registrar is offensive or sends to the Site objectionable content or otherwise engages in any disruptive behaviour on the Site, that IEDR can use whatever information that is available to it about the Registrant or Registrar to stop such behaviour. This may involve informing relevant third parties such as law enforcement agencies about the content and Registrant’s or Registrar’s behaviour.

5.7 In order to provide the Services, it may be necessary for Registrant information to be transferred and disclosed to service providers within the EU who provide backup and other data processing services to us or to service providers inside and outside the EU for the purposes of facilitating searches on the Registry from other countries including non EU countries. If we do this, IEDR will put an agreement in place with such service providers and will impose in any such agreement, confidentiality and security obligations on the service providers.

6. Security

For the purposes of this clause, “you” means the Registrant and the Registrar in respect of any Password generated by either of them or any Password provided to either of them by IEDR.

6.1 To avail of the Site Services, each of Registrant and Registrar are required to input into the Site a confidential Password. You may also be sent a Password by us where you have forgotten your Password. You are responsible for:

(i) all transactions or activities carried out through the Site using your email address and Password and

(ii) ensuring that when you access the Services, that the system you use to access the Services is secure, is not left unattended unless you have fully exited the Services and that your email address and Password are not retrievable from the system by others.

6.2 You are responsible for notifying us by telephoning or emailing privacy@iedr.ie, if you know or suspect that your email address or Password might be known to a third party or if you suspect that any provisions of this Privacy Policy are not being adhered to by others. If you fail to do so, you will be liable and fully responsible until you notify us. In such event you will be required to change your Password.

6.3 Registrant and Registrar agrees that IEDR will be allowed to assume that any action done or asked for using a Password or NIC Handle was done or asked for by Registrant or Registrar or by someone authorised to act for Registrant.

6.4 Where a Registrar acts on Registrant’s behalf in registering and maintaining the registration of the domain name, unless the matter relates to something covered by clause 6.5 below, any communication to or from the Registrar is taken as being to or from Registrant.

6.5 IEDR may also specify by notice on the Site from time to time other types of authorised representatives or Contacts from whom IEDR will accept instructions, what types of instructions they can give IEDR and whether they can take Registrant’s place if IEDR need to notify Registrant. You agree to be bound by such notice.

6.6 Whether you are the Registrant or the Registrar acting for the Registrant, you undertake to assist us with our security checks, and provide any identification or documentary evidence we reasonably ask for and allow us to keep copies of those documents for our files.

6.7 You accept that the internet is not secure, so that if you disclose personal information over the internet save where making payment to us in the secure area of our Site it can be intercepted by third parties.

6.8 If Registrant notifies IEDR that Registrant wants a particular Registrar to act for him Registrant is giving that entity authority to act and IEDR power to act on their instructions and (if this applies) notify the Registrar instead of or as well as Registrant. The same position applies in respect of any Contact appointed by Registrant.

6.9 IEDR will publish on the Site from time to time certain activities which a Registrar or Contact is not allowed to do on Registrant’s behalf or where IEDR want to deal with Registrants only in respect of certain matters. In such case, Registrars agree to observe such restrictions.

7. Additional uses of personal data

7.1 Your personal data may additionally be used and processed by us for the purposes set out in this clause.

7.2 We will use, analyse and assess personal data to maintain and develop our relationships with Registrants, to process Registrant’s registration, and to provide the Services.

7.3 Where you are a Registrar and not an individual and you have not disagreed, we may use your personal data to let you know about other information or services which might be of interest to you. This contact may be by email.

7.4 Where you are a Registrant and you are an individual and you have opted in, by giving your consent, we may use your personal data to let you know about other information or services which might be of interest to you. This contact may be by email.

Whether you are a Registrar or Registrant if you want to stop receiving information about other services, you can opt out at any time by contacting us at privacy@iedr.ie.

  1. Personal data access and correction and retention

8.1 You will have the right to be given a copy of your personal data which IEDR hold. You must make your request in writing, post it and send it to the IEDR address as specified above and include with the request, a photocopy of your passport, or other valid photo ID, a copy of your utility bill which will verify your address and enclose a fee of Euro 10.00 or such other fee as determined or permitted by law or regulatory requirement from time to time. IEDR must reply within 40 calendar days.

8.2 You also have the right to request that your personal data is corrected, if inaccurate, or erased if IEDR do not have a legitimate reason for retaining the personal data. IEDR are not entitled to charge for dealing with such a request and we must comply within 40 days of the receipt of such a request. You must make your request in writing, post it and send it to the IEDR address as specified above and include with the request, a photocopy of your passport, or other valid photo ID, and a copy utility bill which will verify your address.

8.3 We are obliged to keep information (including personal data) about you (whether you are a Registrant or a Registrar) in order to comply with particular laws, in order to provide the Services, to exercise rights and authorities granted to us, including to maintain, update, operate and control the Registry. Personal data will not be held by us for any longer than is necessary for the purposes for which it was obtained. Where prior to the termination or expiry of a registration, you have opted in (to your personal data being retained for the purposes of future transactions), we will retain your personal data for ease of retrieval and for use in future transactions.

8.4 Updating Personal Data. Whether you are a Registrant or Registrar, you are responsible for ensuring that any personal data or other information we hold is up to date. To that end, please ensure that any changes to the information you originally supplied to us, are notified to us so that we can amend our records.

Whether you are a Registrant or Registrar you agree that we may from time to time contact you by email to verify data provided by you or actions undertaken by you on the Site.

  1. Amendment of Privacy Policy

This Privacy Policy may be amended from time to time. When IEDR amend it, IEDR will provide a notice on the Site that IEDR have done so.

The 10-step Policy Development Process (PDP) is set out on the IEDR website at: https://www.iedr.ie/p30/policy-development/

Definitions

ADR Provider means the panel provided by the World Intellectual Property Organization Arbitration and Mediation Centre;

Applicant means a natural person, company or organisation who has filed online an application for the registration of a domain name with IEDR;

Contacts:

  • Administrative Contact – This is the primary point of contact for automated emails relating to the registration of the domain and renewal. The Administrative Contact can also process nameserver changes for the domain, and authorise modifications to the registration (e.g. domain holder reassignment, billing transfers etc.);
  • Technical Contact – This role can be filled by anyone the domain holder or Billing Contact wishes. The Technical Contact is granted access to the IEDR Console for the purposes of submitting nameserver changes;
  • Billing Contact – The Billing Contact is the party responsible for payment of registration and renewal fees, as designated by the domain holder;
  • Data Controller – is the individual or the legal person who controls and is responsible for the keeping and use of personal information on computer or in structured manual files;

DRP is the ie Dispute Resolution Process – being the WIPO dispute resolution rules of procedure for .IE Domain Name Registrations which is accessible on the Site;

IEDR means IE Domain Registry Limited;

Nic Handle means account number and is a unique identifier or user-id assigned by the IEDR to the contacts of each Registrant. If the Admin Contact makes a change to the information filed for a Registrant, all domains names using that person’s Nic handle will be updated as well, thus keeping all your information up to date;

Password is a unique phrase which must be between 8 and 10 characters and be a mix of higher and lower case letters and numbers, which you chose and which you use to access the Site and the Services;

Personal data means data relating to a living individual who is or can be identified either from the data or from the data in conjunction with other information that is in, or is likely to come into, the possession of the data controller;

Register is the IEDR database of domain names and which also incorporates details about each Registrant and his Contacts (including his Registrar if it has one) and any other information IEDR need;

Registrant means a person, company or organisation who is holder of a ie domain name registration with IEDR;

Registrar means a person, company or organisation who may act on your behalf to deal with us and with whom we may have executed an agreement and whose details will be shown in the Whois and in the Registrar console;

Registrar Console Console is a web application accessible to all .ie domain contacts via the site. Further information on this is set out in clause 7.2 below;

Registry means the ie domain registry operated by IE Domain Registry Limited;

Registrar API means an application programming interface accessible only to Registrars and which may facilitate direct access to the Registry’s Systems;

Services mean the services of registration, renewal, transfer or management of domain names (including changing DNS server details, updating contact information, domain name locking, deletion, modification, suspension, reactivation or the blocking of access thereto) or any other services offered by IEDR through the Site including the Whois facility from time to time;

Site means the website operated by IEDR and accessible under www.iedr.ie, www.domainregistry.ie, and related sites;

System means the hardware and software used by IEDR to provide the Services;

Us or us or we mean IEDR;

Whois is a look up facility, accessible through the site. This facility allows a user to review certain information about a .ie registration, including the domain holder name, Administrative and Technical Contact names, in addition to DNS records and registration / renewal date.

You or you means any user of the IEDR site or services, including applicants, registrants, and Registars.

We or we means IE Domain Registry Limited (“IEDR” or “the IEDR”)