Log In Sign Up

Privacy Policy

How we collect, use, and protect your personal data.

Last updated: April 18, 2025

1. Data Controller

The data controller responsible for the processing of your personal data is:

MB "Registerra"
Company code: 307631455
Šviesos g. 3-72, Grigiškės, LT-27115, Vilnius, Lithuania
Email: [email protected]

2. Data We Collect

In the course of providing domain registration and management services, we collect and process the following categories of personal data:

2.1. Registrant Data (Domain Registration)

  • Full name (natural person) or organization name (legal entity)
  • Postal address (street, city, postal code, country)
  • Email address
  • Phone number
  • National identification data where required by the registry (e.g., Codice Fiscale for .it, DNI/NIE/NIF for .es, SIREN/SIRET for .fr)
  • VAT number (for legal entities)
  • Technical contact information
  • Administrative contact information

2.2. Account Data

  • Login credentials (email and hashed password)
  • Payment information (processed by third-party payment providers; we do not store full credit card numbers)
  • Transaction and billing history
  • Communication history with our support

2.3. Technical Data

  • IP address
  • Browser type and version
  • Pages visited and time of access
  • Referring URL

3. Legal Basis for Processing

We process your personal data on the following legal bases under the General Data Protection Regulation (GDPR):

  • Performance of a contract (Art. 6(1)(b) GDPR): Processing is necessary to register and manage domain names on your behalf, provide customer support, and process payments.
  • Legal obligation (Art. 6(1)(c) GDPR): We are required to collect and transmit certain Registrant data to domain name registries in accordance with their policies and applicable regulations (including ICANN requirements, national domain laws, and registry-specific regulations).
  • Legitimate interest (Art. 6(1)(f) GDPR): We process technical data for website security, fraud prevention, and service improvement.
  • Consent (Art. 6(1)(a) GDPR): Where we send marketing communications, we do so based on your prior consent, which you may withdraw at any time.

4. Data Sharing with Registries

As a domain registrar, we are required to share Registrant data with the relevant domain name registries to complete domain registration. This includes:

4.1. DENIC eG (.de)

DENIC requires the Registrant's name, address, and contact data. This data is stored in DENIC's WHOIS database. Since May 2018, DENIC has restricted public WHOIS access in compliance with GDPR. Detailed information: DENIC Data Protection.

4.2. AFNIC (.fr)

AFNIC requires the Registrant's name, address, email, phone, and — for legal entities — the SIREN/SIRET number. AFNIC processes this data in accordance with the French Data Protection Act (Loi Informatique et Libertés) and GDPR. For natural persons, personal data is redacted from public WHOIS. AFNIC may verify Registrant identity and request supporting documentation. Detailed information: AFNIC Privacy Policy.

4.3. Registro.it / NIC.it (.it)

Registro.it requires the Registrant's name, address, email, phone, and — for natural persons — the Italian fiscal code (Codice Fiscale) or equivalent national identification. For legal entities, the VAT number is required. Registro.it publishes domain holder data in its WHOIS database, though data for natural persons may be withheld upon request. The Registrant must accept the Registro.it Registration Regulations and data processing conditions. Detailed information: NIC.it Privacy Policy.

4.4. Red.es / Dominios.es (.es)

Red.es requires the Registrant's name, address, email, phone, and a valid identification document (DNI, NIE, NIF for Spanish residents; passport number for non-residents). Red.es processes this data in compliance with Spanish data protection law (LOPDGDD) and GDPR. Red.es WHOIS output is restricted and does not display full Registrant contact details for natural persons. Detailed information: Red.es Data Protection.

4.5. Other Registries

For other TLDs (.eu, .ch, .be, .nl, .at, etc.), we share Registrant data with the respective registry in accordance with their published data protection policies. These registries operate within the EU/EEA or Switzerland and comply with GDPR or equivalent data protection frameworks.

5. Data Sharing with Third Parties

We may share your personal data with:

  • Domain registries — as described in Section 4 (mandatory for domain registration)
  • Upstream registrars — where we act as a reseller, your data may be shared with our upstream registrar partner for the purpose of completing domain registration
  • Payment processors — to process your payments securely
  • Law enforcement — where required by law or court order
  • Dispute resolution providers — in the context of domain name disputes (UDRP, SYRELI, ADR, etc.)

We do not sell your personal data to third parties. We do not share your data with third parties for marketing purposes without your explicit consent.

6. International Data Transfers

Your personal data may be transferred to domain registries and service providers located outside the European Economic Area (EEA). Where such transfers occur, we ensure appropriate safeguards are in place, including:

  • EU Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Binding contractual obligations with data processors

7. WHOIS Data and Public Disclosure

7.1. Domain name registries maintain WHOIS databases containing Registrant information. The extent of publicly available data varies by registry:

  • .de (DENIC): Restricted WHOIS; contact data not publicly displayed since GDPR implementation
  • .fr (AFNIC): Personal data of natural persons redacted from public WHOIS; legal entity data may be displayed
  • .it (NIC.it): Registrant data published; natural persons may request data withholding
  • .es (Red.es): Limited WHOIS; personal contact details of natural persons not publicly displayed
  • .eu (EURid): Restricted WHOIS in compliance with GDPR

7.2. Regis Terra offers WHOIS privacy/proxy services where permitted by the registry. Contact us for availability.

8. Data Retention

We retain your personal data for the following periods:

  • Registrant data: For the duration of the domain registration plus 3 years after expiry or transfer, or as required by the respective registry
  • Account data: For the duration of the customer relationship plus 5 years (in compliance with Lithuanian accounting and tax regulations)
  • Technical/log data: Up to 12 months
  • Communication records: For the duration of the customer relationship plus 3 years

Where registry-specific regulations require longer retention (e.g., AFNIC may require data retention for regulatory purposes), we comply with the applicable retention period.

9. Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of access (Art. 15 GDPR): You may request a copy of the personal data we hold about you.
  • Right to rectification (Art. 16 GDPR): You may request correction of inaccurate or incomplete data.
  • Right to erasure (Art. 17 GDPR): You may request deletion of your data, subject to legal retention obligations and active domain registrations.
  • Right to restriction of processing (Art. 18 GDPR): You may request limitation of data processing under certain conditions.
  • Right to data portability (Art. 20 GDPR): You may request to receive your data in a structured, machine-readable format.
  • Right to object (Art. 21 GDPR): You may object to data processing based on legitimate interest.
  • Right to withdraw consent (Art. 7(3) GDPR): Where processing is based on consent, you may withdraw it at any time.

Please note that certain data is required for domain registration and cannot be deleted while the domain is active. Requesting deletion of mandatory registration data may result in domain suspension or cancellation by the registry.

To exercise your rights, contact us at [email protected]. We will respond within 30 days.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

  • Encryption of data in transit (TLS/SSL)
  • Secure storage of credentials (hashing and salting)
  • Access controls and authentication mechanisms
  • Regular security reviews and updates
  • Staff training on data protection

11. Cookies

Our website uses essential cookies required for the operation of the website (session management, security). We do not use tracking or advertising cookies. If this changes, we will update this policy and implement a cookie consent mechanism.

12. Supervisory Authority

If you believe that our processing of your personal data infringes GDPR, you have the right to lodge a complaint with a supervisory authority. The relevant authority for Regis Terra is:

State Data Protection Inspectorate of the Republic of Lithuania
(Valstybinė duomenų apsaugos inspekcija)
L. Sapiegos st. 17, LT-10312, Vilnius
Website: vdai.lrv.lt
Email: [email protected]

13. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be published on this page with an updated "Last updated" date. We encourage you to review this page periodically.

14. Contact

For any questions or requests regarding this Privacy Policy or data protection, please contact us at:

MB "Registerra"
Šviesos g. 3-72, Grigiškės, LT-27115, Vilnius, Lithuania
Email: [email protected]