NetEarth Group Get the latest information about NetEarth Group or any of its subsidiary companies.

March 12, 2020

LogicBoxes Scheduled maintenance on 15 March 2020 – updated

Filed under: Changes on the LB platform,Downime notice,NetEarth One — chrisp @ 10:59

Updated: Friday 13th March @ 10:10

As a part of LB’s endeavours to constantly upgrade their platform, they will be performing constructive maintenance on the database. During this maintenance, they will be switching the Database WAL(write-ahead logging) level to logical. 

Affected Services : 

This update will have a direct impact on the Control Panel and API services. Hence, during the maintenance you may not be able to:

1) Access and manage your orders from the Orderbox Control Panel.
2) Purchase orders from the Supersite.
3) Access the CSV Reports portal.
4) Manage the domain forwarding service from the Domain Forwarding interface. 
5) Use the API service
6) Access the Whois service.


Date: Sunday, 15th March 2020
Duration: 30 Minutes
Start Time: 1:30 AM GMT| 7:00 AM IST
End Time: 2:00 AM GMT| 7:30 AM IST

Though the scheduled maintenance window is of 30 minutes, you may face intermittent connectivity issues for around 5 minutes or less.

Their development team will be actively monitoring the system to ensure that there is minimal degradation of services.

December 11, 2019

LB platform now has GA 2FA

Filed under: Changes on the LB platform,NetEarth One — chrisp @ 15:26

LogicBoxes today completed the addition of Google Authenticate to the OrderBox.

To enable this for your account, login to NEO >> Person Icon (top right corner) >> Your Account & Security and you will see it half way down in the middle.

Please set this up as soon as you can to protect the domains within your accounts.

November 1, 2018

LB Important Announcement: Updated Terms of Service for Shared Hosting

Filed under: Changes on the LB platform,NetEarth One — chrisp @ 16:43

We have received the following from LogicBoxes regarding use of the platform for shared hosting :

This is to notify you that LB are updating their Terms of Service (ToS) for all our Shared Hosting Products. In the recent investigation of their current Shared Hosting packages, LB have identified websites that consume excess bandwidth resulting in a strain on the server resources, thereby adversely affecting the server performance for the rest of the users. Given the excess bandwidth they consume, LB strongly believe that such websites are best compatible with a VPS or Dedicated Server as opposed to a Shared Hosting Package.
In order to control unfair usage of the performance of their servers, LB will be implementing certain checks on their platform. The anti-abuse checks that will be implemented are as follows:
1. LB will be explicitly calling out capabilities of Shared Hosting servers and their use cases. As a violation parameter, LB have added limitations on the usage of disk space for storage of emails and other content.
2. LB have updated the ToS, thereby allowing LB to ensure that they can put suitable restrictions on the amount of resources consumed by “very heavy traffic websites” (websites running on packages that use up 25% of server resources for longer than 90 seconds) which include but are not limited to disk space, bandwidth, number of domains, disk I/O, DB space, etc.
How does it affect you?
These changes will only affect very heavy traffic websites, i.e., those who are using 25% of server resources for longer than 90 seconds, as mentioned above.
These very heavy traffic websites will be intimated and asked to move to a more suitable platform by upgrading their package. You can optimize on this opportunity by pitching a better fitting option (for example, a VPS or a Dedicated Server) to these website owners so that they don’t have to suffer from consequences such as reduced website speed, etc.
In case owners of these websites refuse to move or upgrade their package, LB will start limiting the resources they can consume, which in turn will ensure that the rest of the users continue receiving the best quality service available.

New terms of service for the LB platform and Shared Hosting is here

October 9, 2018

nTLDs being set to “Do Not Sell”

We are in the process of moving the following nTLDs over to our own credentials, whilst this is happening they have been set to “Do Not Sell” on the platform.


We estimate this will be for a few days. Whilst at this state any already purchased domains will still work and you will be able to manage those domains as normal.

As soon as we are back up on these, they will be set to “Sell” again.

May 24, 2018

Further GDPR changes on the LB platform – PLEASE READ

Filed under: Changes on the LB platform,NetEarth One — chrisp @ 22:52

Further to the previous blog posts on GDPR, there are now more points that have changed/updated with regards how LogicBoxes is handling this through the platform.  (a lot of the below is a cut/paste from LB information provided to NEO regarding platform changes, so we/us/our etc = LogicBoxes)

Previously LB was going to deploy TrustArc throughout the platform, this has now changed :

Applying TrustArc to SS, Partnersite:

We will not be deploying the TrustArc tool throughout the reseller chain. However, If you use cookies on your website, there are a variety of  open-source tools you may be able to utilise to obtain and manage cookie consent from your customers such as  

  1. Cookie Consent by Insites

  2. Tarteaucitron.js

  3. Cookie Consent

.ES domain registrations :

.ES domain registrations will be set to “do no sell” throughout the platform.  The reason for this is NIC.ES is not GDPR compliant, and therefore the “registrar”/Data Controller in this case, LB, would be liable for any fine.  You could argue that .ES is the entity that is creating the problem, but, as we have seen in the past with .ES they are not the fastest registry to fix things.

Webform for external contact to a domain contact: 

We will be launching a site within the next day or so to allow anyone to make contact to a domain contact as WHOIS will be anonymized for certain individuals.  More will come on this shortly.

SuperSite & PartnerSite
1. Data Transfer and Marketing Consent on SuperSite:
New Checkboxes have been introduced to the storefront that are shown to EU users. These will be shown when a new user selects a country from the European Economic Area and indicates that their account will be associated with that region. The other condition is when the user is an existing one and logs in to select an EEA country contact to associate with the domain name purchase; the checkbox will be shown before transaction completion.


Please find a brief understanding of these checkboxes below:
a. Your Terms of Service & acknowledgement of your Privacy Policy*
i. You are solely responsible for providing your customers with a Privacy Policy that accurately describes what data you collect from your customers and how you store, use and share or disclose such data and what choices your customers have with respect to such data.
b. Receiving marketing emails from you by providing your customers with the opportunity to opt-out of receiving such emails
i. If a customer opts-out of receiving marketing emails, that customer’s email preference will be sent to you in the customer sign up email. You must exclude all customers who opted-out from your marketing email campaigns.
ii. PLEASE NOTE: While we have currently provided you with the functionality to allow your customers to opt-out of receiving marketing emails, it is solely your responsibility to determine whether it is appropriate for you to rely on this opt-out solution or if you are required to obtain opt-in consent from your customers through alternative means.
c. For new sign-ups, the interfaces will collect consent from the customer to allow personal data transfers outside the EEA for processing because our platform servers are located in the USA.
d. If a customer selects an EU country during the purchase flow, an EU VAT ID box will be displayed to the customer.
e. For customized SuperSites, this code will be pushed into the site’s code bank, you will need to accept these code changes and check the integrity of your design and form changes. For your reference, here are the files that will be modified from our end:
i. misc/login/includes/customer_signup.html
ii. misc/signup/signup_form.html
iii. misc/login/includes/customer_signup.html
iv. legal/legal/legal.html
f. If you are using our API to send user sign up forms to the platform, please use the API methods here to send the consent you collect to OrderBox. You can also log this on a local DB to manage the opt in based marketing for new customers.
2. Consent on PartnerSite:
If a new reseller selects an EEA country from the country drop-down menu during sign up, three consent check boxes will be displayed to the reseller:
a. Agreeing to your Terms of Service & acknowledging the Privacy Policy
b. Receiving marketing emails from you
i. Your customer’s email preference will be sent to you in the Reseller sign up email. You must exclude these users from your marketing email campaigns
c. For customized PartnerSites, this code will be pushed into the site’s code bank, you will need to accept these code changes and check the integrity of your design and form changes. For your reference, here are the files that will be modified from our end:
i. legal/reseller_legal/reseller_legal.html
d. Consent from the customer to allow personal data transfers outside the EEA region for processing because the platform servers are located in USA
API changes to OrderBoxFor all LogicBoxes partners using the API, we will be making some changes to a few domain registration API calls which you will need to incorporate in your existing domain registration setup. We have documented these API changes in detail here.

Control Panel


1. Enabling/Disabling GDPR Protection:


Customers from all EEA countries using the OrderBox customer control panel will be given an option to enable or disable the GDPR Protection, which masks the customer’s WHOIS data to comply with the GDPR requirements, from their control panels. However, by default GDPR Protection for EEA customers will be enabled.
2. You will need to upload your GDPR compliant Privacy Policy:
We are introducing a new feature, which allows you to upload a privacy policy on SuperSites, PartnerSites and Control Panels. If the GDPR applies to you, it is your responsibility to ensure that you have a GDPR compliant Privacy Policy. As an organization and service provider, we have updated our Privacy Policy which you can find here.
a. There are a few tools available in the market that can help you draft a GDPR compliant Privacy Policy and make it GDPR compliant at a minimal cost
b. is an example
c. Other such tools are listed here:
API changes to OrderBox

For all LogicBoxes partners using the API, we will be making some changes to a few domain registration API calls which you will need to incorporate in your existing domain registration setup. We have documented these API changes in detail here.


GDPR – Upload your Privacy Policy to the platform

Filed under: Changes on the LB platform,NetEarth One — chrisp @ 19:37

LogicBoxes have finally completed the function to upload your Privacy Policy to the platform, this is a good place to keep it as well as your own site if you use the API.  It basically means all bases are covered in connection if a customer wants to read it.


  1. Login to NEO
  2. Click Settings >> Legal Agreements
  3. Click Privacy Policy
  4. Paste your Privacy Policy in to the text box and select from the drop down (use my own agreement)

Once saved and uploaded, click Tools >> Reload >> All

You should use your own agreement that you have produced, this way you know what is in your agreement.


May 11, 2018

GDPR and what you need to know using NEO and the LogicBoxes platform.

Filed under: Changes on the LB platform,NetEarth One — chrisp @ 16:52

GDPR: What You Need to Know

Businesses, large and small, are in the midst of preparing for compliance with the European Union’s new data privacy laws: The General Data Protection Regulation, or the GDPR, which will go into effect on May 25, 2018.

The GDPR is very broad in scope and can apply to businesses both in and outside of the EU. Businesses that don’t comply with the GDPR could face heavy fines.

Here’s what you need to know about the GDPR. (Note: You should consult your own legal counsel to determine if you are subject to the requirements of the GDPR.)


What is GDPR?

GDPR is short for the General Data Protection Regulation that goes into effect on May 25, 2018. It was passed by the European lawmakers to create a harmonized data privacy law across all the EU member states. Its purpose is to:

  • Support privacy as a fundamental human right;
  • Require companies that handle personal data to be accountable for managing that data appropriately; and give individuals rights over how their personal data is processed or otherwise used.

What is Personal Data?

In a nutshell, GDPR defines personal data as “any information relating to an identified or identifiable natural person.”

Okay, so what does that mean?

In addition to the kinds of information you might think about – name, address, email address, financial information, contact information, identification numbers, etc., personal data can in some cases be information related to your digital life, like an IP address, geolocation, browsing history, cookies, or other digital identifiers.

It also could mean information about a person, including their physical, mental, social, economic or cultural identities.

In short, if information can be traced back to or related in some way to an identifiable person, it is highly likely to be personal data. You can find out more about the GDPR here.


What rights does the GDPR provide to individuals?

There are several rights an individual may exercise under the GDPR, including:


  • Right of access: Individuals can ask for a copy of the personal data retained about them and an explanation of how it is being used
  • Right to rectification: Individuals have the right to correct, revise or remove any of the personal data retained about them at any time
  • Right to be forgotten: Individuals can ask to delete their personal data
  • Right to restrict processing: If an individual believes, for example, that their personal data is inaccurate or collected unlawfully, the individual may request limited use of their personal data
  • Right of portability: Individuals have the right to receive their personal data in a structured, commonly used and machine-readable format
  • Right to object: Where an individual decides that they no longer wish to allow their personal data to be included in analytics or to receive direct marketing emails or other personalized (targeted) marketing content at any time, the individual may opt out of use of their data for these purposes


Please note that these rights are not absolute, and limitations/exceptions may apply in some cases.


Some responsibilities of the GDPR you should understand

Generally speaking, there are two types of parties that have a responsibility regarding the handling of data: the “controller” and the “processor.” It is important to determine whether you are acting as a controller or a processor and understand your responsibilities accordingly.

A “data controller” determines the purposes, conditions and means of the use of personal data.

A “data processor” on the other hand, only acts on the instructions of the “controller” and processes personal data on their behalf.


So, what does this mean for you?

For Resellers: You are the processor in relation to your customer’s data. Since NetEarth One. Inc. acts as the Registrar on record, this also makes us a data controller for the customer account data.


It is your responsibility to ensure that you have the necessary notices and/or consents in place in order to transfer personal data to us for use.

In addition, we are reviewing and updating, as necessary, our agreements with you and with our subcontractors (to include the necessary GDPR terms), as well as notices, policies and internal processes, features, and templates to assure our compliance and help you achieve compliance.

How does the GDPR affect your business?

Individuals, companies, or businesses that have a presence in the EU or, if no presence, offer goods or services to, or monitor the behavior of, individuals in the EU need to comply with this law. Please consult with your own legal counsel about whether GDPR applies to you and your business.


What do you need to do differently to comply with GDPR?

If the GDPR applies to you, there are various obligations you will need to comply with in order to continue doing business with your customers from the EU. Luckily, not all of these obligations are new, so you should be complying with some of them already.

The most important differences in this context are as follows:

  • More information about your use of personal data must be communicated to your customers. You should make sure that your privacy notices/policies are updated to reflect the new requirements of the GDPR, including setting out the purposes of your processing personal data, how long you are retaining such data, and what legal basis for use of personal data are you relying on.
  • You should determine the legal basis for your use of personal data: If you are relying on consent to use your customers’ data you should ensure that the consent you have meets the new requirements of the GDPR (more details on this below). Please note that sending marketing emails or showing promotional content in any form to your customers may require, in certain circumstances, prior opt-in consent from them. As a reminder, you have already agreed through acceptance of our terms of service to lawfully obtain and process all personal data appropriately and have attested that you have permission to expose your customers to promotional content.
  • You will also need to comply with the rights provided to individuals by the GDPR. See section above “What rights does the GDPR provide to individuals?” for details.

To the extent that you have these obligations, LB will have tools in place to help support your compliance efforts – we’ll get into some detail about this below. These include methods for you to obtain consent on your website for all visitors and to show promotional content to your existing customers, as well as ways for you to confirm and document consent for new ones, too. (for those using the Supersite and/or Partnersite and Control Panel)

You should consult with your legal counsel on the above and your other obligations under GDPR.

What kind of Consent is required under the GDPR?


When in doubt, and you are relying on consent to market to your customers, express consent is typically your best option. You obtain and document express consent when you explicitly ask your potential customers for permission to send them emails and other marketing content, and they agree, and that agreement is recorded.  LogicBoxes platform has ways for you to indicate whether you have obtained express or implied consent from a customer, outlined in more detail below.

There may be circumstances where you can rely on something similar to implied consent for sending emails or promotional content to customers even when subject to the GDPR. This is called a “soft opt-in” where –

  • you have obtained their contact details in the context of a sale of a product or service,
  • you are sending emails and showing personalized ads relating to similar products or services
  • the customer has the ability to opt-out of receiving such emails when they first provided their data when making a purchase and in every subsequent communication sent from you.

You should consult with your legal counsel to determine whether you can rely on the soft opt-in going forward under the GDPR. If you have customers with soft opt-in consent, you can store them as implied consent, but you will need to maintain your own documentation about how you obtained that soft opt-in consent.

Your customers should also be given an easy way to withdraw their consent in order to comply with the GDPR.

How is NetEarth One complying with GDPR?

NEO’s partners will be able to opt-out of receiving emails at any time by clicking the ‘unsubscribe’ link included at the bottom of every marketing email they receive from NEO. Additionally, when you visit our website, tools will be deployed to collect cookie consent in order to understand and record their choice of cookies and work with those that site visitors have allowed.

Overall, we’ve classified our plan in 3 broad categories:

1.    Privacy Statement

LB are reviewing and updating, as necessary,  all agreements with us, you and with our subcontractors (to include the necessary GDPR terms). We are also updating our Privacy Policy, Terms of Service, internal processes, features, and templates to assure our compliance.

The NEO Privacy Statement will explain what information we collect about you as a NEO partner and how we handle your personal data in this context where the GDPR applies. This statement will include descriptions of how your personal data will be used by NEO.  Once published, we suggest that you review our Privacy Statement.

To the extent that you collect and process personal data, you are required to help your customers understand exactly what data is being collected and how it will be used. It is important that you have a Privacy Statement which contains details of your data processing activities.

Where required, we will also support you, as a NEO partner, in fulfilling GDPR related data subject requests you receive from your customers.


2.    WHOIS

The European data protection authorities have expressed concern over the unlimited publication of personal data of domain name registrants in the WHOIS. To ensure our WHOIS output is compliant with the GDPR, we will implement the following changes starting May 25th, 2018:

  • For Existing Domain Names:
    • For all existing domain names, if either of the Registrant, Admin, Tech and/or Billing contacts is identified as being from the EU, we will mask the WHOIS output for that domain name with placeholder details in place of the users’ personal information (this service will be referred to as “GDPR WHOIS Protection”).
  • All domain names that have Privacy Protection enabled, which is a separate service from GDPR WHOIS Protection, will continue to show the Privacy Protection contact details in the WHOIS output. In addition Privacy Protection provides the following services and functionality which are not available with GDPR WHOIS Protection:
    • Privacy Protection enables registrant to get emails like domain sale inquiries if needed from the website; and; and
    • Privacy Protection allows the registrant to receive emails from a web form on the website.
  • For New Domain Registrations, Renewals, Transfers:
    • All domain registrations and transfers from SuperSite will use the details from the customer contact created during the purchase flow or all the 4 contacts: Admin, Billing, Technical and Registrant contact.
      • The customer can log in to the control panel and change the default contact or edit any of the 4 contacts
      • If any of these contacts created/selected at the time of domain registration are from within the EU region, GDPR WHOIS Protection will be enabled for the Domain name by default during the purchase process. GDPR WHOIS Protection will work exactly as explained above
    • Users will be alerted in the purchase flow that their personal information is protected in WHOIS results for free
    • However, they still have the choice of layering Privacy Protection over GDPR WHOIS protection in order to receive emails like sale notices.
    • WHOIS data for EU customers will always be masked regardless of whether or not Privacy Protection is enabled
  • Partners using the LogicBoxes API must note two new attributes that will be recorded for domain names:
    • Data protection eligibility: This indicates whether the contact information must be masked for a particular domain name.
    • Data protection status: This indicates if the data protection status is currently turned ON or OFF.
  • Partners using the API must incorporate the following changes to enable customers to manage their data protection settings:
    • A new API method to disable and re-enable data protection;
    • A new API method to resend an authorization email for disabling data protection;
    • A new API method to cancel disabling request;
    • Two new parameters in domains/details and domains/details-by-name API methods
      • Data protection eligibility
      • Data protection status


The LB engineering team is currently working on building these changes into the system. While they do that, to enable our API partners to plan ahead, LB  will aim to share the final API specification with sample request and response patterns as soon as they are ready. Also, LB will  confirm when the new API methods will be available on the demo environment.

Additionally, certain TLDs have restrictions owing to the requirements laid down by their respective Registries and will hence, result into limited GDPR compliance. We will be communicating our plan for these TLDs before the enforcement date.

Notwithstanding the foregoing, access to personal data of domain name registrants may be granted when such access is necessary for technical reasons such as for the facilitation of transfers, or for law enforcement when it is legally entitled to such access.


3. Cookie Consent

When you visit NetEarth One  website, the web server passes on a cookie i.e., a string of text, to the web browser. These cookies enable our website to work, or work more efficiently, as well as provide information and additional services. Cookies are used for purposes of marketing, analytics or are essential for site functionality and making experiences better. To ensure that LB capture and record the appropriate consents for cookies deployed on the SS2 website / Partnersite / Control Panel, LB will be using TrustArc a globally trusted third-party compliance management tool. This way, you will be able to select and manage your cookie preferences. Generally, cookies may fall into any of the following categories*:

  • Strictly necessary/required cookies: These cookies are required to enable core site functionalities. If you choose to block these cookies, you may not be able to register, login to the website, access certain parts of the website or make full use of the website.
  • Functional cookies: In addition to core functionalities, these cookies collect and store login details, and can be opted out of
  • Analytics cookies: These cookies analyze site usage by monitoring how users navigate through the website, and can be opted out of
  • Advertising cookies: These cookies make users’ information available for targeted advertising, and can be opted out of

*The cookie definitions stated above are in accordance with how TrustArc (our cookie consent tool) identifies and segregates cookies.

  ***If you are using the API see below for how you will need to collect this information yourselves regarding your website***

What should you do as a partner?


If you use cookies on your website, you may have to comply with these enhanced consent requirements for cookies.

To help you implement this, LB have shortlisted 3 open-source tools you may be able to utilise to obtain and manage cookie consent from your customers:

  1. Cookie Consent by Insites
  2. Tarteaucitron.js
  3. Cookie Consent

These are just three tools out of the many options available on the internet. We are not, by any means, endorsing these tools and recommend you seek advice from your legal team before you decide to proceed with any of these (or other) cookie consent tools for ensuring thorough compliance.

What if you have more questions about GDPR?

If you have specific questions about GDPR, you can reach out to us at

 Other changes

You may be aware that there is likely to be further change in the near future about the way in which you can send marketing communication to your customers in the EU. The rules contained in the EU Directive on Privacy and Electronic Communications is under review and we are expecting a new ePrivacy Regulation to be finalized soon.

Once these new rules are finalized, we will be reviewing our forms and features again to provide our partners with the necessary tools to achieve compliance.


NOTE: The information included on this page is meant to guide you through the process of understanding GDPR and is not a substitute for legal advice. Find more information on the GDPR website.



May 8, 2018

New Password Policy on the LB platform.

Filed under: Changes on the LB platform,NetEarth One — chrisp @ 18:39

Password changes on the LB platform

LB will be updating our Password Policy to keep OrderBox more secure.

The password must have:
1. Between 9-16 characters
2. Uppercase characters (A-Z)
3. Lowercase characters (a-z)
4. Numbers (0-9)
3. Special characters ~*!@$#%_+.?:,{}



This change would impact the following users on the platform

  • Resellers creating a new reseller/customer account
  • Existing resellers/customers changing their account password

Note: LB recommends existing users to update their passwords as per the new policy.

The password policy changes will affect Resellers as follows:

  1. Resellers using the Supersite / Partnersite
    LB will be making changes to the code on the Sign Up pages. In the event that you have modified the code on the sign up page, kindly review the code changes here.
  2. Resellers using our API
    Our API has been updated as per the new password policy. Please find the API details below:

Reseller Sign up API:

  • Username
  • Name
  • Company
  • Language-preference
  • Password
  • Address-line-1
  • City
  • State
  • Country
  • Existing resellers/customers changing their account password
  • Zip-code
  • Phone-CC
  • Phone
  • Accounting-currency-symbol
  • Selling-currency-symbol
  • Auth-userid
  • API-key

Customer Signup API:

  • Username
  • Name
  • Company
  • Language-preference
  • Password
  • Address-line-1
  • City
  • State
  • Country
  • Zip code
  • Phone-CC
  • Phone
  • Auth-userid
  • API-key

Change Customer Password:

  • Customer-id
  • New-password

Change Password:

  • New-password

Note: We highly recommend you to switch to the new APIs to become compliant with the new password policy. The older API will continue to function and not enforce the new password policy.

To see more, take a read of the knowledgebase :


November 22, 2016

.EU domains no longer have an renewal Grace Period

Filed under: Changes on the LB platform,NetEarth One — chrisp @ 18:33

Please note that from 23rd November, 2016, .EU domains will no longer have a renewal grace period. This means any .EU domain expiring on, for example 23rd November, will be deleted on 23rd November itself, if not renewed before that date. Please renew your .EU domains which are about to expire as soon as possible, or else you will have to restore them. Redemption period remains the same. You can get in touch with our support team in case of any queries.

November 17, 2016

Important – ICANN Policy IRTP-C and how it will affect the transferring and movement of domains.

Filed under: Changes on the LB platform,NetEarth One — chrisp @ 17:16

Following my participation in the recent ICANN meeting in India, a number of registrars had a very productive discussion with ICANN compliance, we have been trying to move the removal of PP services COA from the IRTP-C into the PPSAI IRT, which we have found a route to hopefully make this happen and the RrSG is currently working on this.  Below is the current implementation, and if we are succesful the removal or enablement of PP on a domain will not trigger the unnecessary emails to the registrant.

IRTP-C implementation on the LB platform.

As you know, ICANN has implemented a new Transfer Policy which affects all ICANN-accredited registrars. The Transfer Policy takes effect 1st December 2016.

LB would like to take this opportunity to give you an insight into the various processes that will be affected in the OrderBox.

Processes Affected in OrderBox :

Quite a few processes will be directly impacted by this policy change and the platform will be updated to comply.

A. Contact Details Modification

The following are applicable throughout OrderBox for all gTLDs. The Customer/Reseller will no longer be able to:

1. Modify the contact details from the Customer Control Panel, under Contacts Management (this is logged in as Customer >> Settings). However, the Customer/Reseller will continue to have rights to modify the contacts via the Domain Order Overview page.
2. Use the ‘Update all Domain Names currently using this contact (wherever applicable)’ option while updating the Contact Details of a Domain Name.
3. The API call ‘contacts/modify’ will be deprecated.

The IRTP-C process is compulsory for all Registrars and the following changes are applicable:

1. Multiple Domain Contact Modification actions will no longer be queued. Only one Domain Contact Modification will be allowed to be in progress for a Domain Name. An attempt to place another Domain Contact Modification action when one is already in progress will return an appropriate error.
2. If the registrant contact either in the whois (for .COM/.NET) or at the Registry for other gTLDs does not match with the contacts in OrderBox, then the Registrant contact at the registry will be cloned, a new contact will be created in OrderBox with these details and this new contact will be associated with the domain. The current Contact Modification action will then fail. The Customer/Reseller will then have to request a Domain Contact Modification action once again (This point will also be applicable in case of Bulk Domain Contact Modification)

B. Move Service

This change is applicable throughout OrderBox for all TLDs. Move Service with the Default Contact option will be deprecated.
The Customer/Reseller will no longer be able to:

1. Move domains by using the ‘Use new customer’s default contact’ . The old contact will continue to be used.
2. Parameter ‘default-contact’ of the API call ‘products/move’ will no longer accept the value ‘default’.

C. Domain Transfer

Transfer request initiated with no request to modify contact details (name, company and/or email) on the domain

1. When a transfer is requested on a gTLD domain, the transfer Form of Authorization (FOA) will be sent to the Admin Email on WHOIS
2. This transfer FOA will be valid for 60 days; however, it will expire earlier if one of the following occurs:
The domain name expires before the transfer is completed
A change of Registrant is completed (platform level)
3. If the transfer FOA is not approved or if it expires, the transfer will be canceled.

Transfer request initiated where there is a request to modify contact details (name, company and/or email) on the domain

1. When a transfer is requested on a gTLD domain, the transfer FOA will be sent to the Admin Email on WHOIS.
2. This transfer FOA will be valid for 60 days; however, it will expire earlier if one of the following occurs:
The domain name expires before the transfer is completed
A change of Registrant is completed (platform level)
3. If the transfer FOA is approved, then an additional change of registrant FOA will be sent across to the parties involved [To minimize delays in transfer, we recommend using the same registrant details (name, company and email) as mentioned on the WHOIS, as this will prevent the Change of Registrant process from getting triggered. The registrant can be modified after the successful transfer of a domain into OrderBox]
4. If either of the Registrants disapprove the change of registrant FOA, the domain transfer request will also fail
5. Once the change of registrant FOA approval is received from both the registrants, an additional WHOIS check will be made to validate if the Registrant of the domain has changed in the interim. If yes, then the domain transfer request (including the change of registrant action) will fail, else it will proceed.
6. Post successful transfer, both the prior and the new registrant will receive an email notifying them about the change of registrant.

D.   Privacy Protection

While enabling/disabling Privacy Protection, the Registrar on Record will act as the Designated Agent to approve a change of registrant. No explicit approval will be needed from the Registrant.

A notification email will be sent to both the Registrants (Old and New) whenever the status of Privacy Protection is changed. This email is a compulsory email.

Relevant clauses to authorize the Registrar on Record as a Designated Agent have been added to the Domain Registration Agreement.


PPSAI = Privacy Proxy Service Accreditation Issues Working Group

IRTP-C = Inter Registrar Transfer Policy

IRT = Inplementation Recommendation Team

RrSG = Registrar Stakeholder Group

Older Posts »

Powered by WordPress