The European Union General Data Protection Regulation (GDPR) requires a business to limit collection of personal data and to safeguard personal data in its possession; businesses must also comply with requests from individuals related to access, rectification, erasure, and portability of their personal data.
GDPR will be enforceable EU-wide from 25 May 2018, and will apply each time we collect, store, or share personal data relating to a European citizen or resident, or managed in Europe.
On 17 May 2018, the ICANN Board approved a Temporary Specification, to establish temporary requirements for how ICANN and contracted parties will continue to comply with existing contractual and policy requirements while also complying with GDPR.
The Temporary Specification is effective as of 25 May 2018, though we note that the new gTLD Registry Agreement allows for Registry Operators to be afforded a “reasonable period of time” to comply with any new Temporary Policy following ICANN providing notice of such.
Although EnCirca will continue to collect registrant information for our records, ICANN Whois records will redact all identifying information for a customer. This includes all registrant, admin, technical, and billing names, emails and addresses. So, for example, the only identifying information for encirca.com is:
Domain Name: ENCIRCA.COM
Registrar WHOIS Server: whois.encirca.com
Registrar URL: http://www.encirca.com
Registrar: Encirca, Inc.
Registrar IANA ID: 455
Registrar Abuse Contact Email: email@example.com
Registrar Abuse Contact Phone: +1.7819429975
Registrant Organization: EnCirca Inc.
Registrant State/Province: MA
Registrant Country: United States
In order to contact the Registrant, Admin, or Tech contact of the queried domain name, put in a request with firstname.lastname@example.org (or go to https://www.encirca.com/whois/).
Access to Non-Public Registration Data
We will provide reasonable access to Personal Data in Registration Data to third parties on the basis of a legitimate interests pursued by the third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the Registered Name Holder or data subject pursuant to Article 6(1)(f) GDPR.
An example of a legitimate interest is that of Trademark infringement , which is defined as the unauthorized use of a trademark or service mark on or in connection with goods and/or services in a manner that is likely to cause confusion, deception, or mistake about the source of the goods and/or services.
If you are requesting access to personal data based on claimed Trademark Infringement, please provide us with screen shots showing use of a domain name in connection with goods and/or services in a manner that is likely to cause confusion, deception, or mistake about the source of the goods and/or services. Once we receive these screenshots, we will investigate your claim and respond within five days.
If the domain name in question is displaying a parked page or otherwise not yet in actual use and your intent is to issue a warning to the registrant about any potential infringing use of the domain, you can contact the registrant directly via a web form located here: www.encirca.com/whois
We will also continue to update this page with the latest information about GDPR updates as they become available via ICANN and individual registries.
More information on ICANN’s GDPR policy can be found here.
Policy last updated: October 11, 2018.