GDPR Protection for Domains

GDPR, short for the General Data Protection Regulation, is a regulation in European Union law designed to give EU citizens and residents greater control over their personal data, particularly regarding how this data is controlled and processed by companies. This regulation demands careful consideration of the ways that companies handle personal information of European citizens and residents. The GDPR became effective on May 25, 2018.

To learn more about GDPR, please visit

GDPR and Domains

To abide by GDPR principles, ProjectArmy provides a GDPR Protection setting for all domain names where any of the registrant, admin, technical or billing contacts bear the personal information of a user from the European Economic Area (EEA). This setting ensures that the information of such users will be replaced with placeholder text in the public WHOIS records.

The GDPR Protection setting is applied automatically for all eligible domains, but can be disabled by the domain name holder by providing explicit authorization.

When is GDPR Protection enabled?

The GDPR Protection setting is enabled for domains when:

  1. A domain is registered or transferred in to ProjectArmy if at least one contact is from the EEA
  2. The contact information of a registered domain is modified to use at least one contact from the EEA

Privacy Protection vs GDPR Protection

The GDPR Protection setting above is completely independent of the Privacy Protection service offered by ProjectArmy. You can’t have both enabled at the same time. You must enable one. The main differences are listed below:

GDPR Protection

  • Available only for domains with at least one contact from the EEA
  • Free of cost for eligible domain names
  • Provides no means for genuine inquirers to contact the domain owner

Privacy Protection

  • Available for all domains, except on TLDs that don’t permit this feature
  • Free for ProjectArmy customers (other providers may charge for this)
  • Allows genuine inquirers to contact the domain owner through form

Choose Privacy Protection if you need to be able to receive inquiries about the domain. For example, if you’re trying to sell your domain.

If you have registered a domain managed by a registry that requires us to provide your data to the registry, then such data may be published in a publicly available WHOIS database by the registry. If you do not wish to have this data shared or published, you will need to delete the domain registration with the registry.

Was this article helpful?

Still need help? Yes, I do!