WHOIS, TMCH & SSL Guidance
Welcome to Lexsynergy’s guidance on how personal data is handled when you apply to register a domain name, apply to register with the Trademark Clearinghouse or apply for an SSL certificate.
This guidance supplements our privacy notice (which explains how we use personal data that we collect and where we decide the purposes and means for which it that data is processed).
1. Applying to register, transfer or update a domain name
When you apply to register, transfer or update a domain name, in most cases, it is necessary to supply ownership, administrative and/or technical details (often called WHOIS) to certain bodies. It is normally possible for you to choose whether or not to use personal information or more generic information (e.g. ‘Domain Administrator’ and firstname.lastname@example.org) or whether to use our privacy service or (where applicable) our local presence service but – in some cases – you will need to provide personal information and in further cases you may have to supply particular personal information (e.g. ID documents or an ID number). If you supply personal information, what will happen to that information will depend on the type of domain name:
This is what happens for ‘.com’ and ‘.net’. ICANN and the relevant registry are the controllers. Iron Mountain Inc. is a processor for ICANN. We act as a processor for ICANN and the registries.
The above will also occur where:
2. International transfers
ICANN and Iron Mountain, Inc. are located outside of the EEA. The registries may – depending on the domain – be located outside of the EEA.
Where you provide us with personal information to be transmitted outside of the EEA, one or more of the following will apply:
This also applies where:
3. Applying to register with the ‘Trademark Clearinghouse’ (Chip S.A., incorporated and registered in Luxembourg with number B62506, whose registered office is at 21, rue Léon Laval, 3372 Leudelange)
When you apply to register with the Trademark Clearinghouse (TMCH), it is necessary to supply details of registered trade marks, their owner (and, where applicable, contact details for a representative of the owner) to the TMCH. The owner or their representative will be an individual so this will be personal information. The TMCH is the controller. We act as a processor for the TMCH.
The TMCH’s privacy notice is available here.
4. Applying for an SSL Certificate with Our Chosen SSL Certificate Provider from Time to Time
When you apply for an SSL certificate, it is necessary to supply details of the applicant to the SSL certificate provider (who will be located in the EEA). In some cases, the applicant will be an individual so this will be personal information. The SSL certificate provider is the controller. We act as a processor for the SSL certificate provider.
If you would like details of the SSL certificate provider that we are using (or intend to use) in a specific case, please contact us.