Terms & ConditionsDomain Registration Data Disclosure Policy & Guide

Domain Registration Data Disclosure Policy & Guide

Last updated: 01-January-2026

This Domain Registration Data Disclosure Policy & Guide explains how The Cloud Aro collects, processes, protects, and discloses domain registration data (also known as WHOIS or Registration Data) in compliance with ICANN policies, applicable registrar requirements, GDPR, Pakistan data protection principles, and relevant US laws.

This document is intended for domain registrants, resellers, law enforcement authorities, intellectual property holders, and other legitimate requestors.

1. Scope

  • This policy applies to: - Domain names registered or managed through The Cloud Aro - WHOIS / Registration Data associated with domain registrations - Requests for access to non-public registration data

2. What Is Domain Registration Data

  • Domain Registration Data may include: - Registrant name or organization - Registrant email address - Registrant phone number - Registrant postal address - Administrative and technical contact details - Domain creation, expiration, and update dates - Nameserver information
  • Where domain privacy or proxy services are enabled, certain personal data may be masked or replaced.

3. Public vs Non-Public Registration Data

3.1 Public Data

  • Depending on the TLD and applicable laws, the following may be publicly visible via WHOIS: - Domain status - Registrar name - Nameservers - Domain creation and expiration dates

3.2 Non-Public (Redacted) Data

  • The following data is typically not publicly displayed: - Registrant name - Email address - Phone number - Physical address
  • Access to non-public data is restricted and governed by this policy.

4. Legal & Regulatory Framework

  • TheCloudaro processes domain registration data in accordance with: - ICANN Temporary Specification & Registration Data Policies - GDPR (EU) - Pakistan data protection principles - Applicable US laws
  • We apply the principles of data minimization, purpose limitation, and proportionality.

5. When We May Disclose Registration Data

5.1 With Registrant Consent

  • Where the domain registrant has provided explicit consent for disclosure.

5.2 Legal Obligations

  • When required to comply with: - Court orders - Subpoenas - Lawful requests from competent authorities

5.3 Legitimate Interest Requests

  • We may disclose limited data where the requestor demonstrates a legitimate interest, such as: - Intellectual property rights enforcement - Trademark or copyright infringement claims - Cybersecurity investigations
  • Each request is reviewed on a case-by-case basis.

6. Data Request Evaluation Criteria

  • Requests for non-public registration data are assessed based on: - Identity verification of the requestor - Purpose and legal basis of the request - Proportionality and necessity - Risk to registrant rights and freedoms
  • We may deny or partially fulfill requests that do not meet these criteria.

7. How to Submit a Data Disclosure Request (Guide)

  • To request access to non-public domain registration data, submit a written request to:
  • Email: support@thecloudaro.com
  • Your request should include: - Requestor’s full name and organization - Contact information - Domain name(s) involved - Legal basis or legitimate interest - Supporting documentation (court order, trademark certificate, etc.)
  • Incomplete requests may be rejected.

8. Response Time

  • We aim to respond to valid disclosure requests within: - 5–10 business days for standard requests - Urgent cases may be prioritized where legally justified

9. Registrant Rights

  • Domain registrants have the right to: - Be informed of data processing practices - Request access to their own registration data - Request correction of inaccurate data - Enable or disable domain privacy services (where available)

10. Data Security & Retention

  • We implement appropriate technical and organizational measures to protect registration data.
  • Registration data is retained only for as long as required by: - ICANN policies - Legal and regulatory obligations

11. Abuse of Disclosure Requests

  • We reserve the right to reject requests that are: - Excessive or repetitive - Made in bad faith - Intended to harass or misuse personal data

12. Changes to This Policy

  • We may update this policy to reflect regulatory or policy changes. Updates will be published on our website.

13. Contact Information

  • For questions regarding domain registration data or this policy:
  • The Cloud Aro
  • Email: support@thecloudaro.com
  • Address: Karachi, Pakistan