IRISH DOMAINS TAKE YOUR PRIVACY SERIOUSLY
We only collect personal information from you for valid reasons, almost always this is so that we provide you with a product or service you have requested.
We do our level best to keep your information safe and secure. We minimize the information we collect from you to that needed for the purposes you have agreed, and we keep it for as short a time as possible.
We will only disclose your information to others if necessary to provide you with the product or service you have requested, or where required to comply with law. We absolutely do not pass sell, rent or trade your personal information to other businesses for profit or for purposes unrelated to your business with us.
If we do need to disclose your information on to others we make sure that it is to someone within the EU where the same strong laws apply, or if outside of the EU, where there is a contract or framework in place to make sure your information is just as safe.
That’s the promise.
The complete statement of information is below so that you can understand in more detail how we handle the data you provide us and what we do (or don't do) with it.
WHO WE ARE
Irish Domains Limited,
15 Joyce’s Court,
Talbot Street,
Dublin 1, Ireland.
In this document, Irish Domains Limited may be referred to as “Irish Domains”, “We” or “Us”.
We are registered with the Data Protection Commissioner as a data processor, our registration number is 16944/A.
This statement, together with our terms and conditions and any other documents referred to, sets out the basis on which any personal data we collect or receive from you will be processed by us.
Please read the following carefully to understand what personal data we collect, why we do so, how we treat that data, and your rights in relation to it.
By using our website(s) and/or placing an order, you are confirming that you understand and agree to the practices described in this policy.
This privacy statement is included by reference in our terms and conditions.
THE INFORMATION WE COLLECT FROM YOU
The information we collect from you or that you give us (collectively the “personal information” or "information") comprises the following categories:
Information we need to operate your account
When you first place an order on our website, we will ask for your name, billing address, phone number and email address. If you need other users to access your account (such as colleagues or employees) we may ask you for the same information in relation to those individuals, but you must ensure you have their permission or authority to do so. We will also ask for a username and password so that we can create an account for you on our systems, as well as payment information where the service is not free.
This information is required because we need it to fulfill our contract with you, to provide you with support, and to be able to contact you. You should check this information and keep it accurate and up-to-date via your Irish Domains control panel.
Information we need to provide you with services
For some services, we will ask for additional information when it is needed by us or our suppliers to provide them to you. If you need others to use your purchased services (such email addresses etc.) we may also ask you for personal information in relation to those individuals, but you must ensure you have their permission or authority to provide this.
For example, if you sign up for a .IE domain name, we may request personal identification information about the holder as this is required by the IE Domain Registry (the data controller) to validate the registration.
This information is required because we need it to fulfill our contract with you. You should check this information and keep it accurate and up-to-date via your Irish Domains control panel or, in some cases where the service is external, via an online portal provided by the service provider.
Information we use to tell you about our services
When you sign up with us, we may ask you for permission to contact you by email from time to time with details of new or existing services we provide, using the email address you give us when you created your Irish Domains account.
This processing is based on your consent which you may withdraw at any time either via your Irish Domains control panel or via the “Unsubscribe” facility on any such message.
We may need to contact you from time to time with important information related to the operation of your account or your existing services. We will send you this information even if you withdraw your consent for other communications.
Information relating to your use of our websites or services
When you contact us, we may keep a record of the correspondence for the purposes of communicating with you, for training and quality reasons, and ensuring our records are up-to-date.
When you use our services, we will keep a record this for audit and accounting purposes, to ensure the services operate correctly, to provide you with support and where required by law. This includes the time, IP address and URL when you use our websites or portals and other information such as web and email server logs, FTP logs and internal security logs.
This information is required because of our legitimate interest in ensuring our services operate correctly and efficiently, in ensuring the security of your account and in accordance with applicable laws.
Website cookies
Websites operated by Irish Domains may make use of ‘Cookies’, small pieces of information that are remembered by your web browser
Cookies allow you to remain logged in to your control panel or assist in remembering your order while you are purchasing services. They may also be used to integrate third party functions into the site such as web chat, social media feeds or to allow external sites display customized advertising when you visit them.
Cookies may be deleted from your browser at any time, or may be disabled by adjusting your browser settings, however we cannot guarantee the correct operation of all our websites in this case.
HOW LONG WE KEEP YOUR INFORMATION
It is our practice to keep your information for no longer than is necessary to provide you with the services you have requested, or as required by law.
Account information is retained while you have at least one active service with us. When there are no longer any active services on an account, it will be closed within 60 days, and the information it contains will be archived and retained no longer than is required by law.
Service related information is retained while it is active.
Where your information has been disclosed to an external provider to provide a requested service, that provider will retain the information in accordance with their published retention policy. For further details, please refer to the disclosure information referenced below.
If you have given us additional information when ordering or using a product or service, we will retain this for as short a period as is necessary to obtain or use that service. Please refer to the Service Specific Provisions for retention practices relating to specific products or services.
DISCLOSURE OF YOUR INFORMATION
We disclose your information to others only where required to provide a requested service, where required by law or where otherwise necessary to operate your account.
When registering domain names, we must pass your information to the appropriate registry so that you can enter into an agreement for registration with them. In such cases the registry is operating as data controller for that information and we are acting as a data processor with a contract in place to ensure that your information is safe.
For some top-level domain names, we may transmit this information via another registrar in which case we are acting as a sub-processor under contract with that data-processor.
For SSL certificates, we must pass your information to the appropriate Certificate Authority (CA) so that they can issue the cert on your behalf. In this case, the CA acting as a data controller and we are acting as a data processor under contract. For some certificates we may purchase these via a wholesale reseller in which case we are acting as a sub-processor under contract with that data-processor.
For full information on these and other third-party products or services that require disclosure and to whom or what extent your data may be disclosed, please refer to the Service Specific Provisions.
HOW WE PROTECT YOUR INFORMATION
Irish Domains web sites, portals, support systems and email systems use HTTPS and Transport Layer Security (SSL/TLS) encryption to ensure that personal information you pass to us or that we send back to you is kept safe from eavesdropping.
Your personal information is stored on Irish Domains secure servers, in ISO 27001 certified facilities in Dublin, Ireland. Strict physical and operational access controls are in place to prevent access by unauthorized access and all our staff have received instruction on data protection principles.
Where we need to disclose your data to others to provide you with requested services, we ensure that there is a contract in place to ensure that your personal information is kept safe and secure in accordance with current data protection regulations.
Our security measures are reviewed periodically to ensure they continue to be appropriate to safeguard the information you give us.
YOUR RIGHTS
You have certain specific rights under law regarding your personal information.
The right to be informed
Primarily, you have the right to be informed about why your personal information is needed, what information is collected, what is done with that information, how long it is kept for, and the legal basis for doing so.
That information is contained within this statement and the referenced documents but if you have any questions or anything is unclear you can ask us at data-requests@irishdomains.com for more information.
The rights of access, rectification or erasure
In general, the personal information held by Irish Domains is obtained from you and you can access it via the web portal at https://id.ie/clientarea.php or https://cp.irishdomains.com (“the control panel”). You can view and modify that information as you wish, provided doing so does not prevent us providing you with the requested products and services or administering your account in accordance with the law. Please note that our terms and conditions require you to maintain up-to-date and accurate contact information on your account. Some services, such as domains, also require that the underlying domain information is maintained up-to-date by you, inaccurate domain registration information may result in suspension or deletion of your domain(s).
If you believe your personal information is no longer required for the purposes you gave it, it may be possible to erase it provided we don’t need it to fulfill a contract, maintain a domain registration or other service, or otherwise comply with law.
You can always contact us at data-requests@irishdomains.com if you need assistance with accessing, rectifying or erasing your personal information. In certain circumstances we may charge a reasonable fee for manual retrieval of personal information where this takes a significant amount of time or where the amount of information is large, but we will inform you beforehand in such cases.
The right to limit or object to processing
It is your right that we limit processing of your personal information to the maximum extent possible. This document outlines the reasons why we need to process your data and how we do so.
If we are processing your personal information because you have given consent for us to do so (such as for marketing purposes) and you wish us to stop doing that, or if you believe we are processing it to an extent not required by our contract with you or by our other legitimate interests, then you have the right to object to such processing.
You can contact us at data-requests@irishdomains.com if you need to do this.
The right to data portability
To the extent that it is technically and practically feasible, while we are processing your personal information, we will make that information available for transfer in electronic format such that it is possible to transfer it to another system.
You can contact us at data-requests@irishdomains.com if you need to do this.
The right to object to automated decisions
Where you believe you have been subjected to decision-making based on automated processing (i.e. where no human is involved in the decision-making process) you have the right to request that any such decision is subject to review by a real person. This does not apply where the automated decision-making is required to fulfil a contract with you or where you had consented in advance.
You can contact us at data-requests@irishdomains.com if you need to do this.
