This page explains any additional individual data and privacy policies in effect for each product or service offered by MFPad. If a product or service (collectively “Services” or individually “Service”) is not listed on this page, it simply means that there is no new information collected and that it is fully covered by our standard Privacy Policy. Where applicable, we provide additional details for those customers in the EEA.

Domains and Related Services

Domain Whois Contact Information: We are required by ICANN and the Registries who issue domains to collect, process and retain certain personally identifiable information. This information is required to be kept current and may be accessible for you to review and update through your customer Account Panel. Customers are required to provide this information and agree to keep it current and allow it to be retained for a predefined period of time. This information may be shared with ICANN, registries, registry operators and/or data escrow agents.

ICANN requires that registrars must collect and retain the mandated Whois information, whether or not protected by a privacy service, for two (2) years after the domain expires and/or you are no longer the registrant. (Please note that other ccTLD registries may have a longer required retention period. You will need to confirm their retention policies.) These guidelines are considered contractually required and approved upon purchasing a domain.

Domains not governed by ICANN, such as ccTLDs, have individual data collection guidelines explained in their domain agreements. These may include the collection and retention of IP addresses and notices sent to you, among other things. MFPad requires, when purchasing domains from us, that Whois standards as set by ICANN be collected for all domains. Thus, even for ccTLDs, you will be asked to provide the standardized Whois information. Collection of the unique registry information and the standardized Whois information is considered contractually required by you from the individual registries and/or MFPad. Also note that certain ccTLDs mandate the public disclosure of registrant data. If you are an EEA resident and eligible to register such a domain, by registering the domain, you explicitly agree to the publication of your personal information. We recommend that you review ccTLD agreements purchasing one of these domains to review their contractual guidelines on data collected, processed, publicized and retained.

Changes due to GDPR. Due to the GDPR, ICANN has implemented a Temporary Specification that limits the information made available to the public, at least in the EEA. However, the model also proposes broader access to groups of individuals that may or may not have to substantiate a legal basis for each request. This means that a privacy service such as WhoisGuard is both relevant and still very necessary to protect you from unwanted and/or unknown disclosure.

MFPad strongly believes in privacy, security, freedom and the equal treatment for all internet users. And we believe that your information should be protected both now and under the new model being considered. This is why we are providing all our customers with free privacy protection for life. MFPad customers will be able to benefit from free WhoisGuard protection for all domains (unless specifically precluded by the registry.) You can find more details on this program by visiting the WhoisGuard product page.

WhoisGuard. WhoisGuard is a privacy service that allows you to protect your identity. When you use this service, you permit WhoisGuard to have access to your full Whois details and provide anonymization services to protect it.

DNS. No personally identifiable information is collected or shared with our DNS third party provider for any of our DNS products.

Hosting and Related Services

Hosting. When you host with MFPad, we interact with your data in two ways. First, we obtain certain data in order to allow you to use our hosting services and to provide ongoing support. This data includes things like your password, DNS zones and account activity so that we can help you with any issues related to your site. Due to the nature of hosting, log files may also collect IPs of those who visit your site without additional identifying information. Second, we store information related to your website, such as website content, SSL files, your email logs (if you have email integrated into your site), related databases, full account backups and anything else that you host on your site.

In both cases, you operate as the Controller and we operate as the Processor and our relationship is governed by our Data Processing Addendum. Where your site is collecting personally identifiable information, such as customer information or contact lists, it is your responsibility to ensure you are compliant with privacy laws such as GDPR and that you are obtaining required permissions.

Third Party Hosting Products. We offer several third party hosting products to help you manage your website. They include Cloudflare products, CodeGuard, Attracta and Softaculous. We only share data with these companies when you initiate a specific request with us.

Apps Marketplace

MFPad is proud to offer our customers the following excellent Services through our Apps Marketplace. Below you will find data and privacy details on Services that are globally available. Services that are North American based only are not listed.

ProductData Collected by MFPadData Tracking by MFPadData SharedData Controller / Processor Notes
GhostNo additional data collected.None.None.
WPWarmNo additional data collected.WPWarm uses Hotjar to track anonymized data. For details, including opt-out instructions see paragraph “Hotjar” below.None.
CanvasNo additional data collected.None.None.
Private EmailNone.None.None.
SSLCollection depends on type of certificate purchased. Basic certification collects personal email; all others collect and validate business information.None.Minimal SSL details are collected and sent to Comodo.For SSLs, Comodo operates as a Controller jointly with you. MFPad is a Data Processor. See Data Handling Amendments to the SSL ToS.
GSuite / Bablic / Strikingly / WeeblyNone.None.None.For each of these products, the third party provider is the Data Controller and is wholly independent from MFPad. Please review their data and privacy guidelines.

Hotjar. We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices (in particular device’s IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymized user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link.

You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link.

Last revised: Sep 22, 2019