ICANN finalized changes to the Registration Data Policy, which sets data processing requirements for gTLDs. Domain registrars and registries are required to comply with the updated Policy by August 2025.
Many of the new Registration Data Policy requirements are already in place at OpenSRS and other registrars: We redact registration data from the public Whois by default and provide a method for third parties to contact the domain owner.
Over the coming months, OpenSRS will implement additional changes to ensure we’re fully compliant. In this post, we cover all changes relevant to OpenSRS reseller partners and key dates for updates.
We’ll collect a reduced minimum data set
In 2018, we reduced the minimum registrant data set we collect and hold to comply with the General Data Protection Regulation (GDPR). ICANN’s updated RDP lets us collect an even smaller list of data. We’ll stop collecting the administrative, billing, and technical contact sets unless specifically required by the registry.
Here’s a comparison of what we currently collect and the reduced set we plan to collect starting June 30, 2025:
| Current minimum data set | New minimum data set |
| Domain Name | Domain Name |
| Registrant Name | Registrant Name |
| Registrant Organization | Will become optional |
| Registrant Street | Registrant Street |
| Registrant City | Registrant City |
| Registrant State/Province | Will be offered to collect (only required to be collected if applicable for the country or territory, as defined in UPU postal addressing standards or other equivalent standards for the country or territory). |
| Registrant Postal Code | Will be offered to collect (only required to be collected if applicable for the country or territory, as defined in UPU postal addressing standards or other equivalent standards for the country or territory). |
| Registrant Country | Registrant Country |
| Registrant Phone | Registrant Phone |
| Registrant Phone Ext | Registrant Phone Ext |
| Registrant Fax | Will no longer be collected |
| Registrant Email | Registrant Email |
| Administrative, Billing, and Technical Contacts | Will no longer be collected |
It’s important to note that this is the minimum data set we’ll collect by default. In some cases, our contract with the registry will require us to collect additional data. For example, .law domains require a number of data fields demonstrating the registrant is an accredited lawyer.
What this means for resellers
Although we recommend that resellers collect the minimum data set, we will not reject orders if a reseller collects and provides us with additional data beyond this minimum data set. However, we will not retain or store any additional data beyond the minimum data set and specific additional data required by the registry for that TLD.
Registrants will no longer be able to share “optional’ data with the registry
In 2018, as part of our GDPR implementation, we introduced a “consent management process,” whereby registrants could opt to have us share additional data with the registry, beyond the minimum that our contract with the registry required. We’re doing away with this process. However, we will continue to offer a process for registrants to consent to publish contact information data in the public Whois.
We will delete administrative, tech, and billing contact data
Soon after August 21, 2025, we will delete administrative, technical, and billing contact data, as well as the registrant fax number, from our systems unless the registry specifically requires that data. In rare cases where the registrant contact info is incomplete, we’ll copy the admin contact info to the registrant contact fields before deleting the administrative data.
What this means for resellers
Once this data is deleted, you will no longer have access to it through OpenSRS. If this is data you rely on, you’ll want to securely save it elsewhere.
Requirement for domains where the registrant is an “Organization”
We will contact registrants who have entered data into the Organization field, asking that they review this data and update it if it is no longer correct. If Organization information is provided, the Organization would be considered the domain owner instead of the person listed in the registrant’s first and last name fields. Registrants may also choose to leave the Organization field blank.
While we always redact registration data by default until the domain owner consents to publish it, there may be some instances in which registries choose to display the Organization data in the public Whois.
What this means for resellers
We typically don’t reach out to registrants directly, but we’re now required to do so based on the updated RDP. This gives registrants a chance to review and correct their data, helping to prevent future disruptions for both resellers and registrants.
Important dates
- April 30, 2025 – A testing environment will be available for resellers to preview the changes for select TLDs.
- June 30, 2025 – We will begin updating our system TLD by TLD, requiring only the minimum data set for new registrations.
- August 21, 2025 – Registrars and registries will need to be compliant with the updated ICANN RDP.
Next steps
As more information becomes available, we’ll reach out to you well in advance. We’ll notify the email associated with your reseller account, and we’ll also include updates in our general newsletter—click here to sign up.