Domain names are the addresses you use when navigating the internet or sending emails. They work a little like phone numbers, enabling computers using the internet to find specific locations (such as a website or an email inbox). A domain name can be used in the place of a string of numbers called an Internet Protocol address – commonly known as an IP address. In a web address, the domain name is the words that come after www., and in an email address it comes after the @ symbol.
Just as in a telephone directory, there needs to be a system in place to make sure each address connects to the place it should. This is where the Domain Name System (DNS) comes in, by putting in place a set of rules to ensure each domain name is unique.
Our Terms and Conditions & Rules of Registration are binding – so make sure you read them through carefully and understand them before registering. Registration entitles you to be a domain name holder, i.e. to use a domain name for an agreed time period. You would not, however, become the owner of the domain name. Which means, if you don’t renew your registration when the agreed time period comes to an end, the name becomes available for other applicants to use.
We don’t have any part in contracts you make with your registrar. So it’s really important to make sure you understand your rights and obligations under this contract – particularly what would happen if commercial dealings between you and the registrar break down. Find information and advice about choosing a registrar.
Make sure your contract says that the domain name is registered in your name, unless agreed otherwise.
We require all registrars to follow our Registry-Registrar Agreement. This sets out how we expect them to behave in terms of how they use our registration systems, their commitments to domain holders (registrants) and their responsibility to maintain data and follow our payment terms.
If you have a complaint or any concerns you would like to raise about a registrar who may have broken the Registry-Registrar Agreement, please follow our complaints procedure.
Make sure your contract says that the domain name is registered in your name, unless agreed otherwise.
Protecting the integrity of your .UK
We strive to make .UK a safe place to be. A key part of this is ensuring all the information we hold for the registrant of a domain name is true and up to date. And we’re not alone. Registries around the world are increasingly focusing on their ability to provide accurate registrant data so they can stop people using domain names fraudulently.
Having the right registration data is so important to us that, if you want to register a .UK domain, it’s a requirement of your contract to supply us with complete and accurate data.
If you are listed as the registrant, we’ll consider you legally responsible for the domain name. This means it’s essential that we have the correct contact details for you, so we can get in touch with you if there’s ever a problem with your domain name. This includes making sure we have an up to date email address for you, as this is the main way we contact registrants.
To make sure the information we hold is true and up to date, we will attempt to match all registrant name and address details with third party data sources when you register, or when you change your data. We do this by checking the information in your application against a number of different databases, including:
The Electoral Register: we use this to check UK name information for individual applicants.
Companies House data and UK business records: we use these files to check that applications made under trade names correspond with registered companies.
Royal Mail Postcode Address file: we use this to validate all UK addresses. Because addresses in this database are often in a different format to how they appear on our register, we carry out a matching exercise to establish how close an address is to the ‘perfect address’. This is based on a confidence level. It’s also important to note that the registrant’s name and address don’t need to be linked. For instance, we understand that registrants may give different addresses as points of contact to their home address, such as a solicitor or accountant. It’s essential to make sure the registrant can be contacted through this address.
In each case, we look for a valid individual, business and address we can identify as matching the information we hold. Information for applicants from overseas is also checked against equivalent address sources and, where possible, against the business registry of the host country.
How you’ll know if we’ve been able to validate your data
You can use the WHOIS tool to check if we’ve been able to match your information against the data sources listed above. If your data has been validated, you’ll see the following status:
Nominet was able to match the registrant’s name and address against a 3rd party data source on DD-Month-YYYY
If we haven’t been able to validate the name and/or address, you’ll receive the following reply:
Nominet was not able to match the registrant’s name and address against a 3rd party data source on DD-Month-YYYY
If an Accredited Channel Partner validates the registrant’s data, WHOIS will show this message:
The Registrar is responsible for having checked these contact details.
If we can’t match your data, that doesn’t necessarily mean it’s incorrect. Because our domain register includes over 10 million names, we have to use an automated validation system which is not always 100% accurate.
In some cases, it could be that although you’ve submitted the right details, they aren’t listed on the public sources we use to check them. For example, you may not currently be listed on the electoral roll, or your organisation may only recently have been registered with Companies House.
If this happens, we will try to match the data manually by asking applicants to submit appropriate documents. If we do get in touch with you about validating your details, it’s important that you act on this as soon as you can – if your details aren’t verified your domain name could be suspended.
Depending on whether we’ve been unable to validate your name and/or address, we accept any example of the following:
- Valid driving licence
- Valid passport
- Valid National ID card (for non-UK citizens)
- National Insurance card (for UK citizens)
- Utility bill from the last three months
- Bank statement from the last three months
- HMRC tax notification from the last three months
- Official company letterhead
- Company stamp
In some cases we can’t match data because a domain may have been registered to someone who didn’t give their full name, or is under a trading name that doesn’t correspond with a registered company. In these cases, we’ll ask registrants to update or complete their personal information.
If your details are out of date or incorrect, you can update them through your Online Services account.
Preventing phishing in .UK
When you register a .UK domain name you agree that you will not use it in a way that is likely to endanger other internet users. This includes using the domain name for phishing activity or to distribute viruses and malware.
At the point of registration we conduct a number of automated checks to identify whether the domain name is likely to be used for phishing. If your domain name is flagged in this process we will temporarily place your registration on hold while we contact you to conduct extra due diligence.
Yes. This doesn’t mean you can’t use the domain name – it just means our systems have flagged it as higher risk. You’ll just need to respond to our email request for additional information and we’ll progress with your registration as normal.
We’ll send this to the email address you provide when you register the domain name so it’s important you provide accurate details.
There are many reasons your domain name could be flagged in this process. We use a machine learning algorithm to assess several aspects of your registration data. This process changes and adapts to new security threats.
We cannot tell you exactly why your domain name has been flagged as it would help criminals bypass our systems. If you’re using your domain for legitimate purposes you don’t need to worry, just respond to our email and your registration will continue as normal once checks have been carried out to our satisfaction.
Addressing criminal activity
Criminal activity is as unacceptable online as it is offline. When you register a .UK domain name you agree that you will not use it for criminal activity as defined by UK law. We work closely with UK law enforcement agencies to suspend domains being used for criminal activity, for example when the associated website is selling counterfeit goods or medicine.
In some circumstances we may also redirect web users to a secure site providing information for those who may have been affected by activity related to the domain name.
It’s important you keep your contact details up to date and accurate so you receive notice and UK law enforcement agencies can contact you if they have concerns. For example, you may not realise that something legal in one country is illegal in the UK and making a small alteration to your website can prevent your domain being suspended.
For more information, read our Criminal Practices Policy.
Support with our Welsh domains
As well as .UK, we run the registry for .cymru and .wales domain names. These spaces provide the perfect opportunity for you to express your Welsh identity – and join Wales’ growing online community.
Find out more about the new domain names for Wales, including how to register your .cymru and .wales domain names, at ourhomeonline.wales. If you’re registering a .cymru or .wales domain name, you can read up on your rights and responsibilities on the ICANN website:
- gTLD Registrant Educational Materials and Registrants’ Benefits & Responsibilities
- ICANN Domain Name Registration Data Policies (WHOIS)
The policies and disputes process for our Welsh domains are slightly different to our .UK ones. Before registering your .cymru or .wales domain name, read through these policies to make sure you can get the name you want – and avoid future disputes. View our .cymru and .wales policies.
You can resolve disputes over the registration of .cymru and .wales domain names in one of two standardised dispute resolution procedures:
The Uniform Domain Name Dispute Resolution Policy (UDRP), which is incorporated into your contract with your registrar. If a complaint is successful, the complainant may have the domain name cancelled or transferred into their name.
The Uniform Rapid Suspension System (URS). This is very similar to the UDRP, but is intended to bring about a much quicker resolution. Successful complainants will only be able to suspend a domain name.
Neither of these procedures prevents someone taking a domain name dispute to court – which they have the right to do. Where we can, we will try to assist in effecting orders from courts of competent jurisdiction regarding the registration of .cymru and .wales domain names.