(1) Account Creation
When registering a domain name, ownership and contact details are required by ICANN and other TLD registry operators. These include first and last name, mailing address, phone number, and email address. Such details are used to identify the domain name's legal owner as well as to contact the administrator in the event of alleged abuse. Epik cannot process domain registrations without this basic information.
Although some TLDs (domain endings) require additional kinds of information beyond those data cited, for most TLDs these are sufficient. To minimize intrusiveness, Epik gathers only what we need for the most common TLDs. This core information is requested at the moment of account creation because, as a domain registrar, Epik anticipates that most customers will register or transfer a domain soon after creating an account. For a streamlined experience, our goal is to have customers fill out only one form.
Additionally, Epik relies on these details – especially name, email address, and phone number – to identify customers correctly when they contact Epik support. In cases where Epik must contact you about a problem, we rely on both email and phone, since either method alone may fail. Collecting your phone number also allows Epik to offer 2-factor authentication as an additional security option – safer than password protection alone.
As a global company, we also refer to state and country information to choose the right time of day to call. In rare cases, legal notices must be delivered by physical post to the address on file. Mailing address information is also used to assess eligibility for certain TLD registrations, which are sometimes limited to particular countries or even cities. This helps Epik show relevant TLDs to you via email or on our website. With more than 1000 TLDs in existence, we can improve the user experience by focusing on those with a connection to you based on language or location. Epik also uses geographical information to perform a statistical analysis of our customer base.
Epik sends automated renewal reminders via email to help customers avoid unintentional service interruptions, additional fees, or total loss of a domain name once it expires. Email is also used to notify customers of important issues such as policy changes, outages, security breaches, price increases, and so forth. Marketing emails may also be sent to customers who have opted to receive information about promotional prices, new Epik features, new TLDs, new services, domain industry news, and the like. Notably, domain transfers between Epik accounts or between Epik and another domain registrar cannot function properly without email notifications. That is true of all domain registrars. Your email address is also used to validate account ownership and to restore access in the event that a password is forgotten.
Your password is used to provide secure account access at Epik. Your user name is used to identify accounts in contexts where you don't wish to share your personal name or email address. For example, when moving a domain from someone else's account to yours, you may not wish to divulge personally identifying information. As a pseudonym tied to your account, the user name can be a useful substitute.
We refer to your account PIN # in the event that a password is forgotten and you cannot reset it through email. For customers who have lost email access but who can contact Epik by phone, chat or an alternative email address not on file, this is often a life saver. For those who have misplaced their PIN # or did not take note of it while logged into their account, will be able to submit requested information such as a valid ID and selfie through our account with Validation.com. A link will be supplied to go to in order to submit the requested information for review.
We gather payment details only for the limited purpose of processing payments from you to Epik or from Epik to you. Bank information is only recorded when processing wire transfers between Epik and customers who choose to pay or be paid in this way. Details are recorded for auditing purposes, in order to match Epik's registrar transactions with bank account records.
Full credit / debit card details are never stored by Epik's system during or after checkout. We simply transmit them to Epik's payment processor and also to a contracted fraud detection service. Heavily redacted representations of the credit card number do exist on the Epik system, showing only a few digits. These are used to differentiate between payment methods when researching transaction history. The redacted versions are also displayed to you inside your Epik account so that you can identify 1 card among many. Sending your credit card details to Epik by email or over the phone is highly discouraged.
Your Paypal address may be saved in order to offer a more streamlined checkout process at Epik. Additionally, if you choose to use Paypal for recurring payments to Epik, we need to associate the stored Paypal address with your Epik account. Epik cannot see your Paypal password. Sometimes Epik requests your Paypal address in order to issue you a refund or pay you.
Epik may store your credit / debit card's expiration date. We use this information to alert you when a card on file is about to expire. This is important to avoid payment failures associated with auto-renewal, monthly hosting, or monthly domain Rental / Purchase plans. Since the consequences of missed payments can be severe and stressful, Epik hopes to prevent headaches for its customers by warning them in advance. This also minimizes the number of renewal reminders we would otherwise send to customers. That means less email clutter.
(4) Additional Authorization
Some TLD registries require additional information before a domain name can be registered. For example, to use .CN or even .COM inside China, the Chinese government requires a scanned copy of government-issued ID. Likewise, Australia requires an ABN (Australian Business Number) or even a trademark number in order to process .AU registrations. Epik does not collect this information from you unless we need it to process a domain registration that you have ordered.
In rare cases, Epik must investigate suspicious activity, including credit card theft. Or you may find yourself completely locked out of your Epik account, if you have lost email access and cannot remember any of your security credentials. Under those unusual circumstances, Epik may ask some customers to voluntarily submit a copy of government-issued ID in order to prove their identity. This is strictly voluntary, and it is meant to protect customers and non-customers from fraud. Some European customers volunteer their VAT number for purposes of invoicing.
(5) Support Inquiries
In the context of support tickets, Epik relies on your first and last name, email address, and account PIN number in several ways: to validate your identity, locate your account quickly, search for your ticket within our system, and reply to you. This information is preserved indefinitely along with the messages themselves. We use it to train support staff, document abuse allegations, identify and fix glitches, and research customer history in order to help you in the future.
(6) Domain Inquiries
When someone has questions about a domain name, wishes to buy it, or wishes to complain about trademark infringement, they will often attempt to contact Epik or the domain owner. This can occur at various points on the Epik platform, including our whois lookup portal (whois.epik.com), via Epik support channels, through a parked domain page, or through a listing created by you in the Epik marketplace.
When the person is attempting to contact the domain owner, we pass their details and message along to that owner. At the same time, Epik maintains an internal copy of the information. This includes all pertinent information: first and last name, phone number, email address, offer amount (if applicable), and message text. Storing a backup copy allows Epik to forward the message to the domain owner when the first email delivery failed for some reason. Epik may also use this data to build an internal messaging system, which allows customers to track their domain inquiries more efficiently. Epik also analyzes this data to measure and improve marketplace performance for the benefit of our customers. Also, if the person who contacted a domain owner later chooses to request help from Epik, then Epik may refer to the relevant messages.
(7) Online Interactions
Epik uses data related to your IP address to make our website more relevant. For example, we may try to show the local currency or language. Your IP address is also a factor in assessing the risk of credit card fraud, since stolen cards are often used by criminals in remote overseas locations.
Like most websites, Epik tracks page views and links clicked in order to measure the effectiveness of our email campaigns and website interface. This automatic feedback is crucial for online companies to improve the user experience – making it easier for customers to find what they're looking for, eliminating unused features that clutter a website, delivering more relevant messages, and minimizing the number of unwanted emails we deliver.
We also use page views in Epik's support channel so that our agents can know, in real time, which page you are viewing (and which is perhaps giving you difficulty). Most importantly, Epik tracks changes made by the user inside their Epik account in order to troubleshoot errors, reverse accidental changes, and defeat hackers.
If you believe Epik is using your personal information in some way not described above, please contact us. Our goal is complete transparency. If anything has been left out, that omission is accidental and will be corrected promptly once you let us know.