NIC.IM Privacy Policy

The following privacy policy has been updated to reflect changes in data-protection regulations introduced by the EU General Data Protection Regulation (GDPR) as implemented in the Isle of Man by the Data Protection (Application of GDPR) Order 2018.

Information Collection

The IM Registry (NIC.IM) has a legitimate right to collect information that is required for the proper maintenance and administration of user accounts and domain name registrations. This will include personal data.

The IM Registry does not process account or domain name registration information for any other reason and will never send unsolicited marketing correspondence.

Administrative Data

This is information necessary for ensuring the proper administration of user accounts. Minimum data required includes name, address and email. This will enable communication in relation to account management and domain name registrations.

Domain Registration Data

The IM Registry is required to collect data relating to the registration of domain names (“Registration Data”).

In order to provide domain name registration services, The IM Registry typically requires the following registrant data:

  • Domain Name
  • Name Servers
  • Registration Data (Data required to enter the domain into our registry)
    • Registrant Name
    • Registrant Organisation (where applicable)
    • Registrant Address
    • Registrant Email
    • Registrant Fax (where applicable)
    • Registrant Phone number
    • Administrative Contact
    • Administrative Contact Organisation (where applicable)
    • Administrative Contact Address
    • Administrative Contact Email
    • Administrative Contact Fax (where applicable)
    • Administrative Contact Telephone Number
    • Technical Contact
    • Technical Contact Organisation (where applicable)
    • Technical Contact Address
    • Technical Contact Email
    • Technical Contact Fax (where applicable)
    • Technical Contact Telephone Number
    • Billing Contact
    • Billing Contact Organisation (where applicable)
    • Billing Contact Address
    • Billing Contact Email
    • Billing Contact Fax (where applicable)
    • Billing Contact Telephone Number

Information Disclosure

The IM Registry does not disclose or share any data with third parties.

All IM Registry registrant information is redacted within WHOIS lookups in order to comply with the data protection regulations.

In exceptional circumstances, the data protection regulations will allow account and registrant information to be disclosed to law enforcement and regulatory agencies. Under these circumstances, the IM Registry will only disclose the requested information after confirming the request is legitimate and lawful.

Information security

The IM Registry is ISO 27001 Information Security accredited. As such, it has appropriate security measures to prevent registrant information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

Information Retention

The IM Registry has a data destruction policy and will automatically enforce the right to be forgotten upon the cessation of a domain name registration. This will be performed in line with the data retention policies required by law.

Information Rights

The regulations provide individuals a number of data protection rights. The following rights are those that are relevant in the context of domain name registration:

  • The right to be informed: individuals have the right to be informed about the collection and use of their personal data – as stated in this privacy policy.
  • The right of access: individuals have the right to obtain copies of their personal data.
  • The right to rectification: individuals have the right to have incorrect or incomplete personal data corrected.
  • The right to erasure: individuals can request that their data be erased when no longer required.

Individuals can contact the IM Registry at info@nic.im to exercise these rights at any time.

Individuals have the right to lodge a complaint with the Isle of Man Information Commissioner if they feel that their data has not been handled correctly, or are unhappy with the IM Registry response to any requests they made regarding the use of their personal data.

Further details of GDPR and its implementation in the Isle of Man can be found on the Isle of Man Information Commissioner’s website at www.inforights.im

Cookie Policy

The IM Registry uses "cookies" on this site. A cookie is a piece of data stored on a site visitor's computer to enhance the user experience on the site. Usage of these cookies is in no way linked to the collection of any personally identifiable information.