Last modified: April 25, 2022
DNSimple Corporation and our subsidiaries and affiliates ("DNSimple" or "We") respect your privacy and commit to protecting it through our compliance with the practices described in this policy.
This policy describes our practices for collecting, using, maintaining, protecting, and disclosing the personal data we may collect from you when you visit our websites ("Website") or use our products, services, or other digital properties (collectively, "Services"). This policy applies to the personal data that we collect, and information provided to us from third-parties, regardless of the country where you are located.
If you are a resident of the State of California, United States, California law may provide you with additional rights regarding our use of your personal information. Please see our Privacy Notice for California Residents.
Data we may collect about you.
We collect and use different types of data from and about you including:
- Personal data that we could reasonably use to directly or indirectly identify you, such as your name, postal address, email address, telephone number, user name or other similar identifier ("personal data").
- Non-personal data that does not directly or indirectly reveal your identity or directly relate to an identified individual, such as demographic information, or statistical or aggregated information. Statistical or aggregated data does not directly identify a specific person, but we may derive non-personal statistical or aggregated data from personal data. For example, we may aggregate personal data to calculate the percentage of users accessing a specific website feature.
- Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, or operating system and platform.
- Non-personal details about your Website interactions, including the full Uniform Resource Locators (URLs), clickstream to, through and from our Website (including date and time), products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page or any phone number used to call our customer service number.
- Payment details including partial credit card or debit card details such as the last 4 digits of your credit card, expiration date, billing address, and the name on the card.
- Email address and Google ID, which are provided by Google LLC when users authenticate using Google OAuth, for the purpose of logging in to or signing up with DNSimple. Google OAuth is a registration and authentication service provided by Google LLC.
- For Google Workspace administrators: Email address, OAuth access, and refresh tokens, which are provided by Google LLC, when a Google Workspace administrator authorizes SSO on a DNSimple account. Access and refresh tokens are stored in encrypted form and are not shared outside of DNSimple. The OAuth access token is used for the purpose of checking that SSO is being authorized by a valid Google Workspace administrator using their primary email address, and for keeping the DNSimple account membership in sync with the Google Workspace directory membership.
If we combine or connect non-personal, technical, or demographic data with personal data so that it directly or indirectly identifies an individual, we treat the combined information as personal data.
How we collect data about you.
We use different methods to collect data from and about you including through:
- Direct interactions. You may give us information about you by filling in forms or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you create an account, subscribe to our Services, perform any other direct interaction with our Website, or seek customer service assistance.
- Automated technologies or interactions. As you interact with our Website, we may automatically collect technical data about your equipment, browsing actions and patterns as specified above. We collect this information by using cookies, server logs, and other similar technologies (see Cookies and automatic data collection technologies).
- Third parties or publicly available sources. We may receive information about you from third parties including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies, data brokers or aggregators.
- Inter-registrar operations. We may receive personal information about you as a result of domain transfers from other registrars into our system.
Cookies and automatic data collection technologies.
- Estimate our audience size and usage patterns.
- Store information about your preferences, allowing us to customize our Website and Services according to your individual interests.
- Speed up your searches.
- Recognize you when you return to our Website.
'Do Not Track' notifications.
Some browsers allow you to automatically notify websites you visit not to track you using a "Do Not Track" signal. Like many websites and online services, we currently do not alter our practices when we receive a "Do Not Track" signal from a visitor's browser. To find out more about "Do Not Track," you may wish to visit allaboutdnt.com.
Our Website pages and emails may contain web beacons (small transparent embedded images or objects, also known as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count website page visitors or email readers, or to compile other similar statistics such as recording Website content popularity or verifying system and server integrity.
We do not control how these third-party tracking technologies operate or how they may use the collected data. If you have any questions about an advertisement or other targeted content, you should contact the responsible provider directly. For information about how you can opt out of receiving targeted advertising from many providers, see Your personal data use choices.
How we use your personal information.
We use your personal data to provide you with products, offer you Services, communicate with you, deliver advertising and marketing, or to conduct other business operations, such as using data to improve and personalize your experiences. Examples of how we may use the personal data we collect include to:
- Present our Website and provide you with the information, products, Services and support that you request from us.
- Meet our obligations and enforce our rights arising from any contracts with you, including for billing or collections, or comply with legal requirements.
- Fulfill the purposes for which you provided the data or that were described when it was collected.
- Notify you about changes to our Website, products or Services.
- Ensure that we present our Website content in the most effective manner for you and for your computer.
- Administer our Website and conduct internal operations, including for troubleshooting, data analysis, testing, research, statistical and survey purposes.
- Improve our Website, products or Services, marketing, or customer relationships and experiences.
- Protect our Website, employees or operations.
- Detect and prevent fraud.
We may also use your information to comply with any ICANN, registry or ccTLD rules, regulations and policies when you register a domain name with DNSimple. This includes the transfer of domain name registration information to the underlying domain registry operator and escrow provider, and publication of that information as required by ICANN in the public WHOIS database or with other third parties that demonstrate a legitimate legal interest to such information. See ICANN Privacy Notice.
We may disclose your personal data to third parties as necessary, including for the following purposes:
- We may share your personal data with business partners, suppliers, service providers, sub-contractors and other third parties we use to support our business.
- We may share your data to fulfill the purpose for which you provide it and for any other purposes that we disclose in writing when you provide the data.
- We may disclose your personal data to a prospective seller or buyer of our business or assets, or to a buyer or other successor in the event of merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, where one of the transferred assets is the personal data we hold.
- We use third-party services for fraud prevention and detection. We may securely share with such services certain personal data about transactions including email addresses, domain names, and any additional information that may help us identify fraudulent transactions.
We may use and share non-personal data without restriction.
Complying with regulatory, legal, and law enforcement requests and requirements.
We will not release your information without your express permission, unless it is required by law, or to comply with legal process properly served on DNSimple. Accordingly, when required to do so, we will cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We may disclose responsive information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (such as subpoena requests). If possible and legally permissible, we will take reasonable steps to notify you if we are required to provide your personal information to third parties as part of the legal process.
We may also be required to share your information to comply with any ICANN, registry or ccTLD rules, regulations and policies when you register a domain name with DNSimple. This includes the transfer of domain name registration information to the underlying domain registry operator and escrow provider, and publication of that information as required by ICANN in the public WHOIS database or with other third parties that demonstrate a legitimate legal interest to such information. See ICANN Privacy Notice.
Internet Corporation for Assigned Names and Numbers (ICANN) Privacy Notice.
- Information you must provide. In using our registration services, you are required to provide information (a) to register a domain name, (b) to update information about a domain name previously registered, or (c) to submit questions about our service. To register a domain name, you are required to provide the name you are registering; your name and postal address (or those of the person for whom you are registering the name); technical information about the computer with which the domain name will be associated; and the name, postal address, e-mail address, and voice and (where available) fax telephone numbers for the technical, administrative, billing, and zone contacts for the domain name. Once the domain name has been registered, your registration agreement requires you to correct and update this data promptly. If you submit a question about our service, you will be asked to provide your name, telephone number, and e-mail address.
- Why you must provide the information. The information you provide when registering a domain name (or correcting or updating registration information) is required to allow the Internet to associate the domain name with your computer, to allow us to properly handle your account (including notifying you at renewal time), and to permit others operating or using the Internet to easily contact you to resolve issues that arise in connection with the domain name. It will also be stored under a data escrow program to keep the domain name operating in the event we leave the domain-name registration business. When you submit a question to our Website, contact information is needed so that we can respond.
- Who will receive the information. We will provide information you submit in registering a domain name or updating related information to our own employees and consultants, to the administrator of the registry for the top-level domain in which you are registering (currently Network Solutions, Inc. for .com, .net, and .org), to operators and users of the Internet making Whois queries concerning your domain-name registration, to ICANN (which provides technical coordination for the Internet), and to escrow agents, auditors, Whois service providers, and replacement registrars that ICANN may designate.
- Information you provide in asking questions about our service may be given to our employees and consultants and, upon its request, to ICANN.
- Accessing, correcting, and updating information. You are required to correct any erroneous or out-of-date contact information concerning your registration. You can access the information you provide, correct it, and update it by visiting our website. See Accessing and Correcting your information.
- Information you provide about others. In providing personal information about other individuals (such as someone in whose name you are registering or the domain name's technical or billing contacts), you represent that you have notified them of the purposes for which the information will be used, the recipients of the information, and how they can access and correct the information, and that you have obtained their consent.
Consent to personal data transfer.
We are based in the United States. We may process, store and transfer the personal data we collect, in and to a country outside your own, with different privacy laws that may or may not be as comprehensive as your own.
By submitting your personal data or engaging with our Websites, you consent to this transfer, storing or processing.
Accessing and correcting your information.
You can review, update, or change your personal information by logging into the Website and visiting your account profile page. You may also send us an email at firstname.lastname@example.org to request access to, correct, export, erase, or otherwise inquire about any personal information processed by DNSimple in connection with the Services we provide.
If you make a request to delete your personal information and if that information is necessary for the products or services that you have purchased, DNSimple will accommodate your request only to the extent the information is no longer necessary for any Services purchased. We may not accommodate a request to change or delete information if we believe the change would violate any law or legal requirement or cause the information to be incorrect, or if we are required to maintain the information for our legitimate business purposes, including legal or contractual record keeping requirements, such as ICANN registration requirements. ICANN Registration Agreement.
The security of your personal data is very important to us. We use physical, electronic, and administrative safeguards designed to protect your personal data from loss, misuse and unauthorized access, use, alteration or disclosure.
The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website or using our Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. We provide two-factor authentication and encourage you to use this functionality to further protect your account. When two-factor authentication is enabled, you receive a recovery code and are required to retain this code and use it in case you are unable to use your two-factor authentication device.
Children's online privacy.
We do not direct our Website to minors and we do not knowingly collect personal data from children as defined by local legal requirements. If we learn we have mistakenly or unintentionally collected or received personal data from a child without appropriate consent, we will delete it, unless required by law to retain the information. If you believe we mistakenly or unintentionally collected any information from or about a child, please contact us at email@example.com.
Your California Privacy Rights.
Notice to California Residents: We do not sell personal information to third parties as defined under the California Consumer Privacy Act of 2018 (California Civil Code Sec. 1798.100 et seq.), nor do we sell, rent, or share personal information with third parties for their direct marketing purposes as defined under California Civil Code Sec. 1798.83.
If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. Please see our Privacy Notice for California Residents.
Domain front-running is the practice whereby a service uses insider information to register domains for the purpose of reselling them or earning revenue via ads placed on the domain's landing page.
We guarantee that DNSimple will never engage in domain front-running. When we use third-party services to provide domain name suggestions, we rely on their policies against front-running.
Questions, comments and requests regarding this privacy notice and our privacy practices are welcomed and should be addressed to firstname.lastname@example.org.