Your privacy is very important to us. doMEn LLC (“.Me Registry”, “domain.me”) wants to make your experience on the Internet as enjoyable and rewarding as possible, and we want you to use the Internet’s vast array of information, tools, and opportunities with complete confidence.
A. General Information
The controller pursuant to Article 4 No. 7 General Data Protection Regulation (“GDPR”) is:
If at any time you have questions about our practices or any of your rights described below, you may contact us via the following form https://domain.me/gdpr-data-request-form/. This inbox is actively monitored and managed so that we can deliver an experience that you can confidently trust.
Legal Bases For Processing Of Your Data
Unless otherwise stated, legal basis for the processing of personal data are:
- Insofar as we obtain the data subject’s consent for processing of personal data, Art. 6 (1) Clause 1 lit. a) GDPR as the legal basis.
- In case of processing of personal data is necessary for the performance of a contract, the legal basis is Art. 6 (1) Clause 1 lit. b) GDPR. This also applies to processing operations that are necessary to carry out pre-contractual measures.
- Insofar as processing of personal data is necessary for the compliance of a legal obligation our company is subject to, the legal basis is Art. 6 (1) Clause 1 lit. c) GDPR.
- In the case that vital interests of the data subject or of another natural person require a processing of personal data, Art. 6 (1) Clause 1 lit. d) GDPR serves as the legal basis.
- If processing is necessary to protect a legitimate interest of our company or of a third party and if the interests, fundamental rights, and fundamental freedoms of the data subject do not outweigh these legitimate interests, the legal basis for processing is Art. 6 (1) Clause 1 lit. f) GDPR.
Security Of Processing
We use technical and organizational security measures in order to protect Data, in particular against accidental or intentional manipulation, loss, damage or attack by unauthorized persons. Our security measures are continuously improved in line with technological developments. This site uses DNSSEC and SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
HTTPS encrypts nearly all information sent between a client and a web service. It ensures
- The visitor’s connection is encrypted, obscuring URLs, cookies, and other sensitive metadata.
- The visitor is talking to the “real” website, and not to an impersonator or through a “man-in-the-middle”.
- The data sent between the visitor and the website has not been tampered with or modified.
Retention Periods – How And How Long We Keep Your Data
We follow generally accepted standards to store and protect the Data we collect, both during transmission and once received and stored, including utilization of encryption where appropriate.
The data processed by us is erased or its processing is restricted in compliance with statutory requirements, in particular Art. 17 and Art. 18 GDPR. Unless expressly stated otherwise within the scope of this privacy statement, we erase data stored by us as soon as such is no longer required for the intended purpose. Data will be retained beyond the time at which the purpose ends only if such data is necessary for other, legally permissible purposes or if the data must continue to be retained due to statutory retention periods. In these cases, processing is restricted, i.e. it is blocked, and will not be processed for other purposes.
Processors, Third Party Service Providers
In some cases, we use external service providers to process your data, which are bound to our instructions, based on data processing agreements pursuant to Art. 28 GDPR. We use only processors providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of GDPR and ensure the protection of your rights. The processor does not independently process data for its own purposes. Further, they must process the personal information in accordance with this privacy notice and as permitted by applicable data protection laws. Especially if data is transferred to countries outside the European Economic Area, it is ensured that this is in accordance with the provisions of the GDPR.
Sharing with trusted third parties. We may share your Data with affiliated companies within our corporate family, with third parties with which we have partnered to facilitate the use of our own Services, and with trusted third party service providers as necessary for them to perform services on our behalf, such as:
- Accredited UDRP providers for .ME (https://domain.me/policies/#dispute-policy)
- Serving advertisements
- Conducting contests or surveys
- Performing analysis of our Services and customers demographics
- Communicating with you, such as by way email or survey delivery
- Customer relationship management
- Compliance with legal, regulatory and law enforcement requests.
We cooperate with the Government of Montenegro and law enforcement officials and private parties to enforce and comply with the law. We will disclose any information about you to the Government of Montenegro or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal process (such as subpoena requests), to protect our property and rights or the property and rights of a third party, to protect the safety of the public or any person, or to prevent or stop activity we consider to be illegal or unethical.
To the extent we are legally permitted to do so, we will take reasonable steps to notify you in the event that we are required to provide your personal information to third parties as part of legal process. We will also share your information to the extent necessary to comply with ccTLD rules, regulations and policies when you register a .ME domain name.
Contact Form, E-Mail, Telephone, Social Media
We would be pleased to give you the opportunity to contact us for:
- Informational purposes via https://domain.me/contact-me/
- WHOIS data via https://domain.me/whois-data-request-form/
- GDPR questions via https://domain.me/gdpr-data-request-form/
- Premium program via https://domain.me/application-form/
If you contact us regarding the issue of data protection as well as any other matters, we will process the data provided by you so that we can take care of your request and respond to it. Within the scope of contacting us via contact form the legal basis for the processing of your data depends on the content of your enquiry. Purely informational enquiries are legally based on your (presumed) consent pursuant to Article 6 (1) Clause 1 lit. a) GDPR. As far as the contacts are in connection with (pre-)contractual performance obligations processing is based on Article 6 (1) Clause 1 lit. b) GDPR. The information provided by users on the basis of Article 6 (1) Clause 1 lit. b) GDPR can be stored in a customer relationship management system (“CRM System”).
If you contact us by contact form for informational purposes, you can object to the storage of your personal data at any time. In such a case, the conversation cannot be continued. Furthermore, you have the right to object to the storage of your personal data in a CRM system.
We will delete your contact inquiries from our active systems immediately after final processing, unless legal permissions or storage obligations permit or require further storage. For example, when you send general inquiries about .ME domains, we will store your data for a period of six months from the moment when your request is completed.
Pursuant to the statutory provisions, you can assert the following rights with regard to personal data relating to you:
- Right to access by the data subject (Art. 15 GDPR ),
- Right to rectification and erasure (Art. 16 and Art. 17 GDPR ),
- Right to restriction of processing (Art. 18 GDPR ),
- Right to data portability (Art. 20 GDPR ),
- Right to object (Art. 21 GDPR ).
To assert your rights, please send your request to the contact details listed above.
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the GDPR. The supervisory authority to which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 GDPR.
B. Information About The Processing When Visiting Our Website
Server Log Files
For the informational use of our website, it is generally not required that you actively provide personal data. In this case we collect and use only your data which is automatically transmitted to us by your Internet browser. These include:
- date and time of your retrieval of one of our websites;
- time zone difference to Greenwich Mean Time (GMT);
- your browser type;
- the amount of the data transferred
- your browser settings;
- the utilized operating system;
- your most recently visited site;
- the transferred data volume and access status (file transferred, file not found, etc.);
- your IP address.
The data is stored on our servers. This data is not stored together with other personal data except those stated above. The temporary storage of the IP address by the system is necessary to allow delivery of the website to the user’s computer. For this purpose, the IP address of the user must be stored for the duration of the session. We create so-called log files from this data. The created log files are stored to safeguard the security of our IT systems. A personal evaluation of the data, in particular for marketing purposes, does not take place.
Processing of the above data is required for technical reasons to offer a website pursuant to Art. 6 (1) Clause 1 lit. b), lit. c), lit. f) GDPR in order to correctly display our website to you and to safeguard stability and security. In particular, log files are created to verify attacks on our systems. We erase server log data from our systems regularly, at the latest every 12 months.
With your consent, you can subscribe to our newsletter in which we inform you of our current interesting offers.
We used the so-called double opt-in process for registration to our newsletter. This means that after your registration, an email is sent to the disclosed email address, in which we ask you to confirm your request to receive the newsletter. If you do not confirm your registration through the hyperlink within, your information is blocked and erased after the expiration of one month. We furthermore retain your utilized IP addresses and the time of registration and confirmation. The purpose of this process is to verify your registration and clarify a possible abuse of your personal data, if necessary. Only the disclosure of your email address is required to receive the newsletter. All other disclosed information is voluntary and will be used to allow us to address you personally. After your confirmation, we store your email address for sending you the newsletter. The legal basis for this is Art. 6 (1) Clause 1 lit. a) GDPR.
To unsubscribe from the newsletter, you can click on the link provided in every newsletter email.
Please note that we analyze your user behavior when sending the newsletter. For this analysis, the emails sent by us contain so-called web beacons or tracking pixels, which are one-pixel images that are stored on our website. For the analysis we combine the data listed under “Server log files” and the web beacons with your email address and an individual ID.
Cookies And Integrated Services Of Third Parties
The following types of cookies can be set on your device:
- Strictly necessary cookies: These cookies enable services you have specifically asked for, e.g. identifying you as being signed in with the Site user ID and password, and keeping you logged in throughout your visit. These cookies do not contain any personally-identifiable information and are typically set by us.
- Performance cookies: These cookies are used to collect statistical information about visitors to the Site and the pages they view. All information is aggregated and used anonymously. We use these cookies to understand what content is popular. For more information on how to manage cookies, including opt-out of performance cookies please visit: http://www.aboutcookies.org/Default.aspx?page=1
- Functional cookies: These cookies allow the Site to remember choices you make and provide enhanced and more personal features. Note that if you disable these cookies Site may not work properly. For more information on how to manage cookies, including opting-out of functional cookies please visit http://www.aboutcookies.org/Default.aspx?page=1
- Targeting and advertising or other third party cookies: Some cookies that have been set on our Site are not related to us. Please check the third party websites for more information about these cookies.
- Other companies which advertise or offer their products or services on our website may also allocate cookies to your device. The types of cookies such other companies use and how they use the information generated by them will be governed by their own privacy policies and not ours.
When you visit domain.me, the website also stores so-called cookies on your computer. Cookies are small text files that within the scope of your visit of our website are transmitted from our web server to your browser and are stored by your browser on your computer for later retrieval. You can determine by the settings in your browser, whether cookies can be set and retrieved. You can completely deactivate the storage of cookies in your browser, limit it to certain websites or configure your browser so that it automatically informs you as soon as a cookie is to be set and asks you for feedback.
In particular, we use session cookies. They store a so-called session ID, with which different requests of your browser can be assigned to a certain session. This allows your computer to be recognized when you return to our website, which offers significant added value for the registration function for our conference, for example. The session cookies are deleted when the expiry time of one week has been reached.
Third-Party-Cookies, Web Analytics And Third-Party-Services
You can configure your browser settings according to your wishes and refuse the acceptance of third party cookies or all cookies, for example. The legal basis for the use of third party cookies as well as other services from third parties is our legitimate interest (in the analysis, optimization and economic operation of the online service) pursuant to Article 6 (1) Clause 1 lit. f) GDPR, unless otherwise stated. You can object to the processing on the basis of our legitimate interests at any time.
We use multiple web analytics tools provided by service partners to collect information about how you interact with our website or mobile applications, including what pages you visit, what site you visited prior to visiting our website, how much time you spend on each page, what operating system and web browser you use and network and IP information. We use the information provided by these tools to improve our Services. These tools place persistent cookies in your browser to identify you as a unique user the next time you visit our website. The information collected from the cookie may be transmitted to and stored by these service partners on servers in a country other than the country in which you reside. Though information collected does not include Data such as name, address, billing information, etc., the information collected is used and shared by these service providers in accordance with their individual privacy policies. You can control the technologies we use by managing your browser settings, or by utilizing settings in your browser or third-party services, such as Disconnect, Ghostery and others.
Targeted ads or interest-based offers may be presented to you based on your activities on our webpages, and other websites, and based on the products you currently own. These offers will display as varying product banners presented to you while browsing. We also partner with third parties to manage our advertising on our webpages and other websites. Our third party partners may use technologies such as cookies to gather information about such activities in order to provide you with advertising based upon your browsing activities and interests, and to measure advertising effectiveness. If you wish to opt out of interest-based advertising click here [or if located in the European Union click here]. Please note you will continue to receive generic ads. Details of the services can be found below.
Google is certified under the Privacy Shield Treaty and thus offers a guarantee that it complies with the European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
We inform you that, on this website, Google Analytics was expanded by the code “anonymizeIp” in order to guarantee anonymized capture of IP addresses (so-called “IP masking”). By activating IP anonymization on this website, your IP address within member states of the European Union or other contracting parties to the Agreement on the European Economic Area is first abbreviated by Google. The full IP address is transmitted to a Google server in the USA and abbreviated there only in exceptional cases. Google uses this information on behalf of the operator of this website to evaluate your use of the website, to create reports concerning website activities, and to provide other services in connection with website use and Internet use vis-à-vis the website operator. The IP address transmitted by your browser within the scope of Google Analytics is not combined with other data held by Google. Pseudonym profiles of users may be created from the processed data. The IP address transmitted by your browser is not combined with other data held by Google.
You can prevent the collection of the data generated by the cookie and relating to your use of the website to Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
Further information concerning data used by Google, settings options, and opportunities to object are available on Google‘s website under https://www.google.com/intl/de/policies/privacy/partners and under http://www.google.com/policies/technologies/ads and http://www.google.me/settings/ads
When using our website, we place a visitor action pixel of the social network Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA (“Facebook”) on your computer. This allows us to track your behavior when you click on a Facebook advertisement and are then redirected to our web page. The service helps to analyze and evaluate the effectiveness of Facebook advertisements in order to optimize future advertising measures. The data will remain completely anonymous to us and cannot be traced back to the respective person. However, Facebook will store and process the data and hence establish a connection between the data and the user’s Facebook profile. For more information about Facebook’s data processing, please visit: https://www.facebook.com/about/privacy/
If you wish to object to this procedure, please click here: http://optout.aboutads.info/?c=2&lang=EN
On the basis of our legitimate interests (i.e. our interest in the analysis, optimisation and operation of our websites in accordance with Art. 6 (1) f. of the GDPR, we use the Crazy Egg analysis technology from Crazy Egg, Inc. 16220 Ridgeview Lane, La Mirada, CA, 90638 USA.
Crazy Egg allows us to track the effects of various changes to a website (e.g. changes to input fields, design, etc.) within the framework of so-called “A/B-Testings”, “Clicktracking” and “Heatmaps”. A/B tests are designed to improve the usability and performance of online services. For example, users are presented with different versions of a website or its elements, such as input forms, on which the placement of the contents or labels of the navigation elements can differ. The behavior of users, e.g. length of time spent on the website or more frequent interaction with the elements, can then be used to determine which of these websites or elements are more suited to users’ needs. “Clicktracking” allows you to keep track of the movements of users within an entire online offering. Since the results of these tests are more accurate if the interaction of the users can be followed over a certain period of time (e.g. if a user likes to return), cookies are usually stored on your device for these test purposes. Technical data such as selected language, system, screen resolution and browser type are recorded. For technical reasons, this information is stored in a so-called session cookie. This means that this cookie is deleted after leaving the site and is not used to track users across multiple sites or to identify returning visitors. The information collected does not include passwords, the IP address is anonymized and the information is not shared with third parties.
On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our website in the sense of Art. 6 (1) Clause 1 lit. f.), we make use of the information provided on this website. GDPR) the plugin WordPress Stats, which includes a tool for statistical evaluation of visitor access and from Automattic Inc. 60 29th Street #343, San Francisco, CA 94110, USA. Jetpack uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site.
Information on jetpack cookies can be found at https://jetpack.com/support/cookies/.
HeatMap Inc. helps us to analyze and display your online behavior. By the combination of analyzing tools and visual Heatmap presentations it helps us to understand, how to improve the user experience, the performance and conversation of their website. Being processed are
- Mouse and touch activities (but no keyboard activities),
- the geographic abode (country),
- screen size of the used device,
- visited sites,
- date and time,
- when the websites were accessed are analyzed and retraced.
Cookies are used to collect information such as log in data and browsing activities. The data are stored on different servers within and outside the EU.
We integrate the videos of the platform “YouTube” of the provider Google LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. The YouTube server is informed of which of our pages you have visited, stating your IP address.
If you are logged into your YouTube account, you allow YouTube to associate your surfing behavior directly with your personal profile. You may be able to prevent this by logging out of your YouTube account.
Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).
You can change your Twitter privacy settings in your account settings at https://twitter.com/account/settings.
SurveyMonkey Europe UC is a subsidiary of SurveyMonkey Inc. based in the USA. If data is transferred to SurveyMonkey Inc., we would like to point out that SurveyMonkey Inc. is subject to the Privacy Shield Agreement concluded between the European Union and the USA.
C. Information About The Processing When Registering a .ME Domain
In most circumstances, it is not possible to register a .Me domain name directly with us. Instead, parties who has been accredited by Registry to perform domain name registration services for the .ME name space (“Accredited Regsitrars”) send your Data to us (or one of their resellers who collect your Data, if applicable). The list of .ME accredited registrars is available at https://domain.me/accredited-registrars/.
We collect and use Data only as it might be needed for us to deliver to you rights and benefits of a .ME domain registration. This may include
- The right to create a .ME domain, subject to the selected Accredited Registrar’s applicable terms of service, and pricing,
- Designation of the primary and secondary domain name servers for the Domain Name,
- the right to renew a .ME domain registration upon its expiration, subject to the selected Accredited Registrar’s applicable terms of service, and pricing,
- the right to transfer ta .ME domain registration to another accredited registrar at its own expense, subject to the current and future selected accredited registrar’s applicable terms of service, and pricing,
- The right to redeem a .ME domain registration upon its deletion, subject to the selected Accredited Registrar’s applicable terms of service, and pricing.
- the right to resolve disputes or claims that arise involving the Domain Name registration, subject to applicable terms of the selected Accredited Registrar’s registration agreement and terms of service.
Categories Of Data We Collect
We collect information so that we can provide the best possible experience when you utilize our Services. When you register a .Me domain name through our Accredited Registrars we receive – in most cases – the following registration data elements. The same data elements as for the Registrant apply to the Admin-C, Billing-C and Tech-C.
- Domain Name
- Name Servers
- Registrant Name
- Registrant Organization
- Registrant Street
- Registrant City
- Registrant Postal Code
- Registrant Province
- Registrant Country
- Registrant Phone
- Registrant Phone Ext
- Registrant Fax
- Registrant Fax Ext
- Registrant Email
Access, Updating And Deletion Of Your Data
If you make a request to delete your Data and that data is necessary for Services you use, the request will be honored only to the extent it is no longer necessary for any Services you use or required for our legitimate business purposes or legal or contractual record keeping requirements.
The Domain Registrant is responsible for ensuring that his/its Data (e.g., contact information) related to the Domain Name is accurate. In the event of an error, the Domain Registrant must contact his/its Accredited Registrar so that the information can be updated. In turn, the Accredited Registrar notifies the Registry Operator of the updated contact information in a quick and efficient manner. This means that Data may be continually updated.
A Domain Registrant may ask that all Domain Name registrations held by the Domain Registrant must be deleted, and the Domain Name registrations will become available for others to register. However, Data that is not connected to an existing Domain Name registration is stored in the form of historical data required for our legitimate business purposes or legal or contractual record keeping requirements.
If at any time you have questions about your rights in relation to your Data connected to Services, you may contact us via the following form https://domain.me/gdpr-data-request-form.
In addition to section A. (General Provisions) and section C. (Information About The Processing When Registering a .ME Domain), the following applies to our B2B business partners.
We process your data on the legal basis of Art. 6 (1) Clause 1 lit. b GDPR for the fulfilment of contracts or the implementation of pre-contractual measures (for general administration, planning, implementation and handling of business relationships). This includes contact data (e.g. first name, surname, e-mail address, telephone numbers and company name, customer number) of contact persons, payment and invoice data, order data including order history (e.g. delivery, order and confirmation date, order number, customer number), data on maintenance, warranty and guarantee work, other data which are absolutely necessary to fulfil contracts or to assert any claims against contact persons or your company.
On the legal basis of Art. 6 (1) Clause 1 lit. f GDPR, we process your data to safeguard our legitimate interests, for example to carry out marketing measures, market analyses, surveys, insofar as this is necessary to assert legal claims and for legal defence, for accounting purposes or for credit assessment purposes.
Please note that you can object to the processing at any time on the basis of our legitimate interests. See above for more information.
.Me Registry s Commitment to Children’s Privacy
Protecting children s privacy is especially important to us. It is our policy to comply with the Children s Online Privacy Protection Act of 1998 and all other applicable laws. Therefore we restrict the Site to persons eighteen years or older.
YOU MUST BE EIGHTEEN (18) YEARS OR OLDER TO ACCESS THE SITE. IF YOU ARE UNDER EIGHTEEN YEARS OF AGE, YOU ARE NOT PERMITTED TO ACCESS THE SITE FOR ANY REASON. DUE TO THE AGE RESTRICTIONS FOR USE OF THIS WEBSITE, NO INFORMATION OBTAINED BY THE SITE, FALLS WITHIN THE CHILD ONLINE PRIVACY ACT (COPA) AND IS NOT MONITORED AS DOING SO.
The Site is not aimed at children under 13 years old and we will not collect, use, provide or process in any other form any personal information of children under the age of 13 deliberately. We therefore also ask you, if you are under 13 years old, please do not send us your personal information (for example, your name, address and email address). If you are under 13 years old and you nevertheless wish to ask a question or use the Site in anyway which requires you to submit your personal information please get your parent or guardian to do so on your behalf.
.Me Registry’s Commitment to Data Security
Services and websites we sponsor have security measures in place to protect the loss, misuse, and alteration of the information under our control. While we make every effort to ensure the integrity and security of our network and systems, we cannot guarantee that our security measures will prevent third-party .hackers. from illegally obtaining this information.
Masa Djurovica 3/1.
Phone: +382 77 300 070
Revisions to This Policy
.Me Registry reserves the right to revise, amend, or modify this policy, our Terms and Conditions of this agreement, and our other policies and agreements at any time and in any manner, by updating this posting.
Last updated: February, 2019
Copyright: doMEn LLC