DNS Archive Privacy Policy

Last Updated: May 2022

POLICY APPLICATION

This Policy applies to DNS Archives’s collection, use, and disclosure of the information of the following categories of data subjects:

  1. Attendees: Those who provide their information to DNS Archive or DNS Archive representatives when they attend or register to attend DNS Archive events or other events at which DNS Archive participates.
  2. Website Visitors: Those who visit our Websites and who may opt to provide an email address to receive communications from DNS Archive. For the purposes of this Policy, “Websites” shall refer collectively to dnsarchive.net, and any other websites DNS Archive owns and that link to this Policy.
  3. Customers: Those who register on their own or on behalf of an entity or organization to use the DNS Archive threat intelligence platform, including administrators on a Customer account. For the purposes of this Policy, “Services” shall refer to all of the cloud-based solutions offered, marketed or sold by DNS Archive or its authorized partners that are designed to increase the performance, security and availability of Internet properties, applications and networks, along with any software, software development kits and application programming interfaces ("APIs") made available in connection with the foregoing.
  4. End Users: Those who access or use our Customers’ networks whom are configured to use our DNS Archive platform whose information we process in order to provide the Services to our Customers pursuant to our agreements with them.
INFORMATION WE COLLECT
Attendees:
  1. We may ask for and collect personal information such as your name, address, phone number and email address when you register for or attend a sponsored event or other events at which DNS Archive (and/or its representatives) participates.
Website Visitors:
  1. Name, email address, and other contact information. We may ask for and—at your option—collect personal information from you when you submit web forms on our Websites, including opportunities to sign up for and agree to receive email communications from us. We also may ask you to submit such personal information if you choose to use interactive features of the Websites, including participation in surveys, contests, promotions, sweepstakes, requesting customer support, or otherwise communicating with us. We will send such communications in accordance with applicable law.
  2. Log Files. Just as when you visit and interact with most websites and services delivered via the Internet, when you visit our Websites, we gather certain information and store it in log files. This information may include but is not limited to Internet Protocol (IP) addresses, system configuration information, URLs of referring pages, and locale and language preferences. This data is deleted automatically and never shared with anyone.
  3. Cookies and Other Tracking Technologies. We may use cookies and other information-gathering technologies for a variety of purposes, such as providing us with information about how you interact with our Websites and assisting us in our marketing efforts. You can control how websites use cookies by configuring your browser's privacy settings (please refer to your browser's help function to learn more about cookie controls). Note that if you disable cookies entirely, DNS Archive’s Websites may not function properly.
  4. Interactive Areas.The Websites may offer publicly accessible blogs, community forums, comments sections, discussion forums, or other interactive features (“Interactive Areas”). If you choose to participate in any of these Interactive Areas, please be aware that any information that you post in an Interactive Area might be read, collected, and used by others who access it. If you wish to remove your personal information from any of our Interactive Areas, please see the Section 8, below.
Customers:
  1. Customer Account Information. When you register for a DNS Archive account, we collect your email address and a self-selected password. We refer to this information collectively as “Customer Account Information” for the purposes of this Policy. Customer Account Information is required to identify you as a Customer and permit you to access your account(s). By voluntarily providing us with such Customer Account Information, you represent that you are the owner of such personal data or otherwise have the requisite consent to provide it to us. You will use this as a way to access and authenticate with the DNS Archive system.
  2. Payment Information. You are not required to enter your payment information unless and until you decide to continue with a paid subscription to our Services. When you sign up for one of our paid Services, you must provide payment and billing information. The information you will need to submit depends on which payment method you choose. For example, if you pay with a credit card, your payment information is collected via the Stripe payment processor. We do not store your payment information in the DNS Archive system. Find Stripe's privacy policy here.
End Users:

DNS Archive processes End Users’ information on behalf of our Customers when End Users use our Customers’ networks.

This information may include but is not limited to IP addresses, and other information about traffic to and from Customers’ websites or networks (collectively, “Log Data”). We collect and use Log Data to operate, maintain, and improve our Services in performance of our obligations under our Customer agreements.

DNS Archive also stores server and network activity data, and observations and analyses derived from traffic data collected by DNS Archive in the course of providing the Services (together, “Operational Metrics”). Examples of Operational Metrics include service uptime and service availability metrics, request volumes, error rates, cache rates, and IP threat scores.

HOW WE USE INFORMATION WE COLLECT.

DNS Archive only processes personal information in a way that is compatible with and relevant to the purpose for which it was collected or authorized. As a general matter, for all categories of data described in Section 2 above, we may use the information (including personal information, to the extent applicable) to:

  1. Provide, operate, maintain, improve, and promote the Website and Services for all users of the Website and Services;
  2. Enable you to access and use the Website and Services;
  3. Process and complete transactions, and send you related information, including purchase confirmations and invoices;
  4. Send transactional messages, including responses to your comments, questions, and requests; provide customer service and support; and send you technical notices, updates, security alerts, and support and administrative messages;
  5. Send commercial communications, in accordance with your communication preferences, such as providing you with information about products and services, features, surveys, newsletters, offers, promotions, contests, and events about us and our partners; and send other news or information about us and our partners. See Section 9 below for information on managing your communication preferences.
  6. Monitor and analyze trends, usage, and activities in connection with the Websites and Services and for marketing or advertising purposes;
  7. Comply with legal obligations as well as to investigate and prevent fraudulent transactions, unauthorized access to the Services, and other illegal activities;
  8. Personalize the Websites and Services, including by providing features or content that match your interests and preferences; and
  9. Process for other purposes for which we obtain your consent.

Information from Third Party Services. We may combine information we collect as described above with personal information we obtain from third parties. For example, we may combine information entered on a DNS Archive sales submission form with information we receive from a third-party sales intelligence platform vendor to enhance our ability to market our Services to Customers or potential Customers.

NOTICE TO EU RESIDENTS.

DNS Archive is a data controller for the Personal Data collected from all categories of data subjects listed above except for the Personal Data of End Users. DNS Archive processes the Personal Data of End Users on behalf of its Customers.

If you are an individual from the European Economic Area (the “EEA”), the United Kingdom or Switzerland, please note that our legal basis for collecting and using your personal information will depend on the personal information collected and the specific context in which we collect it. We normally will collect personal information from you only where: (a) we have your consent to do so, (b) where we need your personal information to perform a contract with you (e.g. to deliver the DNS Archive Services you have requested), or (c) where the processing is in our legitimate interests. Please note that in most cases, if you do not provide the requested information, DNS Archive will not be able to provide the requested service to you.

In some cases, we may also have a legal obligation to collect personal information from you, or may otherwise need the personal information to protect your vital interests or those of another person. Where we rely on your consent to process your personal data, you have the right to withdraw or decline consent at any time. Where we rely on our legitimate interests to process your personal data, you have the right to object.

If you have any questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us at privacyquestions@noc.org.

INFORMATION SHARING.

We work with other companies who help us run our business (“Service Providers”). These companies would provide services to help us deliver customer support, process credit card payments, manage and contact our existing Customers as well as sales leads, provide marketing support, and otherwise operate and improve our Services. These Service Providers may only process personal information pursuant to our instructions and in compliance both with this Privacy Policy and other applicable confidentiality and security measures and regulations, including our obligations under the EU-US and Swiss-US Privacy Shield frameworks described in Section 7, below.

Specifically, we do not permit our Service Providers to sell any personal information we share with them or to use any personal information we share with them for their own marketing purposes or for any purpose other than in connection with the services they provide to us.

In addition to sharing with Service Providers as described above, we also may share your information with others in the following circumstances:

  1. With our resellers and other sales partners who may help us distribute the Services to Customers;
  2. In the event of a merger, sale, change in control, or reorganization of all or part of our business;
  3. When we are required to disclose personal information to respond to subpoenas, court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims. (Learn more about how we handle law enforcement requests here);
  4. Where we have a good-faith belief sharing is necessary to investigate, prevent or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, or violations of our Website Terms of Use, Self-Serve Subscription Agreement, and/or Enterprise Subscription Terms of Service; or as otherwise required to comply with our legal obligations; or
  5. As you may otherwise consent from time to time.

Notice to California Residents: We do not sell, rent, or share personal information with third parties as defined under the California Consumer Privacy Act of 2018 (California Civil Code Sec. 1798.100 et seq.), nor do we do not sell, rent, or share personal information with third parties for their direct marketing purposes as defined under California Civil Code Sec. 1798.83.

IINTERNATIONAL INFORMATION TRANSFERS.

DNS Archive is a product of the NOC.org company, a U.S.-based, global company. We primarily store your information in the United States and the European Economic Area. To facilitate our global operations, we may transfer and access such information from around the world, including from other countries in which DNS Archive has operations for the purposes described in this Policy.

If you are accessing or using our Websites or Services or otherwise providing information to us, you are agreeing to the transfer of your personal information to the United States and other jurisdictions in which we operate.

DATA SUBJECT RIGHTS AND CHOICES
  1. Attendees, Website Visitors, Customers, and Registrants: You have the right to access, correct, update, export, or delete your personal information. You may email us at support@noc.org with any such subject access requests (“SAR”), and we will respond within thirty (30) days. Customers also can access, correct, export, or update their Account Information by editing their profile or organization record at dnsarchive.net.
  2. End Users: DNS Archive has no direct relationship with End Users. Accordingly, we rely upon our Customers to comply with the underlying legal requirements for subject access requests. If an End User requests that we access, correct, update, or delete their information, or no longer wishes to be contacted by one of our Customers that use our Services, we will direct that End User to contact the Customer website(s) with which they interacted directly. Our Customers are solely responsible for ensuring compliance with all applicable laws and regulations with respect to their website users.

For any SAR, we will need to verify a requestor is inquiring about their own information before we can assist. Where a SAR may implicate the personal data of another individual, we must balance the request against the risk of violating another person’s privacy rights. We will comply with SARs to the extent required by applicable law or the US-Swiss or US-EU Privacy Shield. In the EEA, the United Kingdom and Switzerland, you also have the right to lodge a complaint with a supervisory authority

COMMUNICATION PREFERENCES.

DNS Archive will send you commercial communications based on the communication preferences in your account settings. DNS Archive also will send you service-related communications. You may manage your receipt of commercial communications by clicking on the “unsubscribe” link located on the bottom of such emails, through your account settings if you have a DNS Archive account, or you may send a request to support@noc.org.

DATA SECURITY, DATA INTEGRITY AND ACCESS.

We take all reasonable steps to protect information we receive from you from loss, misuse or unauthorized access, disclosure, alteration and/or destruction. We have put in place appropriate physical, technical and administrative measures to safeguard and secure your information, and we make use of privacy-enhancing technologies such as encryption. If you have any questions about the security of your personal information, you can contact us at privacyquestions@noc.org.

NOTIFICATION OF CHANGES.

If we make changes to this Policy that we believe materially impact the privacy of your personal data, we will promptly provide notice of any such changes (and, where necessary, obtain consent), as well as post the updated Policy on this website noting the effective date of any changes.

BUSINESS TRANSACTIONS.

We may assign or transfer this Policy, as well as information covered by this Policy, in the event of a merger, sale, change in control, or reorganization of all or part of our business.

ENGLISH LANGUAGE CONTROLS.

Non-English translations of this Policy are not provided right now. The English version is authoritative and controls.

DISPUTE RESOLUTION.

NOC.org, Inc.
Attention: Data Protection Officer
220 Adams Drive
Suite 280, #304
Weatherford, Texas 76086
privacyquestions@noc.org

DNS repository. Over 90m domains and their name servers (NS), mail servers (MX), IPv4 and IPv6 information indexed.