H
10Corp Premium Hosting

GDPR and Domain Registration

Last Updated: 2025-01-01 2 min read

What Is the GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law enacted by the European Union in May 2018. It governs how organizations collect, store, process, and share personal data of individuals within the EU and European Economic Area (EEA). The GDPR has far-reaching implications for domain registration, particularly regarding WHOIS data.

How GDPR Affects Domain Registration

Changes to Public WHOIS

Before the GDPR, WHOIS records for most domain names were fully public, displaying the registrant’s name, address, email, and phone number. Under the GDPR, registrars are required to limit the personal data exposed in public WHOIS records for registrants who are natural persons.

As a result, 10Corp redacts personal data from public WHOIS output for applicable domains. Typically, the following information is hidden:

  • Registrant name (for individuals)
  • Street address
  • Phone number
  • Email address (replaced with a web form or anonymized relay)

Data Still Collected

Even though personal data is redacted from public view, 10Corp still collects and stores accurate registrant information as required by ICANN. This data is held securely and is accessible only under specific legal and regulatory circumstances.

Your Rights Under the GDPR

If you are an EU/EEA resident, you have several rights regarding your personal data:

  • Right of access — You can request a copy of the personal data we hold about you.
  • Right to rectification — You can request corrections to inaccurate data.
  • Right to erasure — You can request deletion of your data, subject to legal retention requirements.
  • Right to data portability — You can request your data in a machine-readable format.
  • Right to object — You can object to certain processing of your data.

Legitimate Access to WHOIS Data

Certain parties — such as law enforcement, intellectual property rights holders, and cybersecurity researchers — may request access to redacted WHOIS data through established processes. 10Corp evaluates these requests on a case-by-case basis, balancing the requestor’s legitimate interest against your privacy rights.

What You Should Do

  • Ensure your registrant information on file with 10Corp is accurate.
  • Review your privacy settings in your account dashboard.
  • Contact 10Corp support if you wish to exercise any of your GDPR rights.

The GDPR strengthens your control over personal data. 10Corp is committed to compliance and to protecting the privacy of all our customers.

Tags: compliance gdpr privacy domain registration whois data protection

Related Articles

Data Protection and Privacy WHOIS Accuracy Requirements
Back to Compliance All Categories

Still need help?

Our support team is available 24/7 to assist you.

Open a Ticket Live Chat