Who we are:The entity collecting and processing personal data (the data controller) is:
PRO ISP AS, Norwegian corporation with organizational number 896 907 662
How to contact usOur contact information is available here:
Contact information PRO ISP
Personal data we collect from youThere are five categories of data we collect from you that contains personal data.
- Client data
Information given to identify the client account and optional contact for invoice when ordering services from us. This includes name, address, phone number and email address.
- Domain contact data
The information you provide us in order to register domains. This is used for registrant contact for the domain. This includes name, address, phone number and email address.
Some TLD’s require additional informasjon in order to register a domain:
- For Norwegian citizens registering .no domain, social security number is collected and stored at the registrar for .no, Norid and a PID-number is issued. PRO ISP processes the PID-number and not the social security number attached to the PID number.
- When registering .fi.domain it is required a finish social security number if you are a finish citizen. You will also need to register your date of birth, finish citizen or not.
- When registering .fr, .wf, .pm, .tf, .re domains, you are required to state your date of birth and the country you were born in.
- When registering domain via Uniregistry it is required you create 3 questions and 3 answers.
- When registering .se and .nu you are required to state your social security number and which country you are a citizen of.
- When registering .es you are required to state your social security number or passport number and which country you are a citizen of.
- When registering .it you are required to state social security number or passport number and nationality.
- When registering .by you are required to state your social security number or passport number, as well as how issued the passport and date of issue.
- Contact data for SSL certificate
The information you provide us in order to have a SSL certificate issued. This is used as contact information for the SSL certificate. This includes name, address, phone number and email address.
- Automatically collected data
This is data you do not provide us directly but is collected automatically when you or any of your users of your hosting services communicate with our servers. This includes webserver logs, email server logs as well as other automatically generated server logs. This can contain timestamps, IP-addresses, email addresses, names, phone numbers and HTTP-headers which can contain type of web browser, last visited website and language settings.
- Payment information
Credit card information is not stored in our system, but with Adyen. For payments via PayPal, the email address attached to the PayPal account is stored. For payments via online bank name, address, date of payment and account number the payment was made from as well as KID/message.
Why do we collect personal data?The purpose of collecting the personal data is:
- To idenitfy you as a client of PRO ISP and a part of our Service agreement.
- To identify the registrant for the domain name according to the terms for the TLD.
- To identify the person ordering the SSL certificate.
How your personal data is used:
- Client data
Contact information is used to send you invoices, renewal warnings, yearly reminders to keep your contact information up to date, which is necessary in order to fulfil our contractual agreement with you and registrars.
- Contact data for domain names
Contact information is used by the registry unit to identify the registrant for domain names. The registry unit can publish contact information, partially or complete, in the WHOIS-database, depending on the terms for the domain in question. The reason for this is to be able to contact the person responsible for domain names. Examples of situations this would be important could be if there is a technical difficulty with the domain, the domain is being abused for spam or criminal activities or if there is a dispute regarding third party rights to the domain.
- Contact data for SSL certificates
Contact information used by certificate issuer to identify person(s) connected to the application for the SSL certificate.
- Automatically collected data
This data is used for maintenance, protect and improve our services to give you a better support experience. The data is also used to discover, prevent or in any other way address fraud, security- and technical issues.
- Payment information
The payment information stored is used to identify who the payment is made for, as well as in connection to support related to payment of invoices or refunding payments.
How can you access your personal dataYou can access and change your contact data for your account, as well as for your domains via the client portal. It is not possible to change the contact information for SSL certificate when it has been issued. If you wish to change this information a new certificate will need to be purchased. You can also choose how we send invoices to you as well as add your own invoice contact. Contact information which is optional can be removed from both the client account and for the domain.
How we share your personal data with othersFor .no (and all subdomains of .no) and .se we share your domain name data with the registry for the TLD in question as far as its necessary to register or administrate the domain. For other TLD’s we share your domain name data to Realtime Register as far its necessary to register or administrate the domain. Realtime Register shares your domain name data to the registry unit for the TLD as far as its necessary to register or administrate the domain.
When we send in requests to issue SSL certificate we send your contact data for SSL certificate to Rapid Web Services, LLC as far as its necessary to issue the certificate. Rapid Web Services, LLC sends this to the certificate issuer you have ordered the certificate from for the same reason.
Trustpilot AS receives your name and email address when you complete an order on our website so that they can send an invitation for you to leave a review. You can unregister at any time. It is voluntary to supply them with further information.
UserEngage Sp. z o.o., which is our provider for live chat and chat bot software, receives your name and email address when you login to our client portal. No information is shared if you are not a client or if you do not login to the portal.
We can give personal data to Norwegian law enforcement or other public authority if there is a court order or other legal demand for the information.
Transfer of personal data outside EU/EEARapid Web Services, LLC resides in USA and fulfils the requirement to EU-US privacy-shield. All Information sent is secure and encrypted.
How we delete your personal dataPersonal data that is no longer necessary for the purpose for which it was stored will be deleted continuously.
We store personal information about customers in accordance with current legislation. When you delete or cancel services, some personal information will remain stored to the extent necessary to protect legal rights or regulatory requirements for documentation.
We can also delete your personal data in third party solutions such as Facebook, Instagram and similar upon request. Contact support in any of our normal support channels and we will be happy to assist you.
Automatic decisions based on personal dataPersonal data you provide us with is sent through a series of automatic checks. Information that do not pass the checks can be rejected directly so you are instructed to insert the correct information or be subject to a manual inspection or follow up. For example, we check if name, address and other contains only accepted characters or if the postal number correlates with the postal city.
Data portabilityYou have the right to data portability. This means that you can take with you your personal data in a machine readable format.
All contact information attached to your domain is located in the registry units central database in a standardized format. If you decided to move your domain to a different supplier all the information will be automatically transferred to the new registrar using the EPP-protocol.