Important update 1: Email Support is being transitioned to Webforms. Click here for more information.
Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            GDPR Controls and Data Management FAQ

            This article answers common questions from OpenSRS resellers about GDPR controls, the registrant consent page, consent request emails, and data handling. The GDPR applies to all Tucows customers, but you have some flexibility in how registrant communications are handled. Use this FAQ to understand what you can customize, what you cannot, and how to interact with the consent process.

            Scope of GDPR at OpenSRS

            OpenSRS applies GDPR-aligned data protections to all registrants, regardless of where they are located. Tucows acts as both a data processor and a data controller and is legally obligated to collect consent from registrants and provide an accessible means of revoking it. The data sharing preferences page is the core mechanism for fulfilling these obligations.

            Warning: GDPR enforcement guidance and OpenSRS implementation details change over time. Confirm with the OpenSRS Support team before relying on any procedural detail in this article.

            Can I edit the consent page?

            No, the consent page cannot be edited.

            OpenSRS aims to allow customization of registrant-facing content wherever possible. Most of the text on the data sharing preferences page is legal information that OpenSRS is obligated to disclose, so it cannot be modified. Other confirmation pages are being modernized to allow customization.

            Can I edit the consent request email?

            Yes, much of the content in the consent messaging can be modified. Refer to the OpenSRS consent copy and design reference for examples of the content of these emails.

            How can I provide the consent page link to a client?

            You can send the consent page link to the registrant by initiating a request through the Reseller Control Panel or through the API.

            1. Open the Reseller Control Panel.

            2. Go to the Domains page and select the relevant domain.

            3. In the Domain Overview section, review the consent status.

            4. Click Send consent email to email the domain owner a link to their consent settings page.

            You can also trigger this email programmatically using the gdpr_send_consent_reminder_email API command.

            How can I determine whether a specific TLD is asynchronous?

            A data use information page is available to all resellers and registrants and lists the TLDs and services offered through Tucows, including each TLD's synchronous or asynchronous status.

            Can I disable this process and the communications?

            No, there is no option to disable GDPR.

            As a data processor and controller, Tucows is legally obligated to collect consent from registrants and provide them with a straightforward, accessible means of revoking consent. The data sharing preferences page is OpenSRS's solution for fulfilling these obligations and is an essential part of the domain and service registration process.

            Required registrant data

            Basic pieces of information are still required, including registrant name, organization, email address, and country. Tucows needs this data for its contractual use, must identify the owner of the domain, and the Domain Registrant Agreement requires the registrant to provide complete and accurate information. The list of contractually required data elements may be longer for a particular TLD or service, depending on Tucows' contract with the registry or service provider.

            Using placeholder data

            When placing orders, you can substitute placeholder data for any data elements that OpenSRS processes using consent as a legal basis. These fields cannot be left empty.

            Note: OpenSRS recommends against using substitute placeholder data.

            Placing an order for an asynchronous service using placeholder data is possible, but the data will likely not be accepted at the registry level, and the pending order may not be fulfilled. For synchronous services, consent-based data can be withheld and placeholders used instead, but if the registrant later consents, they may be confused to find that the data is not listed on their domain registration record.

            Next steps

            • Review the GDPR Consent Management Process article. Understand how synchronous and asynchronous consent flows work end-to-end.

            • Audit your consent-related email templates. Make sure each customizable template reflects your brand and references your support channels.

            • Confirm asynchronous TLD coverage. Use the Data Use Information Page to identify which TLDs in your portfolio require explicit registrant consent.

            Questions? Contact OpenSRS Support.

            How helpful was this article?

            Thanks for your feedback!

            Do you still need help? If so please submit a request here.