Gandi is a French company providing domain name registration, web hosting, and related services.
We are not in the business of selling Personal Information. We consider this information to be a vital part of Our relationship with You.
We do not share with others, or sell or rent to others, any Personal Information provided to us through the Sites or through Our
Even if there is a reasonable delay before the data is fully deleted (as is common), the data still counts as "permanently deleted" and satisfies the parameters for this question.
No information is provided stating that you can do such, nor in their documentation (docs.gandi.net)
This may come in the form of outright data sharing or by using local third-party analytics software (such as Google Analytics, which collects a plethora of user information).
Note that whether the policy allows sharing aggregated user data does not affect this question.
If the personal data is encrypted when it passes through the third-party, it does not count as third-party access (as the data is inaccessible to that party).
If personal data has been made public by, for example, posting it to a blog, it does not count as private personal information (and is therefore not considered by this question).
Agents, Consultants and Related Third Parties: As noted above, We, like many businesses, sometimes engage other companies to
perform certain business-related functions on Our behalf so that We can focus on Our core business. Examples of these services
include, but are not limited to, payment processing and authorization, fraud protection and credit risk reduction, product customization,
order fulfillment and shipping, marketing and promotional material distribution, website evaluation, data analysis and, where applicable,
Legal Requirements: We may disclose Your Personal Information if required to do so by law (including, without limitation responding to
a subpoena or request from law enforcement, court or government agency) or in the good faith belief that such action is necessary (i) to
comply with a legal obligation, (ii) to protect or defend Our rights, interests or property or that of other customers or users, (iii) to act in
urgent circumstances to protect the personal safety of users of the Sites or the public, or (iv) to protect against legal liability or potential
fraud, as determined in Our sole discretion.
We have implemented information security measures that contain administrative, technical and physical controls that are designed to
reasonably safeguard Personal and Non-Personal Information. Even though We have taken and will continue to take significant steps
to protect this information, no company, including us, can fully eliminate all security risks associated with Personal Information. We use
various security measures, including Secure Socket Layer (SSL) encryption technology, to protect information collected, transferred
and retained. If You elect to set up an account on the Sites, You will be asked to provide an email address and password. You must
provide a valid email address and password in order to create and maintain an account, as well as to access account information. We
recommend You select a password with at least 8 characters and consider adding numbers or special characters to further strengthen
Your password. In order to help protect Your personal information, You should be careful about providing Your password to others and
change it periodically. If You wish to update a password, or if You become aware of any loss, theft or unauthorized use of a password,
please contact us at firstname.lastname@example.org.
Moreover, we strongly recommend You to active Our two-factor auth feature to enhance Your security. Please be aware that We may
store Personal Information or such information may be included in databases owned and maintained by Our affiliates, agents or third
party service providers. We take all commercially reasonable steps to protect the security and confidentiality of all Personal Information
provided via the Sites from loss, misuse, unauthorized access, inadvertent disclosure, alteration and/or destruction. However, no
Internet or email transmission is ever fully secure or error free. In particular, email sent to or from the Sites may not always be secure.
Please keep this in mind when disclosing any Personal Information via the Internet or by email.
We do not and will not, at any time, ask You to provide Your Personal Information in a non-secure or unsolicited email or telephone
communication. Identity theft and the practice currently known as "phishing" are of great concern to us. Safeguarding information to
help protect You from identity theft is one of Our priorities. If You receive such an email, please contact us to bring it to our attention.
For more information about phishing, visit the Federal Trade Commission at http://www.consumer.ftc.gov/articles/0003-phishing.
Last Update September 1, 2016 - Version 2.0
Note that all companies operating in the EU are subject to Art. 33 of the GDPR, which requires companies to notify their data protection authority of a data breach within 72 hours of discovering it.
No information is provided stating that they do alert users
The Sites and our business may change from time to time. As a result (and for other business and/or technological reasons), it may be
at any time and from time to time without prior notice. Please review this policy periodically, and especially before You provide any
notifying users of the changes and providing an opportunity for You to take action relative to those changes prior to their
implementation. In some cases, we also may send a notice via the Gandi Account or by email notifying registered users of upcoming
This includes the use of data brokers and independent verification authorities (such as background check providers).
We also may receive certain Non-Personal Information (including, without limitation, of the types set forth above) from various
third parties. The Non-Personal Information We receive from third parties may be combined with the information We collect as specified
herein, including Personal Information. If Non-Personal Information is combined with Personal Information, it may be viewed as
We may use Personal Information as necessary and to fulfill Your requests, including in the following ways:
Access and Use: If You provide Personal Information in order to obtain access to or use of the Sites or any functionality thereof, We will
use Your Personal Information to provide You with access to or use of the Sites or functionality and to monitor Your use of the Sites or
Internal Business Purposes: We may use Your Personal Information for internal business purposes including, without limitation, to help
Us improve the content and functionality of the Sites, to better understand Our users, to improve the Sites (including their bêta
versions), to protect against, identify or address fraudulent activities, to manage Your account and to provide You with customer service
and to generally manage the Sites and Our business.
Marketing: We may use Your Personal Information to contact You for certain marketing and advertising purposes, including, without
limitation, to inform You about offers, contests or surveys which may be of interest to You and to display content and advertising on or
off the Sites which may be of relevance to You. If You wish to change or update Your Personal Information or to change Your
subscription preferences, You may do so as provided herein.
Specific Reason: If You provide Personal Information for a certain reason, We may use the Personal Information in connection with the
reason for which it was provided. For instance, if You contact Us by email, We will use the Personal Information You provide to answer
Your question or to attempt to resolve Your issue and will respond to the email address from which the contact came.
Aggregated Personal Information: In an ongoing effort to better understand and to serve the users of the Sites, we (either directly or
working in concert with our marketing services providers) may conduct research on our customer demographics, interests and behavior
based on Personal Information and other information that has been provided or received by Us. For example, we may combine
information about visitors to the Sites to determine how best to target our marketing and the products and services that we offer in
certain areas of the country. This research may be compiled and analyzed on an aggregate basis and this aggregate information does
Some services allow users to opt-out or opt-in to of non-critical collection or use of personal data, such as collecting data for personalized advertisements.
Third Party Advertisers: We may use advertisers, third party ad networks, and other advertising companies, to serve advertisements on
Our Sites and on third-party websites. Please be advised that such advertising companies may gather information about Your visit to
Our Sites (such as through cookies, web beacons and other technologies) to enable such advertising companies to market products or
services to You, to monitor which ads have been served to Your browser and which web pages You were viewing when such ads were
delivered. If You would like more information about this practice and to know Your choices please visit:
http://www.networkadvertising.org/managing/opt_out.asp or http://preferences.truste.com/truste/. PLEASE NOTE THAT THIS POLICY
DOES NOT COVER THE COLLECTION AND USE OF INFORMATION BY SUCH ADVERTISING COMPANIES.
- Personal Information
We may collect Personal Information from users of the Sites in several instances. Some examples are as follows:
• We may collect Your name, billing address, shipping address, email address, telephone number. This information is used to provide
the products and services that You have ordered or requested and order confirmations (or other transactional information) and/or to
provide customer service.
• We may collect information regarding the domain names that You own or have owned. This information is used to provide the
services that You have requested and to suggest additional services that We believe You may be interested in via Domain Suggest
• We may collect Your name, email address, mailing address, zip code, and date of birth if You create a User Account and a Personal
Organization and Legal Contacts. This information will be used to help You keep track of Your orders, to keep You updated about
special offers, updates related to the Sites and any of the Gandi Contracts or other agreements which are applicable to the products
or services You have purchased or to which You have subscribed, and to facilitate checkout during purchases.
• We may collect Your IP address, Your status (natural person, legal person, association, public organization,...), the language of Your
web browser and the keyword queried to suggest You additional domain names during the purchase, to propose alternatives if the
domain queried is no longer available.
• We may collect Your email address if You sign up to receive promotional emails from Us. This information may be used to contact
You about sales, special offers and new features available through the Sites.
• We may collect Your name, telephone number, mailing address, zip code, and email address if You contact Us with a question or
request customer support from Us. This information may be used so that we can respond to Your question or contact You regarding
• We may collect Your name, email address, and other contact information if You participate in a promotion (e.g., contest,
sweepstakes) that We sponsor. This information will be used to fulfill the terms of the promotion and to contact You regarding
promotional and special offers, sales, and new features available through the Sites. It will also be subject to the terms accompanying
• We may collect Your name, age, zip code, purchasing habits, email address and/or mailing address if You choose to participate in
one of our on-line surveys. This information will be used to help provide Us with relevant information about Our customers.
• We may collect and maintain more extensive PII (including driver’s license numbers, passport numbers, identity card, etc.) if You are
purchasing a Gandi SSL Certificate, as We are required to review proof of identification and related documentation to verify Your
identity in order to issue You the Gandi SSL Certificate for which You are applying.
• We may collect and maintain more extensive PII (including driver’s license numbers, passport numbers, etc.) if You are purchasing
some extensions (domain names) which require supporting documentation.
Of course, You can update Your information or change Your preferences regarding receiving announcements and other information
from Us at any time by accessing Your account via the Sites. (For more information, see below section entitled How Can I Access,
Correct and Update My Personal Information?). The above section provides examples of the Personal Information that We may collect
through the Sites (including the bêta version of Our Sites) and the manners in which We may use such Personal Information. If You do
not want Us to collect Your Personal Information, please do not provide it to Us.
June 24, 2020