Shortcut to this article: opensrs.help/gdpr
Overwhelmed? Start with this checklist.
- End-user consent request emails - The means by which we send the Data Use Consent Settings page URL (see below) to the registrant.
- Data use consent settings pages - The location from which a registrant can set, view, and update their consent preferences or revoke consent.
- Tucows.help/data-use - A reference tool for registrants and resellers, this easy-to-search info page houses the data-processing details for each TLD we offer, including the name of the provider, which pieces of personal we data process, and the legal basis for processing each.
- Transfer in email
- Transfer in landing page
- Consent management sample flow - consent choice change
- Consent management sample flow - new registration
- Transfer process - before and after - A comparison between how domain transfers work today and how they work after GDPR.
- GDPR API changes
How OpenSRS processes data - general information
- Why are you applying GDPR-related changes platform-wide?
- Why does the Data use consent settings page mention Tucows?
- What is the difference between consent and contract, and why does it matter whether a data element is processed based on contract or consent?
- How long do you keep personal data on file?
- Doesn’t ICANN policy require something different than your implementation?
- Will resellers still be able to see all available Whois data or will they we be required to use the gated Whois?
- Why can’t I see real contact information in the public Whois anymore?
- Is it possible to opt-in to the display of real data in the public Whois?
- Will the public Whois output still display domain dates, status, nameservers, and sponsoring registrar?
- In the gated Whois, what data will be displayed?
- Will the changes to the Whois affect non-EU domain registrants?
- Law enforcement and privacy protected domains
- What is the difference between the gated Whois and the domain privacy Whois?
- Will the domain privacy number continue to be displayed?
Understanding the end-user consent management process
- What TLDs and products show up on the Data use consent settings page?
- Why are some TLDs asynchronous while others are synchronous? Why is consent sometimes required and sometimes optional?
- Why is my customer’s asynchronous domain pre-consented? They haven’t yet provided consent.
- What do the various GDPR consent statuses mean?
- What happens if the user does not provide, or revokes consent?
- My customer is canceling a service in order to have their data erased from the provider’s system. Will I and, by extension, my customer, be refunded?
- How are products grouped together on the Data use consent settings page?
- Why does the order in which services are listed on the Data use consent settings page change?
- Why is my customer receiving multiple consent request emails?
- Does the consent request timeout?
- What triggers the consent request to be sent?
- Who receives the consent request?
- Can the consent request be sent to the domain admin, billing, or tech contacts?
- Why did my customer get a consent request and then find a “nothing further is required” notice on the consent page?
- Is consent different depending on the domain owner type?
- Why will my customers receive consent request emails in addition to Whois Verification emails? Can’t these be combined?
Reseller controls and management
- Can I stop sending Tucows certain pieces of domain contact info, or stop sending domain contact details altogether?
- Can I turn off the Data use consent settings page and consent request process entirely?
- Can I edit the consent page?
- Can I edit the consent request email?
- My client lost the link to their consent page. How can I provide it to them?
- How can I determine whether a specific TLD is asynchronous?