Privacy Policy

The controller responsible for data processing on this website pursuant to the General Data Protection Regulation (GDPR) is:

If you have any questions about data protection, you can contact us at any time at the above address.

Types of Data Processed

When you use our newly registered domains database, we may process the following categories of personal data:

• Usage Data: Information about how you interact with our service, including pages viewed, search queries, and features used
• Meta/Communication Data: Device information, IP addresses, browser type, operating system, access times
• Content Data: Search terms you enter when searching for domains

Categories of Data Subjects

• Visitors and users of our website
• Business partners and interested parties

Purposes of Processing

• Provision and optimization of our domain search service
• Security measures and abuse prevention
• Website analytics and improvement
• Compliance with legal obligations

NewlyRegisteredDomains.io is a domain intelligence platform. We collect, process, and publish publicly available domain registration data. This data does not contain personal information.

Sources of Domain Data

All domain data we collect comes from publicly accessible sources:

• Zone Files: Official TLD zone files provided by registry operators
• RDAP (Registration Data Access Protocol): The ICANN-mandated successor to WHOIS
• WHOIS: Publicly available registration information
• DNS Records: Publicly resolvable DNS data (A, AAAA, NS, MX, TXT records)

What Domain Data We Publish

Data Type	Description	Personal Data?
Domain Names	Newly registered domain names across TLDs	No
Registration Status	Active, expired, pending delete, etc.	No
Registration Dates	Creation, expiration, and update dates	No
Nameservers	Authoritative DNS servers for a domain	No
DNS Records	A, AAAA, MX, NS, TXT records	No
Registrar Information	Name of the registrar (company, not individual)	No

Legal Basis for Domain Data Processing

• Legal basis: Legitimate interest (Art. 6(1)(f) GDPR)
• Justification: Domain registration data is intentionally made public by registry operators for transparency, security research, and the functioning of the internet's domain name system
• No consent required: As this data does not constitute personal data under GDPR, consent is not required for processing

Data Accuracy

Domain data is updated daily from official sources. While we strive for accuracy, we cannot guarantee that all information is current, as registration data may change at any time.

We process your personal data in accordance with the General Data Protection Regulation (GDPR). The following legal bases apply:

Processing Activity	Legal Basis	GDPR Article
Website provision & essential functionality	Legitimate interest	Art. 6(1)(f)
Essential cookies	Legitimate interest	Art. 6(1)(f)
Analytics cookies (Google Analytics)	Consent	Art. 6(1)(a)
Security & abuse prevention	Legitimate interest	Art. 6(1)(f)
Contact form inquiries	Contract performance / Pre-contractual measures	Art. 6(1)(b)
Legal compliance	Legal obligation	Art. 6(1)(c)

Where we rely on legitimate interest as the legal basis, our legitimate interest is the operation and improvement of our website and services. You have the right to object to processing based on legitimate interest (see Section 8).

Our website uses cookies and similar tracking technologies. In accordance with GDPR and the German TDDDG (Telecommunications Digital Services Data Protection Act), we obtain your consent before placing non-essential cookies.

Essential Cookies (No Consent Required)

These cookies are strictly necessary for the website to function and cannot be switched off:

• Session management cookies
• Security cookies (CSRF protection)
• Cookie consent preference storage

Analytics Cookies (Consent Required)

These cookies help us understand how visitors interact with our website:

• Google Analytics: We use Google Analytics to analyze website usage. This service may transfer data to the United States. Google is certified under the EU-US Data Privacy Framework.

Managing Your Cookie Preferences

You can manage your cookie preferences at any time:

• Use the cookie consent banner when you first visit our site
• Click "Cookie Settings" in the footer to change your preferences
• Adjust settings in your browser to block or delete cookies

We may share your data with the following categories of recipients:

Hosting Provider - Hivelocity Inc.

• Purpose: Website hosting and infrastructure
• Data processed: All data transmitted to our website
• Legal basis: Legitimate interest (Art. 6(1)(f) GDPR)
• Data transfer: USA (EU-US Data Privacy Framework certified)
• Privacy Policy: https://www.hivelocity.net/privacy-policy/

Google Analytics (Google LLC)

• Purpose: Website analytics and usage statistics
• Data processed: IP address (anonymized), usage data, device information
• Legal basis: Consent (Art. 6(1)(a) GDPR)
• Data transfer: USA (EU-US Data Privacy Framework certified)
• Privacy Policy: https://policies.google.com/privacy

Cloudflare Inc.

• Purpose: Content delivery network (CDN), DDoS protection, security
• Data processed: IP address, access logs, security-related data
• Legal basis: Legitimate interest (Art. 6(1)(f) GDPR)
• Data transfer: USA (EU-US Data Privacy Framework certified)
• Privacy Policy: https://www.cloudflare.com/privacypolicy/

We have concluded Data Processing Agreements (DPAs) with all processors in accordance with Art. 28 GDPR.

In accordance with German media law (TMG §6) and competition law (UWG), we disclose that this website contains affiliate links.

Our Affiliate Partners

Partner	Service	Privacy Policy
Gname	Domain backorder & registration	View Policy
GoDaddy	Domain registration & hosting	View Policy
Namecheap	Domain registration & hosting	View Policy
Atom	Domain marketplace	View Policy
PerfectDomain	Premium domain sales	View Policy
Sedo	Domain marketplace & parking	View Policy
Afternic	Domain marketplace	View Policy
Dynadot	Domain registration	View Policy
Venture	Domain & brand marketplace	View Policy

This list may be updated as we add or remove affiliate partnerships. Not all links to these services are affiliate links.

How It Works

Affiliate links are marked with an asterisk (*) or "Ad". When you click these links and make a purchase, we may receive a commission at no additional cost to you. The partner website may use cookies to track the referral.

Our editorial content and domain data are not influenced by affiliate partnerships. We only recommend services we use ourselves.

Our website is hosted on servers located in the United States. When you access our service, your data is transferred to and processed in the USA.

We ensure appropriate safeguards are in place for all international data transfers:

EU-US Data Privacy Framework

Our US-based service providers are certified under the EU-US Data Privacy Framework:

• Hivelocity Inc. - Hosting provider
• Google LLC - Analytics
• Cloudflare Inc. - CDN and security

Additional Safeguards

• Standard Contractual Clauses (SCCs): EU Commission-approved contractual terms where applicable
• Data Encryption: All data is encrypted during transfer (TLS/SSL) and at rest
• Access Controls: Strict access limitations to personal data

You can obtain more information about the safeguards we use by contacting us at the address provided above.

We retain personal data only for as long as necessary for the purposes for which it was collected:

Data Type	Retention Period	Reason
Server logs (including IP)	90 days	Security and troubleshooting
Analytics data	14 months	Google Analytics default retention
Cookie consent records	12 months	Proof of consent
Contact inquiries	3 years	Business correspondence

After the retention period expires, data is either deleted or anonymized. Anonymized data may be retained indefinitely for statistical purposes.

Under the General Data Protection Regulation, you have the following rights regarding your personal data:

Right of Access (Art. 15 GDPR)

You have the right to obtain confirmation whether personal data concerning you is being processed and, if so, to access that data and receive a copy.

Right to Rectification (Art. 16 GDPR)

You have the right to request correction of inaccurate personal data or completion of incomplete data.

Right to Erasure / "Right to be Forgotten" (Art. 17 GDPR)

You have the right to request deletion of your personal data under certain circumstances, such as when the data is no longer necessary for its original purpose.

Right to Restriction of Processing (Art. 18 GDPR)

You have the right to request restriction of processing under certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability (Art. 20 GDPR)

You have the right to receive your personal data in a structured, commonly used, machine-readable format and to transmit it to another controller.

Right to Object (Art. 21 GDPR)

You have the right to object to processing based on legitimate interest at any time. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests.

Right to Withdraw Consent (Art. 7(3) GDPR)

Where processing is based on consent, you have the right to withdraw consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.

Right to Lodge a Complaint (Art. 77 GDPR)

You have the right to lodge a complaint with a supervisory authority. The competent authority for us is:

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

• Email: [email protected]
• Post: Lyalpha GmbH, Heinrichstr. 73, 40239 Düsseldorf, Germany

We will respond to your request within one month. This period may be extended by two months for complex requests, in which case we will inform you.

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• Encryption: All data transmissions are encrypted using TLS/SSL (HTTPS)
• Access Control: Access to personal data is restricted to authorized personnel
• Regular Updates: Our systems are regularly updated and patched
• Monitoring: We monitor our systems for security vulnerabilities
• DDoS Protection: We use Cloudflare for protection against attacks
• Data Minimization: We only collect data that is necessary for our purposes

We do not use automated decision-making or profiling as defined in Art. 22 GDPR that produces legal effects or similarly significantly affects you.

Our website may use automated systems solely for:

• Spam and abuse detection
• Rate limiting to prevent service abuse

These measures are necessary for security purposes and do not result in decisions that significantly affect your rights.

Our service is not directed to children under the age of 16. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us immediately at [email protected].

If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes:

• We will update the "Last updated" date at the top of this policy
• For significant changes, we will provide notice on our website
• Where required by law, we will obtain your consent to material changes

We encourage you to review this Privacy Policy periodically.

If you have questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact us:

We aim to respond to all inquiries within 30 days.