Everything you must know in one place

Details for Specific Products and Services

This page explains any additional individual data and privacy policies in effect for each product or service offered by Namecheap. If a product or service (collectively “Services” or individually “Service”) is not listed on this page, it simply means that there is no new information collected and that it is fully covered by our standard Privacy Policy. Where applicable, we provide additional details for those customers in the EEA.

Domains and Related Services

Domain Whois Contact Information: We are required by ICANN and the Registries who issue domains to collect, process and retain certain personally identifiable information. This information is required to be kept current and may be accessible for you to review and update through your customer Account Panel. Customers are required to provide this information and agree to keep it current and allow it to be retained for a predefined period of time. This information may be shared with ICANN, registries, registry operators and/or data escrow agents.

ICANN requires that registrars must collect and retain the mandated Whois information, whether or not protected by a privacy service, for two (2) years after the domain expires and/or you are no longer the registrant. (Please note that other ccTLD registries may have a longer required retention period. You will need to confirm their retention policies.) These guidelines are considered contractually required and approved upon purchasing a domain.

Domains not governed by ICANN, such as ccTLDs, have individual data collection guidelines explained in their domain agreements. These may include the collection and retention of IP addresses and notices sent to you, among other things. Namecheap requires, when purchasing domains from us, that Whois standards as set by ICANN be collected for all domains. Thus, even for ccTLDs, you will be asked to provide the standardized Whois information. Collection of the unique registry information and the standardized Whois information is considered contractually required by you from the individual registries and/or Namecheap. Also note that certain ccTLDs mandate the public disclosure of registrant data. If you are an EEA resident and eligible to register such a domain, by registering the domain, you explicitly agree to the publication of your personal information. We recommend that you review ccTLD agreements purchasing one of these domains to review their contractual guidelines on data collected, processed, publicized and retained.

Changes due to GDPR. Due to the GDPR, ICANN has implemented a Temporary Specification that limits the information made available to the public, at least in the EEA. However, the model also proposes broader access to groups of individuals that may or may not have to substantiate a legal basis for each request. This means that a privacy service such as Withheld for Privacy is both relevant and still very necessary to protect you from unwanted and/or unknown disclosure.

Namecheap strongly believes in privacy, security, freedom and the equal treatment for all internet users. And we believe that your information should be protected both now and under the new model being considered. This is why we are providing all our customers with free privacy protection for life.

Namecheap has partnered with Withheld For Privacy to offer our customers privacy protection for all domains (unless specifically precluded by the registry.) You can find more details on this privacy service by visiting the Domain Privacy page.

Withheld For Privacy. Withheld For Privacy is an Iceland-based privacy service that allows you to protect your identity. Namecheap selected Withheld for Privacy as a partner because its consumer focused privacy-by-design principles match our standards for your privacy protection. Unlike other domain privacy services, Withheld For Privacy does not need nor does it receive your personal information. It protects your identity by providing you with anonymization services.

DNS. No personally identifiable information is collected or shared with our DNS third party provider for any of our DNS products.

Hosting and Related Services

Hosting. When you host with Namecheap, we interact with your data in two ways. First, we obtain certain data in order to allow you to use our hosting services and to provide ongoing support. This data includes things like your password, DNS zones and account activity so that we can help you with any issues related to your site. Due to the nature of hosting, log files may also collect IPs of those who visit your site without additional identifying information. Second, we store information related to your website, such as website content, SSL files, your email logs (if you have email integrated into your site), related databases, full account backups and anything else that you host on your site.

In both cases, you operate as the Controller and we operate as the Processor and our relationship is governed by our Data Processing Addendum. Where your site is collecting personally identifiable information, such as customer information or contact lists, it is your responsibility to ensure you are compliant with privacy laws such as GDPR and that you are obtaining required permissions.

Third Party Hosting Products. We offer several third party hosting products to help you manage your website. They include Cloudflare products, CodeGuard, Attracta and Softaculous. We only share data with these companies when you initiate a specific request with us.

Apps Marketplace

Namecheap is proud to offer our customers the following excellent Services through our Apps Marketplace. Below you will find data and privacy details on Services that are globally available. Services that are North American based only are not listed.

Product Data Collected by Namecheap Data Tracking by Namecheap Data Shared Data Controller / Processor Notes
Ghost No additional data collected. None. None.
EasyWP No additional data collected. EasyWP uses Hotjar to track anonymized data. For details, including opt-out instructions see paragraph “Hotjar” below. None.
Private Email* None. None. None.
SSL Collection depends on type of certificate purchased. Basic certification collects personal email; all others collect and validate business information. None. Minimal SSL details are collected and sent to Sectigo. For SSLs, Sectigo operates as a Controller jointly with you. Namecheap is a Data Processor. See Sectigo's Privacy Policy and Data Handling Practices for more information.
Google Workspace / RelateLegal / Strikingly / Weebly None. None. None. For each of these products, the third party provider is the Data Controller and is wholly independent from Namecheap. Please review their data and privacy guidelines.
Business Card Maker Collection depends on user input for creating a business card. May include Personal Name. Personal or business address, email, phone number and social media account names for the purpose of creating the card. And Personal name and shipping address for purposes of delivery None. Data is shared with GDPR compliant subcontracted who are local printers
Relate Website**
None FirstName**
For Relate, please see the notes below for an explanation on what type of personal information may be collected, or not, and the relevant roles.
VPN No additional data collected. None None
Sitelock None None Customer Name
Customer Email
Customer, as controller, is the party instructing Namecheap to process/share this information with Sectigo for the purposes of this product. Sectigo is a wholly separate entity. As between Customer and Sectigo, please visit

Hotjar. We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices (in particular device's IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymized user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link.

You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link.

PrivateEmail: Linking your Google Email Account. When you link your Google email to your PrivateEmail account, Google will send and sync your contacts and calendar information to be stored within your PrivateEmail account. All other Google email account information, such as Google emails, are simply accessible through a special interface and reside with Google. When you link your Google Email Account to your PrivateEmail account, you are instructing us to access and process your data.

**Relate: Relate is a content distribution tool, controlled by you, that distributes across your designated social media accounts. We may involve processors to help do that and when we do, this is the information we share, which may or may not be personal information, depending upon whether it’s for a business or being used personally. In the course of that, you will direct them as a controller, as to which accounts you want them to distribute content. And, to do that, the product may need and require social media login profiles related solely to the account to which you want to distribute.

Need help? We're always here for you.

× Close