Namecheap is Committed to Privacy
Namecheap is a longtime champion of online privacy. In fact, privacy has been one of our core values since inception. We live this value within our business and our work with others. For example, we have a longstanding partnership with privacy-focused organizations such as the Electronic Frontier Foundation. In 2016, we led the charge for a
Privacy Bill of Rights or the internet. Why? Because we deeply believe in the right to privacy for every individual and we are committed to providing it.
In May 2018, the General Data Protection Regulation (GDPR) will come into effect for the EU and EEA. The GDPR embraces many of the privacy rights for which we have advocated for years. We want to assure you that we still advocate for those rights and more. For those of you within the EU and EEA, this page will help you understand GDPR and our compliance with it.
While complex, among other things, the GDPR codifies three essential rights: Consent & Control, Security, and the Right to Be Forgotten.
Transparency, Consent & Control. Clear, informed consent and individual control over the use of personal data are basic rights in the GDPR. This means that companies must inform individuals of the data they are collecting and how they are using it. Where there is not a contractual requirement for a company to obtain the information, individual, informed consent must be granted.
Security. Individuals are entitled to having their data kept securely. This means that, if a security breach occurs that puts personal data at high risk, companies must notify individuals as soon as possible.
Right To Be Forgotten. The GDPR also provides that an individual can request to have their information deleted (also known as the Right To Be Forgotten.) There are limitations to this right for example when data must be kept due for reasons of public interest, contractual requirement or when it relates to legal claims.
Information Collected: Namecheap.
At Namecheap, we collect information for two primary reasons. First, we collect information contractually necessary to execute purchases. This includes basic account information and payment information. It also includes information that contractually must be shared with third-party service providers, such as Whois information with domain registries.
Information Collected: Third-Party Products & Services.
Some information that we collect, because we are required to do so contractually, must be shared with third parties. For example, Whois data is required to be shared with registries. For gTLDs, ICANN is implementing a “gated Whois” system where only certain fields will be publicly visible. However, unless you have chosen to protect yourself through a domain privacy service such as WhoisGuard, the full Whois details will be made accessible to law enforcement, intellectual property attorneys and other ICANN approved parties. We’ll let you know when we have a contractual or legal duty to collect and/or share information in this way.
For some products or services that you purchase, data will be collected directly by the third-party service provider and they will be considered the Data Controller for GDPR purposes. This will be true for most products and services purchased on our Apps Marketplace. Data collected by these third-parties directly will not fall under Namecheap’s GDPR responsibilities.
At Namecheap, We Go Further.
While the GDPR establishes rights for EU citizens, Namecheap has been providing and advocating for those rights for quite a long time. We view them as just one of the ways in which we continually protect our customers. Protecting our customers means much more to us than simply privacy.
We see ourselves as your frontline defender for privacy, freedom of speech and due process. This means that you can also be assured that we will protect our customers’ right to freedom of speech. It also means that we will not disclose any personal information about our customers unless required by law or pursuant to a court order or subpoena. We will also fight against requests for information that is overly broad or intrusive to our customers.
At Namecheap, privacy is one of the pillars of rights we protect on behalf of our customers. We welcome the implementation of the GDPR and we will continue to strive for ways to deliver beyond it.