We appreciate the work that our reseller partners have done, alongside our own, to come into compliance with the GDPR. In support of that work, please review our updated Reseller Agreement and Domain Registration Agreement. These updated contracts will go into effect 25 May, 2018.
These changes primarily relate to the registrant’s consent management flow and include the addition of a Data Processing Addendum (DPA), with EU standard contractual clauses to allow data transfer from the EU to non-EU jurisdictions.
We also understand that ICANN will be adopting a standard Data Processing Addendum, which would apply to its role with us (and you), our role (and yours) with gTLD registries, and our role (and yours) with data escrow providers. We were hoping to make this available to you along with our updated agreement, but in the interests of time and the need to achieve compliance on the set schedule, we are using our own data processing addendum instead for the present.
If, as we anticipate, ICANN develops and issues to registries and registrars a new binding policy under the terms of our Registrar Accreditation Agreement, with a mandatory or recommended DPA, we will likely amend certain terms of our Master Services Agreement and the associated exhibits to conform to industry standards and assure contractual compliance with ICANN.
We also anticipate that gTLD and ccTLD registries will continue to amend their contracts in the days and weeks ahead, so please ensure that you are always pointing your users to the most current version of the relevant registry terms and conditions, as referenced in our Domain Registration Agreement.
Should any additional changes be required in this rapidly evolving area, we will inform you via our blog and newsletter.