PRIVACY POLICY

Pursuant to Our Terms of Service Agreement, this document describes how We treat Personal Data related to your use of the Service, including information you provide when using it.

We expressly and strictly limit use of the Service to adults over 18 years. We do not knowingly seek or collect any Personal Information or Data from persons who have not attained this age.

We recommend that you read this Privacy Policy in full to ensure you are fully informed. If you have any questions about this Privacy Policy or Personal Data collection, Acceptable Use Policy, please contact Us at dpo@evonames.com.

Data collected

General Browsing. You can access some parts of the Service without having an Account, in which case only your IP address, country of origin and other non-personal information about your computer or device (such as web requests, browser type, browser language, referring URL, operating system and date and time of requests) will be recorded for log file information, aggregated traffic information and in the event that there is any misappropriation of information and/or content. If you have an Account, this information will also be recorded and may be associated with your Account.

Cookies, Metadata and Site Data Activity

We use cookies, web beacons and other information to store information so that you will not have to re-enter it on future visits, provide personalized content and information, monitor the effectiveness of the Service and monitor aggregate metrics such as the number of visitors and page views.

A cookie is a small piece of computer code which remains on your computer and contains information which helps Us identify your browser.

When you visit Our website and applications and tools on it, the cookie records the authentication to allow your user id to login. We use the information gathered by cookies to identify your web browser so that when you log in on the next occasion your use of the website and other applications and tools on it is easier and faster because the website has remembered your details.

If you do not want Us to use cookies then you can easily stop them, or be notified when they are being used, by adopting the appropriate settings on your browser. If you do not allow cookies to be used some or all of the website or other applications or tools on it might not be accessible to you.

Sometimes information that you upload is provided with associated metadata. If you do not want Us to use the metadata you must remove it before uploading it onto the website and other applications and tools.

We may collect data that is associated with your visit, including the pages your visit, the activities you do, the preferences you make, the applications and tools you use and the purchases you make and the competitions you enter etc. We may also collect information relating to the computer, mobile phone or other device including the device type, the browser, location, IP address and search words used. We may collect, use, disclose and store this information in any of the ways set out in this Privacy Policy.

Clear GIFS Information

When you access the Service or are on Our web site, We may employ clear gifs (also known as web beacons) which are used to track the online usage patterns of Our users anonymously. No personally identifiable information from your account is collected using these clear gifs. The information is used to enable more accurate reporting, improve the effectiveness of Our Service, and make Our services better for Our users and partners. These technologies mentioned above do not collect Personal Data about you and only collect data in the aggregate.

Using the Service with an Account

Creating an Account is required for using many of the features of the Service. We may require certain information about you at registration including Personal Data.

You and We shall comply with the Data Protection Laws (means all applicable laws relating to the processing of Personal Data including, while it is in force, and applicable to customer personal data), the General Data Protection Regulation (EU Regulation 2016/679) including any other Regulation in force with respect to the processing of the customer Personal Data (the “Applicable Laws”)

You warrant to Us that you have the legal right to disclose all Personal Data that you in fact disclose to Us under or in connection with this document.

Personal Data collected

You shall only supply to Us and We shall only process in each case under or in relation to this document, the Personal Data of of the following types:

1. contact information - private address, phone number, email address, skype address and other addresses/contact details/identifiers used in electronic communications;
2. data that could identify you, such as personal name, TIN/Identity number (including documents and information that certify the individual's identity);
3. account information – information about the products or services that you purchase or consider purchasing from Us, domain name registration information, IP addresses assigned by Us, customer ID or any other information related to your account;
4. information on communications with Us - We may keep a record of any correspondence between you and us, including Customer Service requests, information about enquiries made to Us to resolve a technical or administrative query, information about a chat session with Us, an e-mail or letter sent to Us or other of any contact or communication with Us;
5. information about payment method.

We are required to collect data relating to the registration of domain names (“Registration Data”) and then share such data with the relevant registry operator (depending on the top-level domain (“TLD") you wish to register). Specific data collections may vary based on the TLD’s specific requirements as promulgated by its registry operator.

Registration Data collected

In order to provide you with domain name registration services, we typically require the following registrant data:

1. Domain Name (your choice of domain e.g. “example.com” );
2. Nameservers (your choice of hosting provider or equivalent);
3. Registration Data (Data required to enter the domain into our registry):
   1. Registrant Name (Organization), address, email, phone number;
   2. Administrative contact (Organization), address, email, phone number;
   3. Technical contact (Organization), address, email, phone number;
   4. Billing contact (Organization), address, email, phone number.

The sharing and use of this data is required by our Registrar Accreditation Agreement with ICANN and is a requirement of each TLD’s Registry Agreement with ICANN, to effect the proper registration of your domain name.

We may disclose your personal information in accordance with rules, procedures and recommendations (including the rules of the Domain Dispute Resolution Policy), accepted and approved organizations that control and supervise domain names (for example, organizations such as ICANN and/or any of the ccTLD).

We do not control or assume any responsibility for the use or disclosure of your personal information, which is open to the requirements, rules, policies, procedures and recommendations of organizations responsible for control over domain names. The procedure for the discovery and use of such information is not the subject of this policy.

We’re always looking for ways to protect your Personal Data online. In accordance with the General Data Protection Regulation (EU Regulation 2016/679), We will provide with the WHOIS masking (protect) of Personal Data for all domains sell, and such changes will be got in force from May 25, 2018. This service will limit an ability to access your Personal Data.

We use your Registration Data for the following purposes:

• to register the domain name;
• to provide the applicable registry with authoritative data to ensure the ongoing continuity, stability and resiliency of the DNS;
• mitigation of DNS abuse, including but not limited to the investigation and mitigation of reported instances of abuse considers to be contrary to the terms of its Acceptable Use Policy;
• maintained integrity of the current dual failsafe system at the registrar and registry levels;
• verification of registrant eligibility, where applicable; and
• to update and improve our Services, systems and ability to provide you with a secure and stable Service experience.

Other usage purposes of your Personal Data

We use your Personal Data to arrange your registration and supported functionality of your domain(s) with the registry operator. Additionally, We may use Registrant/Personal Data to:

• develop and collect aggregate statistics (ensuring appropriate anonymization) regarding our systems and Services, to conduct market research, conducting retention and customer satisfaction surveys, marketing activities (including through email, newsletter and social media), conducting sales activities (including analyzing Data and the use of Our services for marketing offers and quotes with the aim of entering into a customer relationship, and/or maintaining, renewing or expanding a customer relationship);
• communicate with you regarding your registration or related Services;
• facilitate payment for the purchase of products or services through Our website or otherwise. In this case you will be directed to a third party website (a secure internet payment gateway). We will not store or collect your payment credit/debit/charge card or other payment mechanism details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of payment information;(performing financial process, including calculating, invoicing and collecting of service charges and processing financial transaction regarding the acceptance of orders and granting debt collection rights to third parties;
• investigate and processing suspected violations of Our Acceptable Use Policy;
• ensure security of persons and find and prevent fraud, to detect or prevent illegal activities;
• comply with applicable law, including enforcing Our Terms of Service Agreement, or other legal rights, or as may be required by applicable laws and regulations or requested by any judicial process or governmental agency including privacy legislation

Our role as Registrant Data Controller

We collect and processes your Registrant Data to carry out the registration of your domain, to ensure that your registration functions as expected, and that registrations do not affect the security of our registrar. In order to enter your chosen domain name into our system, we are required to process your data in a manner obligated in our contracts with Internet Corporation for Assigned Names and Numbers (“ICANN”). In this respect, it is our understanding under applicable law that we act as a joint data controller of your Registrant Data, working in conjunction with the TLD registry and ICANN, as herein described.

With specific reference to the registration of a domain name, as Registrar, We are responsible for the following:

• collection of Registration/Personal Data;
• providing you notice and an opportunity to review both our Privacy Policy and the privacy policy of the relevant registry;
• providing you with adequate information and a means by which you may exercise your individual privacy rights, such as data access, deletion, and rectification; and this Privacy Policy sets out, in detail, both the purposes and the legal basis for our data processing.

A registry operator, retains the responsibility for the processing of data necessary for the registration and maintenance of domains within one of their TLDs.

You should only choose a TLD with whom you feel comfortable sharing your information. It is important that you familiarize yourself with and understand the individual and specific privacy policy of the registry who is responsible for the TLD of your choice. See the list of specific privacy policies, that relate to each TLD here. If you do not understand such policies, or you have questions regarding any of their policies, you should discuss this with the registry operator of your chosen domain, prior to registering via our service.

ICANN is the private-sector body responsible for coordinating the global Internet's systems of unique identifiers. The mission of ICANN is to coordinate the stable operation of the Internet's unique identifier systems. More information about ICANN can be found here: www.icann.org. ICANN is responsible for identifying and requiring, by contract, both registry operators and registrars to provide to them registration data. Registrant Data we collect and process is data which ICANN deems necessary to ensure the ongoing security and stability of the DNS.

Data minimization

We take every reasonable step to limit the volume of your Personal Data that We Process to what is necessary.

We take every reasonable step to ensure that your Personal Data that We Process are limited to the Personal Data reasonably necessary in connection with the purposes set out in this Privacy Policy.

We may share Data about you with:

• partners or agents involved in delivering/purchasing the services you’ve ordered with Us;
• fraud prevention agencies;
• debt collection agencies or other debt recovery organizations;
• law enforcement agencies, regulatory organizations, courts or other public authorities to the extent required by law;
• We will also share your information to the extent necessary to comply with ICANN or any ccTLD rules, regulations and policies when you register a domain name with us. in such case, disclosure of your personal information is governed by their Privacy Policy.

We do not provide Personal Data to third parties except as in accordance with this Privacy Policy, any agreement We have with you or as required by law.

You consent to Us using any Personal Data that We collect for any one of the purposes in this Privacy Policy for any of the other purpose stated in this Privacy Policy.

You may inform Us of any withdrawal of consent in relation to any of the above purposes by giving notice of such withdrawal of consent to Our Data Protection Officer (dpo@evonames.com). Upon and depending on the extent of such withdrawal of consent, We may not be in a position to continue providing you with some or all of Our services.

We retain Personal Data:

• We retain Personal Data We collect from you where We have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements).
• When We have no ongoing legitimate and business need to process your Personal Data, We will delete your Personal Data.

You have the following data protection rights:

• You have the right to delete or return all of your Personal Data to you after the provision of services relating to the processing and shall delete all existing copies save to the extent that the Applicable Laws require storage of the relevant personal data.
• You have the right to withdraw your consent for processing your personal data. You can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing We conducted prior to your withdrawal, nor will it affect the processing of your Personal Data conducted in reliance on lawful processing grounds other than consent.
• You have the right to request confirmation as to whether or not your Personal Data are being processed and where that is the case, access to the Personal Data together with certain additional information.
• You have the right to request rectification of any inaccurate Personal Data of you. Taking into account the purposes of the processing, you will have the right to have incomplete Personal Data about you completed including by means of providing a supplementary statement.
• In certain circumstance you have the right to obtain the erasure of your Personal Data without undue delay. Such circumstances include: (a) your Personal Data that is no longer necessary to the purposes for which there were collected or otherwise processed, (b) you withdraw consent on which the processing is based and where there is no other legal ground for the processing; (c) your Personal Data has been unlawfully processed.
• ain erasure of your Personal Data will not apply in cases where the processing is necessary for: (a) for compliance with a legal obligation; (b) for the establishment, exercise or defense of legal claims.
• If you wish to access, correct, update, or request deletion of your Personal Data, you can do so at any time by emailing dpo@evonames.com
• In addition, you can object to the processing of your Personal Data, ask Us to restrict the processing of your Personal Data, or request portability of your Personal Data. You can exercise these rights by emailing dpo@evonames.com
• You have the right to opt-out of marketing communications We send you at any time. You can exercise this right by clicking on the "unsubscribe" or "opt-out" link in the marketing emails We send you. To opt-out of other forms of marketing, please contact Us by emailing dpo@evonames.com
• In case you are of the opinion that Our processing of your Personal Data infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority that is responsible for the protection of such data.

We respond to all requests We receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

We further ensure Data security:

• We have in place appropriate technical and organizational measures, to protect against unauthorized or unlawful processing of your Personal Data and against accidental loss or destruction of, or damage to your personal data, appropriate to the harm that might result from the unauthorized or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures. Those measures may include, where appropriate, pseudonymising and encrypting your personal data, ensuring confidentiality, integrity, availability and resilience of Our systems and services, ensuring that availability of and access to your Personal Data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organizational measures adopted by us;
• We use cryptographic one-way salted hash functions to store your information. The hashing flow cannot be reversed.
• We are constantly reviewing and enhancing its technical, physical and managerial procedures and rules to protect your personal data from unauthorized access, accidental loss and/or destruction. We use industry standard TLS certificates to provide encryption of data in transit, for example, all access to Our websites and management portals is covered by HTTPS protocol.
• All data are stored on secured servers. The servers are protected by FireWalls and Our staff has restricted access to them. Physically all servers are located in secured racks, access is restricted and protected by 5 levels of security;
• To protect the data from loss or corruption, We use backups and store data encrypted on secured servers.
• Data protection officer is involved, properly, according to the Applicable Laws and in a timely manner, in all issues which relate to the protection of personal data;
• All personnel who have access to and/or process Personal Data shall keep the Personal Data confidential;
• We may assist you, at your cost, in responding to any request from you and in ensuring compliance with your obligations under the Applicable Laws with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators;
• We will notify you without undue delay on becoming aware of a breach of your personal data;

You understand and acknowledge that at Our request you shall assist Us in observing any obligations that may be incumbent on Us pursuant to the Applicable Laws in force at any time where your assistance is assumed and where your assistance is necessary for the observance of Our obligations. Your tasks in this respect shall be performed to the extent necessary and to this end at no cost to us.

You shall inform Us without undue delay, but not later than 24 hours and in writing of any infringements of any of the obligations specified in the Terms of Service Agreement. This shall also apply if there are substantive disruptions of the normal course of operations and if there are actual grounds to suspect data privacy infringements. You shall be obliged to provide Us with any and all information necessary for the compliance with Our obligations pursuant to the Applicable Laws.

You shall ensure that the access to your Personal Data is limited to those of your personnel who require such access to perform the Services.

Children’s Privacy

We don’t knowingly collect information from persons under the age of 18, and person under 18 are prohibited from using Our Services. If you learn that a child has provided Us with Personal Information or Data in violation of this Privacy Policy, you can alert Us at dpo@evonames.com.

Miscellaneous

If you have an account on the Service and have a password giving you access to certain parts of the Service, you are responsible for keeping the password confidential. Anyone else with your password may access your Account and other Personal Data.

While We use commercially reasonable physical, managerial and technical safeguards to secure your information, the transmission of information via the Internet is not completely secure and We cannot ensure or warrant the security of any information or content you transmit to us. Any information or content you transmit to Us is done at your own risk.

You are entitled to access, correct or delete your information on the Service and may request Us to do so by contacting us.

Privacy Policy changes

We reserve the right to change the Privacy policy, and will post any revisions on Out website evonames.com. We advise you to check this page regularly to see if any changes have been implemented.

Contact Us

If you have any questions or concerns about this Privacy Policy, please feel free to email Us at dpo@evonames.com.