Legal

Privacy Policy

How we collect, use, and protect your personal information — in plain English first, then the long version.

Version1.1
Effective DateMay 6, 2026
Last UpdatedMay 6, 2026
Applies tojust-domain-name.com and all Just Domain services

Plain-English Summary

We know privacy policies are long, so here is the short version:

  • Who we are. Just (operating as Just Domain) is a small domain reseller registered in Israel. We help you register and manage domain names through accredited registrars.
  • What we collect. Account details, the registration data we need to register a domain on your behalf (some of which becomes public in WHOIS), payment details processed by trusted providers, and standard technical data like IP addresses and cookies.
  • Why we collect it. To provide and secure the service, process payments, comply with ICANN and the law, and (only if you opt in) send marketing emails.
  • Who we share it with. Accredited registrars and registries, payment processors, hosting and security providers, analytics and email tools, and authorities when legally required. We never sell your personal information.
  • Your rights. You can access, correct, delete, port, or object to processing of your data, subject to legal limits. Contact us at privacy@just-domain-name.com to exercise any right.
  • Special note about WHOIS. Some of the data you provide for a domain registration is published in public registry directories. This is required by ICANN and the registries, and we cannot remove it.

The full policy below is the authoritative version.

Table of Contents
  1. 1.Who We Are (the Controller)
  2. 2.Scope
  3. 3.Information We Collect
  4. 4.How We Use Your Information
  5. 5.Legal Bases (GDPR / UK GDPR)
  6. 6.How We Share Information
  7. 7.International Data Transfers
  8. 8.Data Retention
  9. 9.Your Rights — General
  10. 10.Additional Rights for EEA, UK, and Swiss Residents
  11. 11.Additional Rights for California Residents
  12. 12.Additional Rights for Israeli Residents
  13. 13.Cookies and Similar Technologies
  14. 14.Security
  15. 15.Data Breach Notification
  16. 16.Automated Processing and AI
  17. 17.Children
  18. 18.Third-Party Links
  19. 19.Changes to This Policy
  20. 20.Contact Us

1.Who We Are (the Controller)

For the purposes of applicable data protection laws, including the EU/UK General Data Protection Regulation ("GDPR"), the California Consumer Privacy Act as amended by the California Privacy Rights Act ("CCPA/CPRA"), and the Israeli Protection of Privacy Law, 5741-1981, the data controller is:

Just (operating as Just Domain)
Website: https://just-domain-name.com
Privacy contact: privacy@just-domain-name.com

Just is a domain name reseller. We are not an ICANN-accredited registrar; we provide our services in cooperation with accredited registrars who handle the underlying registration of domain names with the relevant registries.

2.Scope

This Privacy Policy applies to personal information we collect:

  • through https://just-domain-name.com and any subdomains we operate;
  • when you create an account, register or transfer a domain name, or use any of our services;
  • through email, support tickets, chat, and other communications with us;
  • from third-party services that integrate with our services with your authorization.

This Policy does not cover the practices of third-party websites, accredited registrars, registries, or services that operate independently of us. We encourage you to review their own privacy notices.

3.Information We Collect

3.1 Account Information

Full name, email address, phone number, mailing address, country of residence, account credentials (passwords are stored only in hashed form), and account preferences.

3.2 Domain Registration Data (WHOIS)

To register, transfer, renew, or manage a domain name on your behalf, we collect and transmit the contact information required by the relevant registry, accredited registrar, and ICANN. This typically includes registrant, administrative, technical, and billing contact details: name, organization, email, phone, fax (if applicable), street address, city, state/province, postal code, and country.

Important. Some or all of this information may be published in public WHOIS / RDAP directories, transmitted to registries, escrow providers, ICANN, and similar parties, and retained by them for periods required by ICANN, the relevant registry, or applicable law, regardless of whether you remain a customer of Just. Where available for the relevant TLD, you may be able to purchase WHOIS privacy/proxy services that limit public disclosure of certain fields.

3.3 Billing and Payment Information

When you purchase services, our payment processors collect payment card details, billing address, and transaction information directly. We do not store full payment card numbers on our own servers. We retain transaction records, invoices, and limited payment-method metadata (such as the last four digits and expiration of a card) as needed to provide the services and comply with tax and accounting laws.

3.4 Technical and Usage Data

IP address, device and browser type, operating system, language preferences, referring URLs, pages viewed, time stamps, session identifiers, and similar telemetry. This is collected through cookies, log files, pixels, and similar technologies as described in Section 13.

3.5 Activity and Audit Logs

We maintain logs of actions performed within your account, including domain searches, purchases, DNS changes, transfer requests, contact updates, login events, and actions performed through automated tools that you authorize on your behalf. These logs support security, troubleshooting, abuse prevention, dispute resolution, and your own visibility into changes to your account.

3.6 Communications

The content of emails, support messages, chats, and attachments you send us, plus subscription preferences and engagement data (e.g., opens and clicks) for any newsletters or marketing emails you receive.

3.7 Information from Third Parties

Information about you that we receive from accredited registrars, registries, payment processors, fraud-prevention providers, and identity-verification services in connection with your use of the services.

4.How We Use Your Information

We process personal information to:

  • create and administer your account and authenticate you when you log in;
  • process domain registrations, transfers, renewals, and DNS or contact changes through our upstream accredited registrars;
  • process payments, issue invoices, and prevent fraudulent or unauthorized transactions;
  • provide customer support and respond to inquiries;
  • send service notices, renewal reminders, expiration notices, and security alerts;
  • send marketing communications, where permitted by law and subject to your consent or opt-out rights;
  • monitor, secure, and improve the site and services, including debugging, analytics, and capacity planning;
  • detect, prevent, and address fraud, abuse, security incidents, and violations of our terms;
  • comply with legal obligations, ICANN requirements, registry policies, court orders, and lawful requests from public authorities;
  • establish, exercise, or defend legal claims.

5.Legal Bases (GDPR / UK GDPR)

If you are located in the European Economic Area, the United Kingdom, or another jurisdiction with similar requirements, we process your personal information on the following legal bases:

  • Performance of a contract — to provide the services you have requested, including domain registration and management.
  • Compliance with a legal obligation — to retain records for tax, accounting, ICANN, registry, and anti-money-laundering purposes.
  • Legitimate interests — to secure and improve our services, prevent abuse, and conduct limited direct marketing to existing customers, where these interests are not overridden by your rights.
  • Consent — for optional cookies, marketing communications to prospects, and other processing where consent is required. You may withdraw consent at any time without affecting the lawfulness of prior processing.

6.How We Share Information

We do not sell your personal information, and we do not "share" it for cross-context behavioral advertising as those terms are defined under the CCPA/CPRA.

We disclose personal information only as described below.

6.1 Accredited Registrars and Registries

Because we are a reseller, we transmit the registration data described in Section 3.2 to the accredited registrars and registries that operate the relevant TLD. These parties act as independent controllers for the registration records they maintain, in accordance with their own policies and ICANN requirements. The identity of the accredited registrar handling your domain may change over time, and you authorize us to transfer your registration data to a new accredited registrar where necessary to continue providing the services.

6.2 Service Providers

We use trusted third-party service providers that process personal information on our behalf, under written agreements that limit their use of the data. These providers fall into the following categories:

  • Payment processing — to authorize and settle payments and prevent fraud (e.g., providers such as Stripe, PayPal, or Tranzila).
  • Hosting and infrastructure — to host the site and related applications.
  • Content delivery, DNS, and security — to deliver the site reliably and protect it against attacks.
  • Analytics — to measure traffic and usage patterns.
  • Email delivery and marketing — to send transactional and marketing emails.
  • Productivity, content generation, and AI tools — used in limited contexts to support content and operational workflows.

We may add or replace service providers from time to time without notifying you individually, but we use commercially reasonable efforts to engage providers that offer appropriate safeguards.

6.3 Escrow and Backup Providers

ICANN and certain registries require escrow of registration data with third-party escrow agents. Your registration data may be deposited with such agents and used solely as required by ICANN and the relevant registry policies.

6.4 Legal, Regulatory, and Safety Disclosures

We may disclose personal information when we believe in good faith that disclosure is necessary to: comply with a legal obligation, court order, subpoena, or lawful request by a public authority; enforce our terms; investigate suspected fraud, abuse, or security incidents; or protect the rights, property, or safety of Just, our users, or others.

6.5 Business Transfers

If Just is involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, personal information may be transferred as part of that transaction, subject to standard confidentiality protections.

6.6 With Your Direction

We may share information with other parties when you direct us to do so, for example when you authorize a transfer to another registrar.

7.International Data Transfers

Just is based in Israel, which the European Commission has recognized as providing an adequate level of data protection. Some of our service providers and accredited registrars are located outside Israel and the EEA, including in the United States and other jurisdictions.

Where we transfer personal data from the EEA, the United Kingdom, or Switzerland to a country that has not received an adequacy decision, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, or another lawful transfer mechanism. You may request a copy of the safeguards applicable to a specific transfer by contacting privacy@just-domain-name.com.

8.Data Retention

We keep personal information only for as long as necessary for the purposes described in this Policy and as required by law.

CategoryRetention period
Account and customer recordsWhile the account is active, plus up to 7 years after closure (Israeli tax, accounting, and AML record-keeping requirements)
Billing, invoices, transaction records7 years
Domain registration / WHOIS dataWhile the domain is registered through us, plus the period required by the registry and ICANN's RAA (typically up to 2 years after expiration or transfer-out)
Server, security, and access logsUp to 12 months, longer if needed for an active investigation or legal obligation
Web analyticsProvider default (Google Analytics is configured for up to 14 months)
Marketing subscription recordsUntil you unsubscribe, plus up to 12 months thereafter to evidence consent and opt-out compliance
Customer support communicationsUp to 3 years from the last interaction
BackupsDeleted on the regular backup rotation cycle, no longer than 90 days after deletion from production

When personal information is no longer needed, we delete or irreversibly anonymize it.

9.Your Rights — General

Subject to applicable law and the limits noted below, you may have the right to:

  • Access the personal information we hold about you and obtain a copy.
  • Rectify inaccurate or incomplete information.
  • Erase your information.
  • Restrict or object to certain processing.
  • Port your information to another provider in a structured, machine-readable format.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with a competent supervisory authority.

To exercise any of these rights, contact privacy@just-domain-name.com. We will respond within the time frames required by applicable law (generally 30 days under GDPR; 45 days under CCPA/CPRA, with one possible extension). We may need to verify your identity before fulfilling a request, and we may decline or limit a request where permitted by law.

Important limits. Some data — in particular WHOIS records, transaction and tax records, and security logs — is subject to mandatory retention or publication requirements that limit our ability to delete it on request.

10.Additional Rights for EEA, UK, and Swiss Residents

If you are located in the European Economic Area, the United Kingdom, or Switzerland, in addition to the rights in Section 9 you may:

  • ask us to identify the legal basis on which we process your personal data;
  • object to processing based on our legitimate interests;
  • object at any time to direct marketing, including profiling related to direct marketing;
  • request information about the safeguards we use for international transfers;
  • lodge a complaint with your local supervisory authority. A list of EU/EEA authorities is available at edpb.europa.eu. UK residents may contact the Information Commissioner's Office at ico.org.uk.

11.Additional Rights for California Residents

If you are a California resident, the CCPA/CPRA gives you the following rights, in addition to those in Section 9:

  • Right to know the specific pieces and categories of personal information we have collected about you, the categories of sources, the business or commercial purposes for collection, and the categories of third parties to whom we disclose it.
  • Right to delete personal information we collected from you, subject to legal exceptions.
  • Right to correct inaccurate personal information.
  • Right to opt out of "sale" or "sharing" of personal information. We do not sell or share personal information for cross-context behavioral advertising; if our practices change we will provide an opt-out mechanism via a "Do Not Sell or Share My Personal Information" link on the site.
  • Right to limit use of sensitive personal information. We do not use sensitive personal information for purposes that would trigger this right.
  • Right to non-discrimination for exercising any of your rights.

You may submit a request by emailing privacy@just-domain-name.com. You may also designate an authorized agent to act on your behalf, subject to verification.

For purposes of the CCPA/CPRA categories, in the prior 12 months we have collected: identifiers, customer records, commercial information, internet/network activity, geolocation (approximate, IP-based), and inferences drawn from the foregoing. We collect this information from you, your devices, and the third parties described in Section 3.7. Disclosure recipients are described in Section 6.

12.Additional Rights for Israeli Residents

If you are located in Israel, you have rights under the Protection of Privacy Law, 5741-1981 and its regulations, including the right to inspect personal information held about you in our database (Section 13 of the Law) and to request correction or deletion of inaccurate, incomplete, or outdated information (Section 14). Requests should be sent to privacy@just-domain-name.com. You may also lodge a complaint with the Israeli Privacy Protection Authority (Rashut Hahaganah Al Hapratiyut) at gov.il.

13.Cookies and Similar Technologies

We use cookies and similar technologies (collectively, "Cookies") to operate the site, remember your preferences, analyze traffic, and support marketing. You can manage your preferences at any time through the cookie banner on the site or your browser settings. Disabling certain Cookies may affect the functionality of the services.

The categories of Cookies we use are:

CategoryPurposeTypical lifetimeExamples
Strictly necessaryAuthentication, session management, load balancing, security and abuse preventionSession to 12 monthsSession ID, CSRF token, auth token
FunctionalRemembering preferences such as language, region, and UI settingsUp to 12 monthsUI preferences, locale
AnalyticsMeasuring how the site is used and improving itUp to 14 monthsGoogle Analytics (_ga, _gid)
MarketingMeasuring the effectiveness of campaigns and (where applicable) limited remarketingUp to 12 monthsCampaign attribution cookies

Strictly necessary Cookies do not require consent. Analytics and marketing Cookies are set only after you provide consent through the cookie banner, where consent is required by law.

14.Security

We implement administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, alteration, disclosure, or destruction. These include encryption in transit (TLS), encryption at rest where appropriate, access controls and least-privilege principles, hashed password storage, regular backups, monitoring and alerting, and periodic review of our practices.

No system is completely secure. You are responsible for keeping your account credentials confidential, using a strong unique password, and enabling any available multi-factor authentication.

15.Data Breach Notification

If we become aware of a personal data breach that affects your personal information, we will notify the competent supervisory authority within 72 hours of becoming aware of the breach, where required under GDPR Article 33 or analogous law, and we will notify affected users without undue delay where required under GDPR Article 34, the Israeli Privacy Protection Regulations (Data Security), 5777-2017, the CCPA/CPRA, or other applicable law. Notifications will describe the nature of the breach, likely consequences, and the measures taken or proposed to address it.

16.Automated Processing and AI

We use automated tools to detect fraud, abuse, and security risks, and to support certain operational and content workflows. We may also use artificial intelligence and machine-learning systems to assist with portions of the services.

We do not make decisions producing legal or similarly significant effects about you based solely on automated processing without human involvement, except as necessary for entering into or performing a contract with you, where authorized by applicable law, or with your explicit consent. Where such processing occurs, you have the right to obtain human intervention, express your point of view, and contest the decision.

17.Children

The services are intended for individuals 18 years of age or older. We do not knowingly collect personal information from children under 16 (or the equivalent minimum age in your jurisdiction). If you believe a child has provided us with personal information, please contact privacy@just-domain-name.com and we will take appropriate steps to delete it.

18.Third-Party Links

The site may contain links to third-party websites, including registrar websites, registry resources, and ICANN. We are not responsible for the privacy practices or content of those sites. This Policy applies only to information we collect.

19.Changes to This Policy

We may update this Policy from time to time, including to reflect changes to our services, our service providers, our business practices, or applicable law. When we update the Policy, we will revise the "Last Updated" date at the top of this document and post the updated Policy on the site. The updated Policy takes effect immediately upon posting unless a later effective date is stated.

Non-material changes. For non-material changes — including, without limitation, clarifications, corrections, formatting and structural updates, the addition, replacement, or removal of service providers within an existing category, expanded explanations of existing practices, changes to our business contact information, and updates required to comply with applicable law — we will not provide individual notice. The change becomes effective when posted, and you are responsible for periodically reviewing this Policy.

Material changes. Where we make material changes that significantly expand the categories of personal information we collect, introduce a materially new purpose for which we use it, materially change the parties with whom we share it, or materially reduce your rights, we will provide additional notice — for example, by email, an in-product notification, or a banner on the site — where and to the extent required by applicable law, with reasonable advance notice before the change takes effect.

Acceptance. Your continued use of the services after the effective date of any update to this Policy constitutes your acceptance of the updated Policy, to the fullest extent permitted by applicable law. If you do not agree with an update, you must stop using the services and may close your account.

20.Contact Us

If you have questions, concerns, or requests regarding this Policy or our privacy practices, please contact us:

Just (Just Domain)
Email: privacy@just-domain-name.com
Website: https://just-domain-name.com

You also have the right to lodge a complaint with a competent supervisory authority, as described in Sections 10–12.