Pursuant to Appendix A, Section 4 of ICANN’s Temporary Specification for gTLD Registration Data (the “Temporary Specification”) and our Registrar Accreditation Agreement with ICANN, MarkMonitor is required to provide reasonable access to non-public WHOIS information (“WHOIS data”) when we receive an adequate request based on a lawful basis, including but not limited to a legitimate interest stated by the requestor.
This policy does not apply to requests for WHOIS data that are made by the person to whom that information relates. It only applies where the person or organisation requesting the WHOIS data is a third party. Requests from data subjects exercising rights in their own data (e.g. right to rectification, right to erasure, etc.) should be made to the client’s CSM and/or email@example.com.
We will provide the requestor with non-public WHOIS, only if all the following conditions are met. Please see Section 4 below for guidance on processing requests when the following conditions are not met, and please reach out to Legal, the Director of Policy, and MarkMonitor’s designated Privacy Contact (together, the “Privacy Team”) in case of any uncertainty.
3. How we Respond
We try to respond within five business days. When providing a fulsome response, we will copy and paste the following legal disclaimer into the top of our email reply to the requestor, followed by the non-public WHOIS information (but no more non-public WHOIS data than is necessary for the stated purpose) (“WHOIS Data”) for which the requestor has a lawful basis:
“MarkMonitor takes our clients’ privacy, and global privacy laws, very seriously. By processing the WHOIS Data we disclose to you, you understand and agree that you: do so as a separate (and not joint) data controller with respect to such WHOIS Data, and as a result are responsible for determining the lawful ground under the General Data Protection Regulation applicable to your processing of this data. You further agree to process and safeguard the WHOIS Data we supply to you in accordance with all applicable laws at all times.”
4. Insufficient Requests
In order to ensure compliance with data privacy laws, MarkMonitor will not process requests for WHOIS Data that do not meet all the requirements specified in Section 2 above. However, due to the novelty of implementing the Temporary Specification, if a request is missing one or more of the requirements above, we may respond with language similar to the below, and may provide the requestor with further specific instructions to amend and correct their request, at MarkMonitor’s sole discretion:
“We are in receipt of your request. Unfortunately, your request has been preliminarily deemed insufficient as lacking one or more of the following MarkMonitor requirements for providing non-public WHOIS information under ICANN’s Temporary Specification: requests must be sent to the MarkMonitor email address which is established for this purpose, and which is listed in MarkMonitor’s WHOIS output; the domain name in question must be a gTLD; the requestor must explicitly identify themselves (and if they act on behalf of another person, provide a Letter of Authority or representation affirming the requestor is authorized to act); the WHOIS output for the domain must not already be public – check to see if the WHOIS output for this domain is already publicly available; and the request must state a sufficient legal basis and a sufficient lawful purpose (e.g. a ‘legitimate interest’) for requesting the data, showing that the data is necessary for the stated purpose.”>
© Copyright 2018 MarkMonitor Intellectual Property & Science is now known as Clarivate Analytics, and is no longer part of Thomson Reuters