PRIVACY POLICY

(Effective August 3, 2020)

Registry Services, LLC (“Registry Services”), the administrator of the country code top level domain for the United States (the “usTLD”), wants you to know and understand what personal information we collect about usTLD registrants (“Registrant Data”) and how we use and disclose that information. In addition, this Privacy Notice describes the information we collect about visitors to the usTLD’s website at www.about.us.

What Registrant Data do we collect and where does it come from?

When you register a domain in .us, your usTLD Registrar transfers to us the following categories of personal information about registrants, their technical contacts, and their administrative contacts: 

  • Name
  • Postal address
  • Email address
  • Telephone number
  • Fax number (where available)

 We also receive information from your usTLD Registrar about the domain itself, which is associated with the personal information listed above, including:

  • Name of the sponsoring usTLD Registrar
  • IP addresses for the domain’s nameservers
  • The domain’s creation and expiration date; and
  • Domain status

This information may be updated (by you or your usTLD Registrar) from time to time if, for example, you change your hosting service or admin contact, transfer the domain to another usTLD Registrar, etc. In addition, we may occasionally receive complaints or inquiries about the domain from registrants themselves and/or from third parties.

How do we use Registrant Data?

 We use and disclose Registrant Data when necessary, in our sole discretion, to:

  • Provide registry services for the usTLD;
  • Optimize and enhance those services;
  • Trouble-shoot and resolve Registry performance issues, and provide support to usTLD registrants;
  • Enforce our agreements and usTLD policies, including (without limitation) policies on WHOIS Accuracy, Nexus, and Privacy/Proxy Registrations;
  • Investigate and respond to inquiries, complaints, or disputes about registration of the domain and/or policy compliance;
  • Prevent, detect, and respond to malicious behavior and/or misuse of our services and enforce prohibitions on the use of domain names to distribute malware, operate botnets, or engage in phishing, piracy, intellectual property infringement, fraudulent or deceptive practices, counterfeiting or other activity that is contrary to applicable law;
  • Investigate, identify, respond to, and help others to investigate and respond to cyber security threats and other criminal behavior, including in support of law enforcement investigations;
  • Protect our rights and the rights of third parties;
  • As necessary to comply with our contractual obligations to the US Department of Commerce, for example by conducting regular audits of the accuracy of such data;
  • In an emergency to protect the personal safety of Registry Services employees, its customers, or any person;
  • Comply with US or foreign laws or respond to lawful requests and legal process in US or foreign civil, criminal or investigative matters; and
  • Conduct research using aggregated or de-identified data.

We will not use Registrant Data in personally identifiable form for other purposes without your permission.

To whom do we disclose Registrant Data?

Registry Services may disclose Registrant Data for the purposes described above to the following third parties:

  • Registry Services is required by United States policy, as reflected in our agreement with the U.S. Department of Commerce, to publish Registrant Data online, via the usTLD WHOIS database (available at whois.us). Registry Services prohibits use of WHOIS Data: (i) in a manner contrary to applicable law; (ii) to allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via direct mail, electronic mail, or by telephone; (iii) in contravention of any applicable data and privacy protection laws; or (iv) to enable high volume, automated, electronic processes that interact with domain name registry systems. We also prohibit the copying, compilation, repackaging, or dissemination or usTLD WHOIS data.
  • Registry Services may share Registrant Data with third party vendors, consultants, professional services providers, and other service providers who are working on our behalf, but we limit their access and use of personal information to that which is needed to carry out their work for us, including cloud service providers, software development and support contractors, contractors providing data base management and other administrative support services, security services partners, and legal and accounting professionals.
  • Registry Services cooperates with government and law enforcement officials and private parties to fulfill our contractual obligations and to enforce and comply with the law. We will disclose any information about you to government or law enforcement officials or private parties that we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (such as subpoena requests), to protect our property and rights or the property and rights of a third party, to protect the safety of the public or any person, or to prevent or stop activity we consider to be illegal or unethical.
  • We may disclose Registrant Data in connection with any merger, sale of company assets, financing or acquisition of all or a portion of our business to another company.

How do we safeguard Registrant Data?

Registry Services has implemented policies that include reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, use, or disclosure of Registrant Data.

While we cannot prevent misuse of Registrant Data in the public usTLD WHOIS database, all WHOIS queries are subject to terms and conditions described above, and we have implemented reasonable technical measures designed to prevent collection and use in violation of those terms. 

What about sensitive data, including information about children?

Registry Services does not collect or process sensitive information (e.g., government issued, identifiers, financial or health information, information about race, ethnicity, religious or political beliefs, sex life, or sexual orientation) about usTLD Registrants, nor does it collect personal information about children under 18. If you believe the WHOIS database contains information about a child under 18 years of age, please contact us immediately by email to privacy@about.us.

How long do you retain Registrant Data?

Registry Services maintains Registrant Data for the life of your registration plus 2 years.

Information for California Residents

If you are a consumer residing in California, you may have the right to make certain requests under the California Consumer Privacy Act (CCPA):

You may have the right to know about personal information that we have collected or disclosed, including:

  • The categories of personal information we have collected or shared about you in the preceding 12 months;
  • The categories of sources from which we have collected that information in the preceding 12 months;
  • The commercial or business reason(s) we have collected or shared that information; and
  • The categories of third parties with whom we have shared that information in the preceding 12 months. 

Under limited circumstances, you may have the right to request deletion of personal information about you. To submit a request to know or delete personal information we collect from you, you can send an email to privacy@about.us. Please note that, depending on the nature of your request, we may need additional information to verify your identity including, without limitation, name, address, telephone number, and/or email addresses. We will use any information you submit only to fulfill your request. If you would like to designate an authorized agent, we will require you to submit an email or letter with that information, including information that allows us to verify your identity as well as the identity of your agent. 

Registry Services does not sell Registrant Data or knowingly process personal information about children under 18. To submit a request to know or delete Registrant Data collected by your Registrar, you will need to contact your usTLD Registrar to fulfill the request. 

Registry Services is prohibited by law from treating you in a discriminatory fashion as a result of your election to exercise any rights you have under CCPA. Please be advised, however, that our contract with the US Department of Commerce requires us to collect, use, and publish Registrant Data in the manner described in this Privacy Notice.

If you would like to know more about how Registry Services processes personal information about usTLD registrants, please contact us via email or snail mail to the address below:

Registry Services, LLC

14455 North Hayden Road Scottsdale, AZ 85260

privacy@about.us

Information for EEA Residents

Registry Services honors confirmation, access, correction, objection, and erasure rights of data subjects to the extent required under the EU's General Data Protection Regulation (GDPR). If you are resident in the European Economic Area (EEA), please contact us at privacy@about.us to initiate this process. Please be advised, however, that our contract with the US Department of Commerce requires us to collect, use, and publish Registrant Data in the manner described in this Privacy Notice.

EU-US Privacy Shield and Swiss-US Privacy Shield. Registry Services, LLC complies with the EU-US Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States. Registry Services, LLAC has certified to the U.S. Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms of this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield Frameworks visit www.privacyshield.gov

Residents of the European Union and Switzerland may have the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. For additional information about this, please see: https://www.privacyshield.gov/article?id=ANNEX-I-introduction.

Registry Services is responsible for the processing of personal data it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. We comply with the Privacy Shield Principles for all onward transfers of personal data from the EU, UK, and Switzerland, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield

Framework, Registry Services is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 

In compliance with the Privacy Shield Principles, Registry Services commits to resolve complaints about our collection or use of your personal information. EU, UK, and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Registry Services at:

Registry Services, LLC

14455 North Hayden Road

Scottsdale, AZ 85260

Email: privacy@about.us 

Registry Services has further committed to cooperate with the panel established by the EU dataprotection authorities (DPAs) and the Swiss Federal Data Protection and InformationCommissioner (FDPIC) with regard to unresolved Privacy Shield complaints concerning data transferred from the EU and Switzerland. If you have not received a timely or satisfactory response from Registry Services to your question or complaint, please contact the independent recourse mechanism provided by the DPAs or FDPIC, as applicable.

usTLD Website Cookies

We use cookies and similar technologies on our websites and our mobile applications to allow us to track your browsing behavior, links clicked, items purchased, your device type, and to collect various data, including analytics, about how you use and interact with our services. These technologies automatically collect data when you use and interact with our website, including metadata, log files, cookie/device IDs, page load time, server response time, and approximate location information to measure website performance and improve our systems, including optimizing DNS resolution, network routing and server configurations. Specifically, interactions with the features, content and links (including those of third-parties, such as social media plugins) contained within the services, Internet Protocol (IP) address, browser type and settings, the date and time the services were used, information about browser configuration and plugins, language preferences and cookie data, information about devices accessing the services, including type of device, what operating system is used, device settings, application IDs, unique device identifiers and error data is collected. All this allows us to provide you with more relevant product offerings, a better experience on our sites and mobile applications, and to collect, analyze and improve the performance of our services. We may also collect your location (IP address) so that we can personalize our services. For additional information, and to learn how to manage the technologies we utilize, please visit our Cookie Policy. If you wish to opt out of interest-based advertising click here <http://preferences-mgr.truste.com/> (or if located in the European Union click here <https://www.youronlinechoices.com/>). Please note you will continue to receive generic ads.

Policy Changes 

This Privacy Notice may change from time to time, in which case we will revise the "Updated" date. We will post any privacy policy changes on this page and, if the changes are significant (also known as material changes), we will provide more prominent notice on this site prior to the changes becoming effective and indicate at the top of the policy when it was most recently updated. Changes we determine to be material to this policy will become effective 30 days after posting.

Data Protection Authority

 If you are a resident of the European Economic Area (EEA) and believe we maintain your personal information subject to the General Data Protection Regulation (GDPR), you may direct questions or complaints to your local supervisory authority or our lead supervisory authority, the UK's Information Commissioner’s Office, as noted below:

www.ico.org.uk

Information Commissioner’s Office

Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom Phone: 0303 123 1113

Contact us

If you have any privacy-related questions, concerns or complaints about our Privacy Policy, our practices or our Services, you may contact our Office of the DPO by email at privacy@about.us.

In the alternative, you may contact us by mail:

Attn: Office of the Data Protection Officer, 14455 North Hayden Road, Suite 219, Scottsdale, AZ 85260 USA, or for customers established in the EEA, Attn: Legal, Office of the DPO, 5th Floor, The Shipping Building, Old Vinyl Factory, 252-254 Blyth Road, Hayes, UB3 1HA.

 

We will respond to all requests, inquiries or concerns within thirty (30) days of receipt.

Are you ready to join
the .US Community?

Get Your .US

1.7M+

.US Domains
Registered

200+

Trusted Retail
Partners

50+

Useful Tips &
Marketing Tools

15+

Years of Launching
Ideas Online