Privacy Policy
fTLD on Twitter

Updated on: March 25, 2020

Introduction

fTLD values your privacy. Read this Privacy Policy for important information about our privacy practices when we collect or receive information about you and how we collect, use, disclose, transfer, and store your personal information (i.e., data that can be used to identify or contact you). This supplements and should be read in addition to other terms and conditions, for example the registration agreement for purchasing a .BANK or .INSURANCE domain name, that you have agreed to in connection with your use of our services.

Collection and Use of Personal Information

To provide you with our services, we require information from you such as your name, address, phone number, email address, and other personal information (e.g., occupation). You are not required to provide personal information that we request, but, if you choose not to provide it, in many cases we will not be able to provide you with our services or respond to any queries you may have. fTLD collects personal information when you use our services, participate in our webinars and marketing opportunities, and when you visit any of our websites (ftld.com, register.bank and register.insurance).

Here are some examples of the types of personal information fTLD may collect:

Information You Provide Directly. You may provide information voluntarily and directly to us in several ways. For example, we may collect information including your name, address, phone number, and email address when you correspond with fTLD or complete an online form.

Other Information We May Collect. We may collect, either directly or indirectly, certain information about you and the device you use to access our websites. This may include: the type of web browser and operating system you are using; your IP address (which is a number automatically assigned to your computer when you access the internet and can be used to derive your general geographic location); the referral URL directing you to one of our websites; and other navigation data, such as webpages visited, and advertisements viewed or clicked on.

If enabled, information about the content you view and the features you access on fTLD’s websites that we collect using cookies and other technologies (e.g., pixel tags and web beacons), which may include saving cookies to users’ computers. For further information, please read our Cookie Statement.

For information about how to opt out of customized advertising (which uses cookies) from many ad networks, please access the following (note: fTLD does not own or control these websites, and is providing them as informational resources only): https://optout.networkadvertising.org/; http://www.aboutads.info/; and https://www.youronlinechoices.com/.

Third-Party Websites. Our websites contain links to third-party content and websites that are not owned or controlled by fTLD and are not operated under this Privacy Policy. You should review the privacy policies and terms of use of all third-party websites you access, including social media companies’ websites. These third-party websites may independently solicit and collect information from you. On occasion, those third-party websites may provide us with information about your use of those websites. PLEASE NOTE THAT THIS PRIVACY POLICY DOES NOT COVER THE COLLECTION AND USE OF INFORMATION BY SUCH THIRD-PARTIES.

Domain Analysis and Monitoring. We monitor .BANK and .INSURANCE domains on a regular basis to evaluate compliance with our Security Requirements available at www.fTLD.com/security. As a part of this, we collect information about .BANK and .INSURANCE domains including tags, links, authoritative name servers, implementation and use of DNSSEC and TLS/encryption (including obtaining digital identity certificate information), URL redirection, email authentication information, and use of third-party providers and information about their domains providing services to a .BANK or .INSURANCE domain.

.BANK and .INSURANCE Domain Verification. Verifications are performed by fTLD (or its designated agent) before .BANK and .INSURANCE domains are awarded and annually thereafter. Verification will also be required by fTLD when any material changes to registration data (i.e., Registrant Organization, Registrant Name, and Registrant Email) are made to ensure ongoing compliance with the respective Registrant Eligibility and Name Selection Policies (see: https://www.ftld.com/policies/). In limited circumstances, we may ask for a government issued ID to confirm your organization or the Registrant is not a restricted person or entity.

The purposes for which we may process your personal information are described in this Privacy Policy. With your consent, we may also process your personal information for other purposes disclosed to you at the time we collect your personal information including for performance of a contract, provision of our services, or when we have assessed it is necessary for the purposes of the legitimate interests pursued by fTLD or a third party to whom it may be necessary to disclose information. We may receive your personal information from a third-party or other person you have shared your consent with to apply for and obtain services from fTLD.

We may process the personal information we collect to:

  • provide you with information, services, or communications you request;
  • allow you to participate in our application and verification processes;
  • deliver legal notices or information about changes to this Privacy Policy or our Terms of Use for our websites;
  • improve our websites and enhance your experience with them;
  • respond to your requests, questions, and comments;
  • protect our rights and the rights of others, including by enforcing our Terms of Use; and
    improve our services and communication.

We may also collect and use non-personal information (which does not allow direct association to an individual) for any purpose. This type of non-personal information may be used to enhance our websites, communication and services.

Sharing of Information

We may share your information with the following entities:

Affiliates. We may share your information with our affiliates—companies that control, are controlled by, or are under common control with fTLD.

Social Media Advertising Networks. We may share information about you with social media networks to allow for the delivery of customized advertising about products or services that you may be interested in. We provide this information to the social media network, so they can deliver ads to the appropriate social media user. The delivery of customized social media ads, and your ability to opt-out of receiving those ads, is governed by the privacy policies of the social media companies who deliver customized ads to you.

Approved Third-Party Providers. We may share your personal information with companies we use to provide certain services such as registrar and data escrow services; sending communications (e.g., email provider, client relationship management system); improving advertising and marketing services; and managing databases or other technology. You can tell when you are directly accessing a service offered by a Third-Party Provider because the Provider’s name will be featured prominently. You may be asked to provide information about yourself to register for a service offered by a Third-Party Provider. In doing so, you may be providing your information to both us and the Third-Party Provider, or we may share your information with the Third-Party Provider. PLEASE NOTE THAT THE THIRD-PARTY PROVIDER’S PRIVACY POLICY MAY APPLY TO ITS USE OF YOUR INFORMATION AND THAT THIS fTLD PRIVACY POLICY DOES NOT COVER THE COLLECTION AND USE OF INFORMATION BY SUCH THIRD-PARTY PROVIDERS.

fTLD ordinarily requires, by way of a written agreement, that a Third-Party Provider receiving personal information and other data agrees to process such information in compliance with this Privacy Policy. fTLD uses reasonable efforts to limit any Third-Party Provider’s use of such information in compliance with applicable data privacy laws.

Other Parties When Required by Law, by Internet Corporation for Assigned Names and Numbers (“ICANN”), or as Necessary to Protect Our Services. There may be instances when we disclose your information to other parties to:

  • protect the legal rights of the users of fTLD’s websites, fTLD and its affiliates;
  • protect the safety and security of users of fTLD’s websites;
  • prevent fraud (or for risk management purposes); or
  • comply with or respond to the law or legal process or a request for cooperation by a government entity or by ICANN, whether or not legally required.

Other Parties in Aggregated Form. We may also share your information with third-parties in an aggregate or non-personally identifiable form.

Other purposes. To carry out other legitimate business purposes, as well as other lawful purposes about which we will notify you.

Other Parties in Connection With a Transfer of Assets. If we make a sale or transfer of assets, or are otherwise involved in a merger or transfer, or in the unlikely event of bankruptcy, we may transfer your information to one or more third-parties as part of that transaction, reorganization, or liquidation.

WHOIS Service

We are required under our agreements with ICANN to offer a WHOIS service with respect to the top-level domains (.BANK and .INSURANCE) for which we are the registry operator. The WHOIS service provides free public query-based access to domain name registration data submitted to our back-end registry services provider by registrars. fTLD is required to offer a “thick” (i.e., more extensive) WHOIS 1 service that includes certain personal information associated with the registrants of domain names, including, but not limited to, the name, address, phone number, fax number, and email address of the domain name registrant and the administrative and technical contacts for the domain name (collectively, the “WHOIS Data”). The WHOIS service is available to any user of the internet and, therefore, the WHOIS Data submitted to fTLD’s back-end registry services provider by registrars may be disclosed to third-parties unassociated with fTLD or any of its affiliates. You may use a role name (e.g., Domain Administrator) and/or role email address (e.g., fTLD@fTLD.com) in the WHOIS to protect your personal information.

California Residents’ Privacy Rights

California Civil Code Section 1798.83 permits visitors to fTLD’s websites who are California residents to request certain information from fTLD regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us using the contact details provided at the end in the Contact Information section and put “Shine the Light” in the subject line of your request.

From January 1, 2020, California consumers have the following rights. To the extent that these rights apply to you, the following rights are provided:

  • Right to know
    You have the right to know and request information about the categories and specific pieces of personal information we have collected about you, as well as the categories of sources from which such personal information is collected, the purpose for collecting such personal information, and the categories of third parties with whom we share such personal information. You also have the right to know if we have sold or disclosed your personal information. You may also request a copy of the personal information we have collected and, upon request, we will provide this information to you in electronic form.
  • Right to delete
    You have the right to request the deletion of your personal information, subject to certain exceptions and our record retention policy.
  • Right to opt-out of sale
    You have the right to opt-out of the sale of your personal information to third parties. However, we do not sell your data at this time.
  • Right to non-discrimination
    You have the right to not be discriminated against for exercising any of these rights.

If you would like to exercise one or more of the rights above, please contact us by using the contact details provided at the end in the Contact Information section. You may designate an authorized agent to make a request on your behalf. Such authorized agent must be registered to conduct business in California with the California Secretary of State. We will deny a request from an agent that does not submit proof that they have been authorized by you to act on your behalf.

We may need to confirm your verifiable consumer request before completing your request, and, for example, may ask for you to confirm data points we already have about you. We will only use personal information provided in a consumer request to verify the requestor’s identity or authority to make the request.

Protection of Personal Information

We use reasonable physical, technical, and administrative measures to safeguard personal information in our possession against loss, theft, unauthorized use, disclosure, or modification. Please note, however, that no data transmission or storage can be guaranteed to be 100% secure. As a result, while we strive to protect the information we maintain, we cannot ensure or warrant the security of any information that you transmit to us.

Children’s Information

Our websites are not intended for use by children under age 13. We do not market to children or knowingly collect or store personal information about children under the age of 13. If we learn that we have collected personal information from a child under age 13, we will delete that information from our customer database.

International Transfer of Data

We may collect, transfer, store, and process your information outside of your country of residence, consistent with this Privacy Policy. Please note that the data protection and other laws of countries to which your information may be transferred might not be as comprehensive as those in your country. fTLD takes reasonable steps to ensure the confidentiality and security of information sent outside the individual’s country of residence. fTLD is a US-registered business, and all our primary storage locations are within the USA. Depending on the fTLD-Approved Registrar you choose to use, the use of our Services may involve the transfer of data outside of the European Economic Area (EEA).

For individuals located in the European Union (EU) or participating in activities outside of the US that you have consented to, your personal information may be transferred to countries outside the EU, in particular to the United States. Some non-EU countries are recognized by the European Commission as providing an adequate level of data protection according to EU standards. The full list of these countries is available at http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm. For transfers from the EU to countries not considered adequate by the European Commission, we have put in place appropriate and suitable safeguards to protect your personal data and that the transfer of your personal data is in compliance with the requirements and the obligations provided by applicable data protection laws, such as standard contractual clauses adopted by the European Commission as per Articles 45 and 46 of the EU General Data Protection Regulation 2016/679.

Accessing or Changing Your Personal Information and Your Rights

You may have the right to request details about the information we collect and to correct inaccuracies in that information. If you have submitted personal information (such as your name, address, or email address) through our websites and would like to access, change, or delete that information, please contact us using the contact details provided at the end of this Privacy Policy in the Contact Information section.

Please note that we may need to retain some personal information or other information about you to satisfy our legal and security obligations. For example, some of your information may remain in back-up storage even if you ask us to delete it. In some cases, you may be entitled under local laws to access or object to the processing of information that we hold relating to you.

Where applicable, you have the right to:

  • Obtain confirmation as to whether or not your personal information is collected and processed by us and to be informed of its content and source, verify its accuracy and request its integration, update or amendment;
  • Request the deletion, anonymization or restriction of the processing of your personal information processed in breach of the applicable law;
  • Object to the processing, in all cases, or your personal information;
  • Receive an electronic copy of your personal information, if you would like to port it to yourself or another recipient; and
  • Lodge a complaint with a data protection supervisory authority.

Your rights are subject to applicable limitations and restrictions. In certain cases, your request may be denied based on a legitimate exception, such as where we are prevented from disclosing certain information based on legal requirements, fraud prevention or security concerns, or when we need to maintain the information. For more information or to make a request, please contact us using the contact details provided at the end of this Privacy Policy in the Contact Information section.

Remember that even after you cancel your account, or if you ask us to delete your personal information, copies of some information from your account may remain viewable in some circumstances where, for example, you have shared information with other services. We may also retain backup information related to your account on our servers for some time after cancellation or your request for deletion to comply with applicable law.

Do-Not-Track Signals and Similar Mechanisms

Some web browsers may transmit “do-not-track” signals to the websites with which a user communicates. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they are aware of them. As there is currently no industry standard concerning what, if anything, websites should do when they receive such signals, fTLD’s websites currently do not respond to them. If a final standard is established and accepted, we will reassess how to respond to these signals.

Amendment

fTLD reserves the right to modify this Privacy Policy at its sole discretion. Please revisit this page to stay aware of any changes, and check the effective date of the Privacy Policy each time you use our websites. By continuing to use fTLD’s websites after we modify the Privacy Policy, you indicate your consent to those changes.

Choice of Law

This Privacy Policy is governed by and construed in accordance with the laws of the District of Columbia, U.S.A., without regard to any conflicts of laws principles that would result in the application of the law of a different jurisdiction. You and fTLD submit to the exclusive personal jurisdiction and venue of the local and federal courts located within the District of Columbia, U.S.A.

Contact Information

We are dedicated to protecting your privacy. If you have questions or comments about this Privacy Policy, please:

Write: fTLD Registry Services, LLC, Attn: Legal Counsel, 600 13th Street NW, Suite 400, Washington, DC 20005; or

Email: legal@fTLD.com

You have the right to ask us not to process your personal information for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third-party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us using the contact details provided above.

If you would like to access, review, update, rectify, or delete personal information we hold about you, or exercise any other data subject rights (e.g., under the EU General Data Protection Regulation (GDPR)), please send a detailed request to us using the contact details provided above.

1 For information on “thick” WHOIS see the following ICANN page: https://www.icann.org/resources/pages/thick-whois-2016-06-27-en.