Registrant Agreement for .gov.uk TLD

1. Overview

This Registrant Agreement for ‘.gov.uk’ Top-Level-Domain (“TLD”) is entered into by and between Stablepoint Ltd. and you (“Agreement”).

1.1. This Agreement sets out terms specific to .gov.uk TLD and is made effective as of the date of your electronic acceptance. Your acceptance means that you read, understand, acknowledge, and agree to be bound to this Agreement, which incorporates by reference each and every of(a) WHG General Terms of Service and policies, including, but not limited to, Privacy Policy and Acceptable Usage Policy, (b) Registry Policies as defined in Section 1.2 of this Agreement, and (iii) any plan limits, product disclaimers, or other restrictions presented to you on the Domain Service landing page of our website (“Site”).

1.2. Whenever used in this Agreement, unless there is something in the subject matter or context that is inconsistent therewith, the following words and terms will have respective meaning set out below:

• (a) “we”, “us” or “our” shall refer to WHG.
• (b) “you” shall refer to any individual or entity who accepts this Agreement, more specifically; you or any agent, employee, servant or person authorized to act on your behalf, and the registrant listed in the WHOIS contact information for the domain name.
• (c) “Parties” mean we and you, and a “Party” means any of them.
• (d) “Registry Operator” means the administrative and technical operator of the policies, processes and systems required to manage and operate the .gov.uk domains and subdomains. Nominet is the named Registry Operator as of now.
• (e) “Registry Data” means any data, including but not limited to DNS resource records, public-key material for DNSSEC and personal contact data, in each case held by the Registry Operator:
  • (i) For use in its Registry Services,
  • (ii) or for use by the Registry Operator in performance of its roles and obligations to the Critical Domain Holder, Registrar and/or Registrant,
  • (iii) or for use by the Registrar in performance of its roles and obligations to the Critical Domain Holder, Registry Operator and/or Registrant.
• (f) “Registry Policies” means all guidelines, practices, procedures, registration requirements or operational standards of TLD. This includes the .UK Registry-Registrar Agreement (“RO Agreement”) by the Registry Operator.
• (g) “Registrant” means an entity which has registered a .gov.uk domain name in the .gov.uk Registry.
• (h) “Register”, “Registrar”, and “Registry Services” mean as defined in the RO Agreement.
• (i) “Approved Registrar” means the Registrar meeting the Criteria to be a .gov.uk Approved Registrar.
• (j) “sub-Registrant” means an entity which has been given a lower-level domain from a .gov.uk Registrant. The sub-Registrant is not the same organization as the Registrant.
• (k) “Services” means domain name registration and related services for .gov.uk TLD.

1.3. Unless otherwise specified, nothing in this Agreement shall be deemed to confer any third-party rights or benefits.

2. Role and Responsibilities of CDDO as the Critical Domain Holder

The Parties agree to and accept the role of the Critical Domain Holder as set out below in respect of the protection of .gov.uk domains and subdomains.

2.1. The Central Digital and Data Office (“CDDO”), acting on behalf of the Minister for the Cabinet Office and as part of the Crown, has rights over the ‘.gov.uk’ domain and subdomains. CDDO is the .gov.uk domain Critical Domain Holder.

2.2. The Critical Domain Holder does not need to be party to this Agreement. The Critical Domain Holder has appointed the .gov.uk Registry Operator. The Critical Domain Holder permits the .gov.uk Registry Operator to enter into Registry Registrar Agreement.

2.3. The Critical Domain Holder is the only authority that may verify the identity of the Registrant. The Critical Domain Holder approves a .gov.uk domain name for use by the Registrant.

2.4. The Critical Domain Holder is responsible for setting and maintaining the domain registration and management rules, which are defined in the Apply for your .gov.uk domain name guidance on GOV.UK.

2.5. The Critical Domain Holder acts as an escalation point and ultimate decision maker in the event of a dispute regarding the management or control of a .gov.uk domain name.

2.6. The Critical Domain Holder may, at its sole discretion, direct the Registry Operator, Registrar, Registrant or sub-Registrant to take action, including urgent action, to protect a .gov.uk domain name, at any time. Such action may include to suspend, withdraw or transfer a .gov.uk domain name:

• (a) if the Registrant or sub-Registrant persistently or seriously violates the domain registration and management rules, which are defined in the Apply for your .gov.uk domain name guidance on GOV.UK,

• (b) if the Registrant or sub-Registrant persistently fails to respond to communications from the Registrar, Registry Operator or Critical Domain Holder,

• (c) to resolve disputes which concern the Registrant or sub-Registrant’s registered .gov.uk domain name,

• (d) if the continued Registration of the Registrant’s .gov.uk domain name poses an immediate critical security threat to the Registrant’s services or other public sector services,

• (e) if the Registrar persistently fails to meet the Criteria to be a .gov.uk Approved Registrar,

• (f) if the Registrar is no longer a .gov.uk Approved Registrar as defined by the criteria,

• (g) if there is any event that might lead to your organisation ceasing trading, such as a voluntary winding up, a bankruptcy, or an insolvency event as defined in section 123 of the Insolvency Act 1986,

• (h) if required by the law.

2.7. The Critical Domain Holder is an independent data controller in its own right for personal contact data contained within the Registry Data.

2.8. The Critical Domain Holder and its suppliers are authorized to undertake monitoring of all .gov.uk domains and subdomains as described on the Domain Management team page.

• (a) The purpose of monitoring is to test for the secure configuration of domains and associated digital services and alert the relevant service owners when problems are found.

• (b) The monitoring undertaken by the Critical Domain Holder, and/or its suppliers, may, on some rare occasions, temporarily impair the function of the domain and associated digital services. In those circumstances, the Critical Domain Holder will work with the Registrar, Registrant, and/or Sub-Registrant to overcome the temporary impairment as soon as is reasonably practicable. The Critical Domain Holder and its suppliers are authorised to undertake monitoring of all .gov.uk domains, and subdomains, regardless as to this risk of impairment.

• (c) In undertaking monitoring, the Critical Domain Holder, and/or its suppliers, may process personal data. The processing of personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Critical Domain Holder, and/or its suppliers as a data controller. Details associated with a domain will be retained for as long as the domain is registered and in use. If details change to another person the Critical Domain Holder, and/or its suppliers, will remove the old contact within 6 months.

3. Role and Responsibilities of the Registry Operator

The parties agree to and accept the role of the Registry Operator as set out below in respect of the protection of .gov.uk domains and subdomains.

3.1. The Registry Operator is the only operator for gov.uk domains and subdomains, as appointed by the Critical Domain Holder.

3.2. The Registry Operator must only accept .gov.uk domain registrations from .gov.uk Approved Registrars. The Registrar Operator must not accept .gov.uk domain registrations from any reseller or any other entity. The Registry Operator must use reasonable endeavours to verify that organisations that wish to be .gov.uk Registrars meet the Criteria to be a .gov.uk Approved Registrar.

3.3. The Registry Operator has a Registry Registrar Agreement with all .gov.uk Approved Registrars. The Registry Operator must ensure that all Registrars have Registrant Agreements in place that reference this GOV.UK page and include these terms as updated from time to time and published on the aforementioned page.

3.4. All normal communications that the Registry Operator has with a Registrant must be through a Registrar. The exceptions to this are:

• (a) if a Registrar is not supporting their Registrant in accordance with the Criteria to be a .gov.uk Approved Registrar or
• (b) if the Registrant itself is not accepting such support.

In these exceptional cases the Registry Operator may contact a Registrant directly to help the Registrant meet the domain registration and management rules, which are defined in the Apply for your .gov.uk domain name guidance. The Registry Operator must always copy the relevant Registrar in on communications with a Registrant in these cases.

3.5. The Registry Operator must maintain a published list of .gov.uk Approved Registrars. The Registry Operator must use reasonable endeavours to help .gov.uk Approved Registrars continue to meet the Criteria to be a .gov.uk Approved Registrar.

3.6. The Registry Operator operates a fair marketplace for .gov.uk Approved Registrars. If the Registry Operator itself chooses to

3.7. The Registry Operator must not unreasonably refuse to sign a Registry Registrar Agreement with a .gov.uk Approved Registrar.

3.8. The Registry Operator must notify the Critical Domain Holder before removing the status of .gov.uk Approved Registrar or terminating a Registry Registrar Agreement with a .gov.uk Approved Registrar.

3.9. The Registry Operator is an independent data controller in its own right for personal contact data contained within the Registry Data. As a data controller, the Registry Operator will be responsible for ensuring agreements to cover the sharing and processing of personal data with other parties, such as the Registrars, are in place.

3.10. We are an Approved Registrar and have a Registry Registrar Agreement with Registry Operator.

4. Role and Responsibilities of the Registrant

The Parties agree to and accept the role of the Registrant as set out below in respect of the protection of .gov.uk domains and subdomains.

4.1. The Registrant must remain in legal control of their .gov.uk domain name at all times. This includes not reselling or passing control of their .gov.uk domain name to a non-public sector organization.

4.2. The Registrant must get approval from The Critical Domain Holder prior to transferring their .gov.uk domain to any other organisation.

4.3. The Registrant must protect its .gov.uk domain name by following the domain registration and management rules, which are defined in the Apply for your .gov.uk domain name guidance on GOV.UK that apply to them, found here:

• (a) Get permission to apply for a .gov.uk domain name;

• (b) Identify a registrant for your .gov.uk domain name;

• (c) Choose your .gov.uk domain name;

• (d) Get started with your .gov.uk domain name;

• (e) Creating and managing .gov.uk subdomains;

• (f) Keeping your domain name secure;

• (g) Renew your domain name;

• (h) Make changes to your .gov.uk domain name;

• (i) How to stop using your domain name;

• (j) What to do if your domain is compromised.

4.4. The Registrant has the right to move its .gov.uk domain name from the Registrar to any other Registrar at any time and for any reason. The Registrant is not entitled to a refund for any remaining term of the registration.

4.5. The Registrant accepts that if their Registrar is no longer a .gov.uk Approved Registrar, then the Registrant must move its .gov.uk domains to a .gov.uk Approved Registrar.

4.6. If the Registrant has delegated lower-level subdomains out to a sub-Registrant, the Registrant:

• (a) must tell its Registrar,

• (b) must help the sub-Registrant meet the domain registration and management rules, which are defined in the Apply for your .gov.uk domain name guidance on GOV.UK that apply to them,

• (c) is a data controller of the personal data that the sub-Registrant has shared with it.

4.7. The Registrant is an independent data controller in its own right for personal contact data contained within the Registry Data.

4.8. The Registrant agrees that the Critical Domain Holder and its suppliers are authorised to undertake monitoring of all .gov.uk domains and subdomains as described on the Domain Management team page.

• (a) The purpose of monitoring is to test for the secure configuration of domains and associated digital services and alert the relevant service owners when problems are found.

• (b) The Registrant consents to the Critical Domain Holder and/or its suppliers processing personal data, specifically collecting DNS records and WHOIS records where they are available, to:

  • (i) provide support; protect the domain names in the public sector
  • (ii) reduce the risk of attack to associated services such as email, web, and digital services
  • (iii) ensure the governance and accessibility of web services

• (c) The Registrant consents to the retention of personal data by the Critical Domain Holder and/or its suppliers

5. Role and Responsibilities of the Sub-Registrant

The Parties agree to and accept the role of the sub-Registrant as set out below in respect of the protection of .gov.uk domains and subdomains.

5.1. The sub-Registrant must protect its .gov.uk domain name by following the domain registration and management rules, which are defined in the Apply for your .gov.uk domain name guidance on GOV.UK that apply to them, found here:

• (a) How you are accountable for protecting your .gov.uk domain

• (b) Creating and managing .gov.uk subdomains

• (c) Keeping your domain name secure

• (d) How to stop using your domain name

• (e) What to do if your domain is compromised

5.2. The sub-Registrant is a data controller of the personal data it shares with the Registrant.

5.3. The sub-Registrant agrees that the Critical Domain Holder and its suppliers are authorised to undertake monitoring of all .gov.uk domains and subdomains as described on the Domain Management team page.

• (a) The purpose of monitoring is to test for the secure configuration of domains and associated digital services and alert the relevant service owners when problems are found.

• (b) The Sub-Registrant consents to the Critical Domain Holder and/or its suppliers processing personal data, specifically collecting DNS records and WHOIS records where they are available, to:

  • (i) provide support; protect the domain names in the public sector
  • (ii) reduce the risk of attack to associated services such as email, web, and digital services
  • (iii) ensure the governance and accessibility of web services

• (c) The Registrant consents to the retention of personal data by the Critical Domain Holder and/or its suppliers.

6. Pricing for .gov.uk Domain Names

The pricing for .gov.uk domain names is £50 per year plus VAT.

7. Change to this Agreement

This Agreement will change over time in response to changes in the requirements of governments and administrative bodies, legislation and changes in the nature of industry. If, as a result of such a change to this Agreement, you no longer agree with its term, you agree that your exclusive remedy is to transfer your Services to another registrar or request us to cancel your domain name registration and/or related Services. If you continue to use the Services following a change in this Agreement and/or the Services, your continued use of the Services indicates your consent to the changes. You agree to review this Agreement periodically to make yourself aware of any such revisions.

Last updated on: 09/26/2024