Privacy Policy

This policy applies to every EuroDNS customer and/or prospect (individuals, though not companies or organisations) without distinction of your nationality or place of residence.

The type of personal data we process and how it is processed depends on the services provided.

The types of personal data we collect and process depend on the services you use.

We may collect:
•    Personal data that you provide directly, including contact details such as your name, email address, postal address and telephone number;
•    Identification data that you may be required to provide in certain cases, including copies of identity documents, where necessary to verify your identity or to comply with the requirements of domain name registries;
•    Data collected automatically, including IP addresses, device information and usage data;
•    Data obtained from third parties, including domain name registries and publicly available sources;
•    Data generated by EuroDNS in connection with the provision of services, including information used for fraud detection, abuse prevention and service improvement.

EuroDNS processes personal data to operate, maintain and improve its services. 

This includes:
•    Creating and managing customer accounts
•    Processing orders and payments
•    Registering and managing domain names
•    Providing services
•    Delivering customer support
•    Detecting fraud, abuse and other illegal activity
•    Ensuring the security and stability of services
•    Analysing usage and improving services
•    Communicating with customers and prospective customers, including marketing communications where permitted.

Depending on the specific processing activity, EuroDNS relies on one or more of the following legal bases under Article 6 GDPR: performance of a contract to which you are party (Art. 6(1)(b)); compliance with a legal obligation (Art. 6(1)(c)); and our legitimate interests in operating and securing our services, preventing fraud and abuse, and communicating with customers (Art. 6(1)(f)). Where processing is based on consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.

EuroDNS may share personal data with third parties where necessary for the provision of its services or to comply with applicable law.

These recipients include:
•    Domain name registries responsible for managing domain extensions
•    Technical service providers supporting infrastructure, hosting and communications
•    Business partners involved in the delivery of specific services
•    Certification authorities issuing SSL certificates
•    Payment service providers processing transactions
•    Public authorities where disclosure is required by law

EuroDNS acts as an intermediary between customers and third-party service providers such as domain name registries. Each registry determines its own requirements for domain name registration and processes personal data in accordance with its own policies and applicable laws.

Depending on the services you use, your personal data may be transferred to and processed in jurisdictions outside your country of residence, including outside the European Economic Area.

Each domain name extension is operated by a single registry, which has exclusive control over that extension. EuroDNS acts as an intermediary and does not control the policies, data protection standards, or jurisdiction applicable to that registry. 

By selecting a specific domain extension, you acknowledge that your personal data will be processed by the relevant registry in accordance with its own rules and applicable laws, which may differ from those in your country of residence and may not provide an equivalent level of protection. EuroDNS cannot guarantee the level of data protection applied by such registries.

If you wish to benefit from a higher level of data protection, you may choose to register a domain name under an extension managed by a registry established within the European Economic Area or with adequate level of data protection (https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en).

Additional information regarding registry-specific requirements and applicable policies is available at: https://www.eurodns.com/registries-policies

6.1. Cookies

EuroDNS collects information and potential personal data about website visitors through the use of cookies. Further information is available in the cookie policy: https://www.eurodns.com/use-of-cookies

6.2. Interaction
EuroDNS may collect personal data that you submit through social media platforms or other communication channels. This includes information provided when submitting feedback or participating in surveys, contests or promotions.

6.3. Newsletter Subscribers

If you subscribe to the EuroDNS newsletter, certain personal data is transferred to:

The Rocket Science Group LLC, 
675 Ponce de Leon Ave NE, 
Suite 5000, 
Atlanta, GA 30308
, United States.

This entity operates the MailChimp service used for sending our newsletter and processes personal data on our behalf as a data processor pursuant to a data processing agreement.

Type of data processed: email address, first name, last name, IP address.
Legal basis: consent (Art. 6(1)(a) GDPR)

Purpose of processing: This processing is based on your consent for managing subscriptions and delivering communications.

Retention: We retain all personal data we collect outside the scope of our services for a period of one (1) year, or until you request its deletion.

Personal data transferred to The Rocket Science Group LLC in the United States is subject to the EU-U.S. Data Privacy Framework (EU-U.S. DPF), on which EuroDNS relies as the transfer mechanism for this processing.

7.1. Account Information
To create and manage an account on our platform, EuroDNS requires information sufficient to identify the customer.

Type of data processed: Email address, first name, last name, postal address, language preference, login credentials, IP address.

Legal basis: performance of contract (Art. 6(1)(b) GDPR)
Purpose of processing: Account creation, account management and service delivery

Retention: We retain your personal data for as long as you hold an account with EuroDNS. Should you want to close your account, please contact support@eurodns.com and we will anonymise all personal data attached to your account. However, please be aware that in certain cases regulatory or legal obligations may prevent EuroDNS from completely deleting your personal data. For example, we are required to keep every invoice we issue for ten (10) years.

7.2. Payment Information
When purchasing services, EuroDNS collects billing and payment information.

Legal basis: performance of contract (Art. 6(1)(b) GDPR) for processing payment data to execute the transaction; legal obligation (Art. 6(1)(c) GDPR) for retention of billing records pursuant to applicable accounting and tax legislation
Type of data processed: Billing contact details, partial credit card information including name, PayPal account identifiers.

Legal basis: performance of contract (Art. 6(1)(b) GDPR) for processing payment data to execute the transaction; legal obligation (Art. 6(1)(c) GDPR) for retention of billing records pursuant to applicable accounting and tax legislation
Purpose of processing: Processing payments and managing billing.

Retention: We retain your personal data for as long as you hold an account with EuroDNS. Should you want to close your account, please contact support@eurodns.com and we will anonymise all personal data attached to your account. However, please be aware that in certain cases regulatory or legal obligations may prevent EuroDNS from completely deleting your personal data. For example, we are required to keep every invoice we issue for ten (10) years.

7.3. Customer Support
When contacting customer support, personal data may be processed through systems provided by:
SALESFORCE.COM EMEA LIMITED
, 110 Bishopsgate
, Village 9, Floor 26, Salesforce Tower
, London EC2N 4AY
, United Kingdom.

This provider supplies the Salesforce Service Cloud platform used to manage support requests. 

Type of data processed: Contact details and any information provided in support requests, including, where necessary, copies of identity documents submitted for the purpose of verifying the identity of the account holder or confirming the legitimacy of a request.

Legal basis: performance of contract (Art. 6(1)(b) GDPR)
Purpose of processing: Handling customer inquiries and providing assistance.

Retention: We retain your personal data for as long as you hold an account with EuroDNS. Should you want to close your account, please contact support@eurodns.com and we will anonymise all personal data attached to your account. However, please be aware that in certain cases regulatory or legal obligations may prevent EuroDNS from completely deleting your personal data.

7.4. Domain Name Services
For this service, you will be required to provide additional personal data by creating contact profiles which will be transferred to each registry with whom you want to register a domain name. 

Type of data processed: First name, last name, postal address, email address, telephone number, and, in certain cases, identification data, including copies of identity documents, where necessary to verify your identity or to comply with the requirements of domain name registries.
In certain cases, registries may require a copy of identification documents. In such a case, EuroDNS will take all technical and operational measures to ensure the security and confidentiality of the copies of the identification documents processed and retained for the provision of the service.
Legal basis: performance of contract (Art. 6(1)(b) GDPR)
Purpose of processing: Registration and management of domain names.

Retention: Each registry has its own retention period but in general this does not exceed two years after the deletion of the Domain Name. For further information, please refer to the applicable registry policy: https://www.eurodns.com/registries-policies.

Domain Registration Data Disclosure
As part of the domain name registration process, certain personal data relating to domain name holders and contacts may be shared with domain name registries and may be made accessible to third parties through Registration Data Access Protocol (RDAP) services, in accordance with applicable laws, ICANN policies, and registry requirements.

The extent of data disclosure may vary depending on the domain extension, the applicable registry, and the requesting party’s access rights. While EuroDNS takes reasonable steps to comply with applicable data protection requirements, it does not control how third parties access or use data made available through RDAP or similar systems.

Domain escrow
Additionally, in case you have selected a so-called generic extension, a copy of your contact profiles will also be stored with: 
DENIC Services GmbH & Co. KG
, Heinrich-Hertz-Str. 6
64295, Darmstadt
, Germany

7.5. Open-Xchange Service
Personal data is shared with:
Open-Xchange AG, 
Rollnerstraße 14
D-90408, Nürnberg, 
Germany.

Type of data processed: Email address created as part of the service.


Legal basis: performance of contract (Art. 6(1)(b) GDPR)

Purpose of processing: We only collect and process this data for the provision of email service.


Retention: Your personal data is immediately deleted upon termination or expiration of the service.

7.6. Office 365 Service

Personal data is shared with:

Microsoft Ireland Operations Limited
, One Microsoft Place,
 South County Business Park
, Leopards, town
Dublin 18, 
Ireland.

Type of data processed: Email address created as part of the service


Legal basis: performance of contract (Art. 6(1)(b) GDPR)

Purpose of processing: We only collect and process this data for the provision of our service.


Retention: Your personal data is immediately deleted upon termination or expiration of the service.

7.7. SSL Certificate Services

Personal data is shared with certification authorities, including:

GMO GlobalSign Ltd, Springfield House, Sandling Road, Maidstone, Kent, ME14 2LP, United Kingdom

or

Sectigo Limited, Unit 7 & 9 Lister hills, Science Park Campus Road, Bradford BD7 1HR, United Kingdom.

Type of data processed: First name, last name, email address, postal address, telephone number.


Legal basis: performance of contract (Art. 6(1)(b) GDPR)

Purpose of processing: We only collect your personal data for the issuance and management of SSL certificates.


Retention: Your personal data is immediately deleted upon termination or expiration of the service.

7.8. Trademark Clearing House (TMCH)

Personal data is shared with:

CHIP S.A.
24, rue Léon Laval
, L-3372, Leudelange
, Luxembourg.

Type of data processed: All data associated with trademark registration.


Legal basis: performance of contract (Art. 6(1)(b) GDPR)

Purpose of processing: We collect your personal data for the provision of TMCH services


Retention: Your personal data is immediately deleted upon termination or expiration of the service.

7.9. Web Hosting and DNS Services

These services do not require the provision of additional personal data beyond what is already collected for account management and service operation.

You may manage certain privacy preferences, including marketing communications, through your account settings or by contacting EuroDNS.

Where available, EuroDNS provides tools to access, update or delete personal data.

You may exercise the following rights in relation to your personal data:

9.1. Right of access

You have the right to request a copy of the personal data that we hold about you. You may do so via your EuroDNS account https://my.eurodns.com/account/preferences\# or, alternatively, request it at support@eurodns.com. 

9.2. Right of rectification 

You have a right to correct data that we hold about you that is inaccurate or incomplete. You may do so via your EuroDNS account ~https://my.eurodns.com/account/preferences\#~or, alternatively, request it at support@eurodns.com. 

9.3. Right to be forgotten 

In certain circumstances, you can ask for the data we hold about you to be erased from our records. Please contact support@eurodns.com and we will delete and/or anonymise all personal data attached to your account. However, please be aware that in certain cases regulatory or legal obligations may prevent EuroDNS from completely deleting your personal data.

9.4. Right of portability 

You have the right to have the data we hold about you transferred to another organisation. You may export your data via your EuroDNS account https://my.eurodns.com/account/preferences or, alternatively, request it at support@eurodns.com.

9.5. Right to object

You have the right to object to certain types of processing of your personal data such as direct marketing. To do so please contact our legal department at legal@eurodns.com.

You also have the right to file a complaint with the Luxembourg National Commission for Data Protection (CNPD). Their complaint form is accessible at: https://cnpd.public.lu/fr/formulaires.html

9.6. Right to restriction of processing

In certain circumstances, you have the right to request that we restrict the processing of your personal data, for example while the accuracy of data is being contested or while an objection is being assessed. To exercise this right, please contact legal@eurodns.com.

9.7. Right to withdraw consent

Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing carried out prior to the withdrawal. You may withdraw consent through your account settings or by contacting support@eurodns.com. Be nevertheless aware that such withdrawal will automatically result in the termination of the services relying on your consent to be performed. 

Personal data is stored in data centres located in Luxembourg.

EuroDNS applies technical, administrative and physical measures to protect personal data, including encryption technologies, controlled access systems and secure network connections.

EuroDNS

Data Protection Officer

24, rue Léon Laval, L-3372 Leudelange, Luxembourg 

legal@eurodns.com

In the event of a personal data breach, EuroDNS will notify the Luxembourg National Commission for Data Protection (CNPD) without undue delay and, where feasible, within 72 hours of becoming aware of the breach, in accordance with Article 33 GDPR. Where a breach is likely to result in a high risk to your rights and freedoms, EuroDNS will also notify you directly without undue delay, using the contact details registered for your customer account, in accordance with Article 34 GDPR.

We may change this privacy policy from time to time. We will post any modifications on this page and, if they are significant, we will provide a more prominent notice, posted directly in your EuroDNS account or via email. We will also keep prior versions of this privacy policy in an archive for your review. 

We encourage you to review our privacy policy whenever you use our services to stay informed about our information practices and what you can do to help protect your security. 

Where changes affect processing activities that are based on your consent, we will seek fresh consent from you before the changes take effect. For all other changes, if you disagree with any modification to this privacy policy, you will need to stop using our services and deactivate your EuroDNS account, as outlined above.

EuroDNS does not engage in automated decision-making or profiling within the meaning of Article 22 GDPR. If this position changes in the future, this policy will be updated accordingly and, where required, appropriate safeguards will be implemented.