Under the GDPR, personal data may be collected and processed only when there is a legal reason to do so. One such justification would be the performance of a contract; another is a situation where the data subject (the person to whom the data pertains) has given explicit consent for their data to be processed or collected. Data can only be shared when necessary to fulfill the intended purpose of the data collection. This means that the public Whois system as it exists today is incompatible with the principles of data privacy that the GDPR affirms.
Have more questions? Submit a request