I know, I know, the title doesn’t make you want to read this blog but it’s important! As the title suggests, this is an announcement for the upcoming renewal price hike in May. If you’re a reseller / customer with us, you would’ve already received an email about this. But in case you missed the email, this blog post gives you all the details.
We get that announcements about price hikes are not always fun but we wouldn’t be doing this unless absolutely necessary. While our renewal prices have been stable for years, we had to make some architecture & system upgrades to ensure a consistently good experience for you which has been one of the reasons for the increase. Additionally, new governing policies & changing business landscape has increased our cost of operations and compliance which has translated into a price increases by tiny amounts (4% in the case of .COM). Two new policies / protocols in 2018 were major reasons for architectural changes & system upgrades namely:
- GDPR – the General Data Protection Regulation
- Payment Card Industry Data Security Standard (PCI DSS)
Allow me to walk you through the steps we took on our platform. Let’s start with the policy:
1. GDPR – the General Data Protection Regulation
GDPR – the General Data Protection Regulation which went into effect on May 25th, 2018 was created by European lawmakers to create a harmonized data privacy law across all the EU member states. Its purpose is to:
- Support privacy as a fundamental human right;
- Require companies that handle personal data to be accountable for managing that data appropriately, and give individuals rights over how their personal data is processed or otherwise used.
We published a detailed blog post on this last year.
In order to be compliant with the GDPR, we also were required to make changes to our SuperSite, PartnerSite & Control Panel.
SuperSite & PartnerSite:
- Data Transfer and Marketing Consent on SuperSite:
New checkboxes have been introduced to the storefront that are shown to EU users. This is shown when a new user selects a country from the European Economic Area and indicates that their account is associated with that region. The other condition is when the user is an existing one and logs in to select an EEA country contact to associate with the domain name purchase; the checkbox will be shown before transaction completion.
2. Consent on PartnerSite:
If a new reseller selects an EEA country from the country drop-down menu during sign up, three consent check boxes will be displayed to the reseller:
- Receiving marketing emails from you
- For customized PartnerSites, this code will be pushed into the site’s code bank,
- Consent from the customer to allow personal data transfers outside the EEA region for processing because the platform servers are located in the USA.
1. Enabling/Disabling GDPR Protection:
Customers from all EEA countries using the OrderBox customer control panel will be given an option to enable or disable the GDPR Protection, which masks the customer’s WhoIs data to comply with the GDPR requirements, from their control panels. However, by default GDPR Protection for EEA customers will be enabled.
API changes to OrderBox
For all ResellerClub partners using the API, we made some changes to a few domain registration API calls. We have documented these API changes in detail here.
Data on WHOIS for domains owned by EEA registrants is masked. This masking process is automated, and is completed across all relevant domains on the platform.
The second is the standard protocol:
2. Payment Card Industry Data Security Standard (PCI DSS)
The Payment Card Industry Data Security Standard (PCI DSS) applies to companies of any size that accept credit card payments. If your company intends to accept card payments, and store, process and transmit cardholder data, you need to host your data securely with a PCI compliant hosting provider.
In order to be PCI compliant we ensured the requirements were satisfied: (this was for the in scope assets only, ie Orderbox, Pay.pw, Fileserver, Supersite, Webpro and CCP). Among others, these are the top 6 requirements:
- Install and maintain a firewall configuration to protect cardholder data
- Do not use vendor-supplied defaults for system passwords and other security parameters
- Protect stored cardholder data
- Encrypt transmission of cardholder data across open, public networks
- Protect all systems against malware and regularly update anti-virus software or programs
- Develop and maintain secure systems and applications
By sharing this information, we want to ensure absolute transparency in our communication to our partners. We also want to emphasize just how meticulous these system upgrades have been to be able to improve the quality and service we provide our customers. In light of all these changes, we are updating our domain renewal prices to more accurately reflect the value of our offering and to make sure that we continue providing you the level of quality and service which you’ve come to expect from us.
We are only updating the prices for domain renewals. Prices for New Registrations, Transfers and Restore will continue to remain the same ensuring you are able to still offer great pricing to new customers. To see the list of new prices, click here. If you have any queries surrounding this change or would like more information about this, please refer to the email or feel free to contact us at firstname.lastname@example.org.