Domain regulations and registrar contract

.ee domains can be registered by all natural or legal persons. For registering, an application must be submitted to an accredited registrar of .ee domains. Registrars have an obligation to verify the registrant in the course of the registering process, and mandatory identity verification methods have been established for registrars.

• Persons refers to both Estonian and foreign private and legal persons;

• any person can register an unlimited number of domains;
  

• domains are registered in the order of applications received by the registry, i.e. on a "first come, first served" basis.
  

• the EIF has the right to decline registration of a domain that has been blocked or reserved, and if the registration application does not meet the specific conditions for registering reserved domains.

• Domain name can be registered also without a name server!Read about this here!

• EIF publishes the Registrant, Administrative Contactand Technical Contact name, e-mail address and legal person registry code via WHOIS service.  

• When registering a domain name, registrar, administrative contact and technical contact postal address don't need to be send to EIF.
  

Potential problems:

• A wrong or incorrect domain name has been registered as a result of a mistake or carelessness during the registration.What should be done? The EIF as the registry cannot annul the registration nor reimburse the money. In the instance of a mistake, a new domain has to be registered. If a mistake has been made by the registrar, the registrant can apply to the registrar for reimbursement and cancellation of the registration. However, if the registrant has made a mistake in the domain name and the mistake is also reflected on the application, the mistaken domain name can be deleted upon a request by the registrant.
  
• I registered a domain name and found out later that there exists with the same name trademark or legal person? When a person register a domain name, he/she confirms that he/she doesn't abuse third parties rights (including intellectual property rights). In this case it is possible that a person, who's rights he/she is abusing, will sue a domain registrant to the court or to the domain dispute committee.

Related topics:
Identity Verification
Signing an Application
Deleting a Registration
Operations, Domains and Contacts

Related sections in the Domain Regulation: 2.13.1, 3.1.1, 4.1.1 and 5.3.1 with subsections.

A domain name may contain only numbers (0-9), dashes, and letters, including IDN characters;

Capital and lowercase characters are not distinguished in domain names;

A domain name must not begin or end with a dash, it must also not contain a dash as the third and fourth character simultaneously, i.e. consecutively;

The minimum length of a domain name is two (2) characters and the maximum length is 63 characters.

Companies and private persons not registered in Estonia can register a .ee domain.

The registrar has to identify the foreign legal or private person according to the procedures laid out in Identity Verification and Signing an Application.

• If the registrant is a foreign legal person, the administrative contact will be the person through whom applications regarding this domain name are submitted;
  
• A foreign legal person can also be identified through a statement from the appropriate registry or by its registration certificate.
  
• A natural person can also be identified on the basis of original personal identification documents issued in another country.

Related topics:
Administrative Contact

Related sections in the Domain Regulation: 12.5.

IDN (Internationalized Domain Name) contains characters not included in the ASCII (American Standard Code for Information Interchange) system.

• In Estonian, an IDN domain name can contain the characters õ, ä, ö, ü, š and ž (including dashes);
  
• All letters in the Estonian alphabet can be registered in domain names (You can find the Estonian alphabet HERE).

General domains are used to group and distinguish domain names of persons and institutions with similar characteristics.

General domains include:

• com.ee – companies in the sense of the Commercial Code;
  
• pri.ee – natural persons;
  
• fie.ee – sole proprietors in the sense of the Commercial Code;
  
• med.ee – medical institutions.

NOTE! If a person wishes to register a domain name under a general domain, the person will have to substantiate its conformity to the characteristics of the relevant general domain with relevant documentation. This means, for example, to register a subdomain "construction company" under com.ee, the registrar will have to ensure on the basis of a statement of the Business Registry that the registrar is a company in the sense of the Commercial Code. In the case of sole proprietors (FIE-s) also a statement of the Business Registry is needed. In the case of natural persons, verifying the existence of the natural person on the basis of a personal identification document is sufficient. In the case of medical institutions, it must be established that the applicant is a medical institution operating on the basis of valid certification.

• Substantiating documentation must be attached to an application submitted to the EIF for registering a subdomain under a general domain!

Related link: General Domains and Procedure for Registration of Sub-Domains under General Domains.

A .ee domain name can be registered for 3, 6 or 9 months or 1 to 10 years.

• The registration period of .ee domain starts with the correct submission of the application.
• The Registrar may allow one or several domain name registration periods stipulated in the Domain Regulation. If a registrant wish to register .ee domain for one of the allowed periods, registrant must contact and request it from his/her registrar.

Related topics:
 Domain Name Renewal
About Domain Renewal

A registrant is a person to whose name a domain is registered, or who is applying for a domain to be registered in their name.

• A registrant can be a natural or legal person, whose identity has been verified and who has submitted all information and documents required for this.
  
• A registrant can perform all operations with the domain or authorise administrative contacts to perform these on behalf of the registrant.
  

NOTE! If the registrant is a natural person, he or she may also be the administrative contact of the domain registered by him or her.

Potential problems:

• If a registrant of the domain wants to be a child (underage person)? Under the rules of law the parents of the child are responsible of the actions of his/her child. Underage person can be the registrant of the domain only when his/her parents confirm it. In this case the parents of the child must be the administrative contacts of the domain, who must also sign the registrant application.

Related topics:
Rights of a Registrant
Obligations of a Registrant

Related sections in the Domain Regulation: 2.10, 2.16 and 4.1 with all subsections.

A registrant is entitled to all registration services stipulated in the .ee Domain Regulation. These registration services shall be provided to the registrant by an accredited registrar of the .ee domain (a list of registrars is available on the home page of www.internet.ee).

A registrant is entitled to the following registration services:

1. Domain name registration;
   
2. Renewal of domain name registration;
   
3. Updating of contact data related to a domain name;
   
4. Administration of name server entries of a domain name;
   
5. Deletion of the registration of a domain name;
   
6. Transfer of a domain name (i.e. change of ownership of the domain);
   
7. Replacement of the registrar of a domain name;
   
8. Administration of the DNSKEY records of a domain name.
   

NOTE! A registrant has the right to request the provision of all registration services from its registrar without any additional conditions!

A registrant is not obliged to buy any other services provided or mediated by the registrar in connection with using the services listed above. E.g. web hosting, mail etc.

Related section in the Domain Regulation: 5 with all subsections.

A registrant is obliged to provide to the registrar all data requested by the registrar for providing the registration service.

• To provide accurate data in the application.
  
• Not to violate legal acts or rights of third parties by the registration and usage of a domain name (e.g. violation of trade mark laws);
  
• To ensure that the administrative contact and the technical contact agree to fulfil their respective duties;
  
• To follow in good faith the Domain Regulation of the .ee domain and the instructions issued by the EIF;
  
• A registrant must ensure the technical conditions for receiving a domain name;
  
• A registrant must provide all data and documents requested by the registrar for identity verification.

NOTE! The registrar must ensure that all requirements of an application have been met by the registrant.

Potential problems:

• A registrant does not provide accurate data? It must be presumed that the data submitted by a registrant are accurate;
  
• A registrant provided inaccurate data? If it comes to the attention of the registrar or the EIF that a registrant has provided inaccurate data (e.g. a misspelled name), the registrant or a representative of the registrant has to correct the mistake. Otherwise, the EIF may suspend the domain;
  
• If it comes to the attention of the registrar or the EIF that a registrant has provided false data (e.g. the Business Registry code, personal ID code or date of birth is incorrect), the data cannot be corrected in the registry of the EIF, therefore a domain deletion procedure must be initiated;
  
• It is up to the registrar to remember that checking the accuracy of the personal data of the registrant is directly related to the registrar's obligation to verify identity and establish intent.

Related topics:
Suspension and Deletion of a Domain Name by the EIF
Identity Verification
Signing an Application
Updating Contact Information

Related sections in the Domain Regulation: 4 with all subsections.

A registrant must appoint an administrative contact for a domain when registering the domain, who is:

• A legal representative of the registrant (e.g. a member of the board in the case of a legal person) or a representative authorised by the registrant in writing;
  
• A natural person.
  
• There may be more than one person in this role. The registry system allows the registration of up to 10 administrative contacts.
  

An administrative contact:

• May sign and submit all applications related to the domain on behalf of the registrant and receive and forward any kind of information related to the domain;
  
• Must not delegate his or her duties, i.e. has no right of sub delegation;
  
• Has the same rights as the registrant; the administrative contact can essentially decide the “fate of the domain", i.e. decide on all the critical operations related to the domain, like registration of the domain, deletion of the domain, transferring of the domain to a new owner.
  
• Is responsible for the accuracy and authenticity of the data and documents submitted about himself/herself and about the registrant.
  

NOTE! A registrant is obliged to guarantee that the person appointed as the administrative contact agrees to fulfil the duties of an administrative contact.

• If the administrative contact is a person authorised by the registrant in writing, the registrar has to verify the existence of the letter of authorisation and, if requested by the EIF, must also provide the signed written letter of authorisation. The registrar may (but is not obliged to) submit the registration application to the EIF along with the written letter of authorisation.
  

Potential problems:

• If a registrant wishes to remove an administrative contact? An administrative contact can be removed only if there are more than one of them, as every domain has to have at least one administrative contact. If there is only one administrative contact, they will have to be replaced with another person. See also Updating Contact Information;
  
• If the registrant does not appoint a specific administrative contact? In the case of registrants who are natural persons, the registrar will appoint the registrant as the administrative contact. In the case of registrants who are legal persons, the administrative contact is the person who submits the application or is appointed in the application as the administrative contact. A legal person cannot submit an application without an administrative contact.

Related sections of the Domain Regulation: 2.14, 4.1.1 and 4.1.4.

A registrant must appoint a technical contact for a domain when registering the domain:

• Who may be a natural or a legal person;
  
• Who has the right to add, edit or remove name server entries of the domain on behalf of the registrant;
  
• Who has the right to apply for the adding, editing and deletion of DNSKEY records of the domain;
  
• There may be more than one person in this role. The registry system allows the registration of up to 10 technical contacts.
  

NOTE! A technical contact does not have the right to represent the registrant in other registration services.

NOTE! The EIF may request the technical contact to edit name server entries if these entries cause or may cause disruptions in the operation of the domain name system, or if it is necessary for the suspension of the domain.

NOTE! A registrant is always obliged to guarantee that the person appointed as the technical contact agrees to fulfil the duties of a technical contact.

Potential problems:

• If a registrant wishes to remove a technical contact? A technical contact can be removed only if there are more than one of them, as every domain has to have at least one technical contact. If there is only one technical contact, it will have to be replaced with another. See also Updating Contact Information.
  

Related topics:
Administration of Name Server Entries
DNSKEY Record Administration

Related sections of the Domain Regulation: 2.15, 4.1.1 and 4.1.4.

Reserved Domain Names are names consisting of country names in Estonian, of place names in the administrative units of Estonia and of certain numbers have been reserved by the EIF. These domain names can be registered if documents proving the right to do so are produced.

The list of reserved domain names includes:

• Country names in the Estonian language, as published in the list of names of countries of the world maintained by the Institute of the Estonian Language;
  
• domain names comprised solely of numerals and issued to the holders of the right to use a number on the basis of the Estonian numbering plan;
  
• all place names in the list of Territory of Estonia Administrative Units.

Special Conditions for Registering Reserved Domains

• A registrar is obliged to check the compliance of the data of a registrant of a reserved domain name as well as their right to register the domain name;
  
• if the registrant has the right to register the domain name, the registrar has to apply to the EIF for the authorisation code of the domain name;
  
• all clauses of the Domain Regulation related to the registration of domains also apply to the application to register a reserved domain name.
  
• The EIF has the right to decline from registering a domain that has been blocked or reserved, and if the registration application does not meet the specific conditions for registering reserved domains.
  

Related links:
List of Reserved Domains and the Special Conditions for Registering Reserved Domains, section 3.2.5 of the Domain Regulation.

Certain domains are blocked and these cannot be registered as a domain name.

Blocked domains include:

• The general domains med.ee, com.ee, pri.ee and fie.ee.
  
• The domains ftp.ee, cache.ee, telnet.ee.

List of blocked domains is HERE.

A registrant can transfer their domain to a new registrant. Essentially this means changing the ownership of the domain.

• To transfer a domain name, the registrant has to submit an application to the registrar for surrendering the domain for the benefit of the new receiving registrant.
  
• Transferring a registration is a critical procedure, therefore mandatory methods of identity verification have been established for registrars.
  
• The new owner will also have to submit an application for registering the domain.
  
• If the registrar has not established the registrant's direct intention or has doubts about it, the EIF will send an email to the registrant's email address for the verification of the domain name transfer. See more detailed information on this in Domain Statuses.

Potential problems:

• If a technical notation of prohibition restricts the transfer, the domain name cannot be transferred to a new owner.

Related topics:
Identity Verification
Signing an Application
Domain Registration
Rights of a Registrant
Obligations of a Registrant

Related sections of the Domain Regulation: 2.13.4 with subsections.

A domain expires after the end date of its registration period.

• After a domain has expired, the registrant continues to own the domain;
  
• For the domain not to be blocked (the domain will no longer be in the name servers servicing the .ee zone), the registrant will have to renew the domain during 15 days after the expiration date. See more about this in Domain Renewal.
  
• The expiry date of a Domain can also be seen in a WHOIS query.
  
• When renewing an expired or suspended domain, the registrant will not gain or lose anything with regard to the registration period (for the expiry date of a domain that was renewed after its expiration date, this means that the next expiry date of the domain will remain the same as it was previously).
  

Potential problems:

• The registrant forgot to renew the domain during the 15 days after the end of the registration period? The registrant has another 30 days to renew the domain after the 15 days have passed (i.e. a total of 45 days);
  
• What should be done if a domain has expired and there is a need to change the owner as well as the registrar? Once a domain has expired, the owner of the expired domain (the registrant) can still request to the registrar to change the owner or the registrar, by submitting a corresponding application.

Related sections in the Domain Regulation: 5.3.1.4 and 6.1.6.

For deleting a registration, i.e. a domain name, the registrant of the domain name has to submit a corresponding application to the registrar. Deleting a registration is a critical procedure, therefore mandatory methods of  Identity Verification have been established for registrars.

• For deleting a domain, a clear direct intent  has to be expressed in the application submitted by the registrant, declaring the registrant's direct wish to delete the domain registration. The registrar has to proceed according to the instructions in Identity Verification and Signing of Applications.
  
• The EIF will send an email to the registrant’s default email address for confirmation of the application to delete the Domain Name Registration. If the registrar has verified the registrant's express intent, the confirmation for deletion will not be sent. See a detailed explanation of Domain Statuses.
  
• The deletion process will take 30 days from the date of when the EIF receives the application.

NOTE! The registrant has the right to get the domain back during the 30-day deletion process. To do so, the registrant must submit to the registrar an application to stop the domain deletion procedure.

Potential problems:

• If a notation of prohibition restricts the deletion for technical reasons, deleting the Domain Name will not be possible;
  
• In case of a domain belonging to a legal person deleted from the Business Registry, the EIF will start the deletion procedure as described in the section Domains belonging to ended (deleted) legal persons.
• In case of a domain belonging to a deceased natural person, the EIF will start the deletion procedure as described in the section Domains Belonging to Deceased Natural Persons.

Related topics:
Identity Verification
Signing of Applications
Renewal of a Registration
Rights of a Registrant
Obligations of a Registrant
Domain Statuses

Related sections of the Domain Regulation 2.13.2, 2.21, 4.1.2 and 5.3.5 with subsections.

The EIF may, for solid reasons, suspend a domain registered by a registrar, and if the reason for suspension has not been eliminated in 30 days from the suspension, the EIF may delete the domain.

NOTE! This is a right of the EIF to suspend a domain! In practice, a domain is often not suspended immediately nor removed from the .ee domain, but instead a warning about it is issued. If the violation related to the domain has not been eliminated after the issuing of the warning, the EIF may delete the domain after 30 days.

Solid reasons:

• The EIF has not been forwarded a proper domain name registration application or a transfer application or consent.
  
• The identity and/or the intention of the registrant or the registrant’s representative was not checked in conformity with the Domain Regulation.
  
• The terms and conditions for registration of a Sub-domain under a general domain (com.ee / pri.ee / fie.ee / med.ee) have not been met.
  

Solid reasons related to the registrant:

• The registrant violates the Domain Regulation and has not terminated the violation during a designated period of 10 workdays. E.g. in a situation where the registrant submits inaccurate data or documents for registering the domain, and does not correct them;
  
• The administrative and/or technical contact of the registrant do not reply to repeated queries issued by the EIF.
  
• Domain name registration period has ended and the domain has not been renewed during 15 days;
  
• A corresponding ruling by the Domain Disputes Committee, a court or an arbitration court concerning the registrant to the corresponding effect has entered into force.
  
• The legal person has been deleted from the Business Registry. See also: Domains Belonging to Terminated (Deleted) Legal Persons
  

Solid reasons in other cases:

• A grounded application submitted by an .ee accredited registrar. Registrar must submit to EIF the detailed explanation with evidences.
• A grounded application submitted by an authorised state agency. E.g. the police, CERT or a court order (e.g. a court order can be the grounds for applying a notation of prohibition to a domain);
  
• If the domain name is blocked or reserved. The EIF also has the right to decline from registering a domain that has been blocked or if the registration application does not meet the specific conditions for registering reserved domains.
  

Related topics:
Rights of a Registrant
Obligations of a Registrant
Rights of Registrars
Obligations of Registrars
List of Reserved Domains and Special Conditions for Registering Reserved names
Reserved Domain Names

Related sections in the Domain Regulation: 6.1 to 6.3.

Deceased natural person can’t be the owner of the domain. If it comes to the attention of the EIF that a registrant who is a natural person has been dead, the EIF will notify the contact of the domain and start the deletion procedure.

NOTE! A person who holds the right to the domain name (successor) has the opportunity to overtake the domain name. For that, an application of the transfer of the domain name is submitted to the registrar (i.e. a change of the owner of the domain). Look it up here.

• The deletion of the domain is possible after 6 months have elapsed from the death.
• In this case the registrar must control that the successor is the right person and submit valid authorised document.
• If the domain has not been transferred, EIF will delete the domain after 30 days have elapsed.

Related topics:
Domain succession

Related sections in the Domain Regulation: 5.3.6.3 and 6.6.

A legal person that has been deleted from the Business Registry cannot be the registrant of a domain name. If it comes to the attention of the EIF that a registrant who is a legal person has been deleted from the Business Registry, the EIF will notify the contact person of the domain and start the deletion procedure.

NOTE! A person who holds the right to the domain name has the opportunity to overtake the domain name. For that, an application of the transfer of the domain name is submitted to the registrar (i.e. a change of the owner of the domain).

• The registrar is obliged to verify that the person holding the right to the domain also supplies the required documentation certifying their right of acquisition of the domain.
  
• Documents certifying the right of acquisition of the domain replace the consent of the registrant.
  
• If the domain transfer has not taken place within 30 days, the domain will be deleted. After the deletion of a domain from the registry, it can be re-registered on a "first come, first served" basis.
  

Related section 6.4 in the Domain Regulation.

A .ee domain registration can be renewed for 3, 6 or 9 moths or 1 to 10 years.

• There is no need to submit an application to the registrar for renewing a registration, therefore there are no mandatory methods of identity verification for the registrar.
  
• A registration can be renewed every time, only maximum length of the domain can be 10 years.
• As a general rule, the registrar can renew a registration only if the registrant has paid the renewal fee stipulated in the service contract beforehand.

NOTE! A registrar may renew a domain without the registrant having paid the fee beforehand if the registrant has given express agreement for this when concluding the service contract with the registrar, as follows:

• The registrant has the right to decline the domain renewal during the 30 days from the date of the notification being forwarded (the registrant has to express their will to decline the renewal!)
  

Potential problems:

• If a notation of prohibition restricts the renewal for technical reasons, renewal of the domain name will not be possible;
  
• If a domain is renewed for an incorrect period of time due to human error, the renewal cannot be reversed.

Related sections in the Domain Regulation: 2.13.3 and 5.3.2 with subsections.

A domain name can be succeeded and transferred to the legal successor.

• In the process of domain name succession a registrar must make the domain name transfer to new registrant;
• In this case the consent of the old owner is replaced by a succession document;
• A succession document must be a notarised authorised document in which the notary has officially confirmed the identity of the legal successors;
• Neither a marriage certificate, death certificate nor will would constitute such a document

Potential problems:

• How long a domain can be succeeded? According to the domain regulation the deletion of the domain name is only possible after the 6 months have elapsed from the death. In this case EIF will send to the contacts (e-mail) of the domain a notice and make a proposal for submitting the documentation within 30 days. After 30 days the domain will be deleted. So it means that if the legal successors have the right to use aforementioned e-mail, they will get the notice.
• If a technical notation of prohibition restricts the transfer, the domain name cannot be succeeded to a new owner.

Related section in the Domain Regulation: 5.3.6.

Updating the contact information of a domain means changing the contact data of the administrative contact, the technical contact and/or the registrant.

• Once a contact has been created, the following information cannot be changed: the ID (personal identity code), the Business Registry code, the date of birth, the top-level domain and the type of the code (org/priv/birthdate).
  
• It is the duty of the registrar to establish the direct intent when contact information is being updated, additional mandatory methods for identity verification and establishment of intent (the so-called "legaldoc" requirements) do not apply;
  
• An administrative contact can also update the domain's contact information!
  
• The registrar has the right to choose which method for establishing the intent of the registrant the registrar wants to use at the process of updating the contact information;
  
• The method used for establishing the intent of the registrant must be verifiable later;
  
• If an email address is being updated, the EIF will forward a notification to the old as well as the new contact.
  

NOTE! Updating the administrative contact or technical contact also counts as updating contact information!

Related topics:
Identity Verification
Signing of Applications
Administrative Contact
Technical Contact
Operations with Contact Objects

Related sections in the Domain Regulation: 2.13.5 and 5.3.3 with subsections.

Administration of name server entries means that the registrar will make it possible for the registrant, the administrative contact or the technical contact to perform operations related to the domain name, or perform these operations on their behalf. Only in the case of these operations can the registrant be represented by a technical contact, who may also be the registrar.

• Operations related to the name server entries of a domain are: editing, adding and removing of name server entries;
  
• If name server entries cause disruptions in the operation of the domain name system, the EIF may request actions.
  

Related topics:
Issues Related to Name Servers
Technical Contact

Related sections in the Domain Regulation: 2.13.6 and 5.3.4 with subsections.

The EIF may perform operations related to DNSKEY records if the records cause or may cause disruptions in the operation of the domain name system, or if the records do not conform to generally accepted standards.

• The registrar is obliged to add, delete and change the DNSKEY record of a domain name on the request of the registrant, administrative contact or technical contact.
  
• If a registrar is the provider of name servers assigned to a domain name and of the DNSSEC key administration service, the registrar has the right to add, delete and change the domain name’s DNSKEY records.
  

Related sections in the Domain Regulation: 5.3.8 with subsections.

Identity verification (identity check) is a process in the course of which a registrar has to ensure that the registrant or a representative of the registrant is the person they claim to be when submitting an application. In the course of the identity verification, the registrar also has to establish the clear wish and intent of the person, in order to perform the exact action that they are asking the registrar to perform.

A registrar has to verify the identity of the person and their will in the following cases:

1. When registering a domain name;
   
2. When deleting a registration;
   
3. When transferring a domain name;

Signing of Application

The process of signing an application means that the registrant or a representative of the registrant has to sign an application submitted to a registrar in order to verify their identity and to establish their intent.

Acceptable only in the case of a natural (private) person:

• A signature written by hand in the presence of a representative of the registrar;
  
• Through a certificate enabling the digital identification of a person who has given an electronic signature using the Estonian ID card or Mobile ID. This also applies to e-residents or if the country in question has been accepted by the EIF. A list of accepted foreign countries is available HERE.
  
• Other methods that are considered equal to delivering a signature include a bank transfer or a transfer made through a verified PayPal account to the registrar, if the transfer is made from a bank account or a verified PayPal account registered to the registrant.

NOTE! When receiving an application, do not forget to check the validity date of the personal identification document and/or the validity of the electronic signature!

Accepted only in the case of a legal person:

• A signature of a representative of the registrant, written by hand in the presence of a representative of the registrar;
  
• Through a certificate enabling the digital identification of the representative of the registrant who has given an electronic signature using the Estonian ID card or Mobile ID. A signature given by an e-resident of Estonia or a foreign country which is accepted by the EIF is considered equally acceptable. A list of accepted foreign countries is available HERE.
  
• Other methods that are considered equal to delivering a signature include a bank transfer or a transfer through a verified PayPal account to the registrar, if the transfer is made from a bank account or a verified PayPal account registered to the registrant who is a legal person or a representative of the registrant.

NOTE! When receiving an application, do not forget to verify the existence of the legal person through the Business Registry or a Registry Card which confirms the legal capacity of the legal person and right of representation of the Member of the Board!

Important Considerations:

• The registrar must verify the identity in accordance with the above requirements before performing the service of registration! The registrar may offer one or several of the identity verification methods listed above!
  
• Identity verification and establishment of intent should be viewed as two separate processes. In the course of establishing the intent of the person, the registrar ensures that the person has the right to submit the application, but verifying that the person is who they claim to be should not be neglected either;
  
• If identity is verified at the presence of a representative of the registrar, there is no obligation to make a copy of the personal identification document! However, having a copy of the document is recommended to avoid potential future problems;
  
• In other cases, copies have to be forwarded to the EIF (e.g. a statement of the bank or PayPal Verified account, and the invoice), in order to show that the identity has been verified!
  
• The board of a legal person, or a body replacing it, is a legal representative of the legal person. A legal person can also be represented by a person who has been authorised to do so with a written authorisation letter by a member of the board.
• As an example, we recommend using this resource for translation: http://www.freetranslation.com

Potential problems:

• When an application by a legal person is being signed by a representative of the legal person and the representative's right to represent the legal person is being verified, it should be checked that joint right of representation has not been established for the legal person in the Business Registry. Joint right of representation means that a single member of the board is not authorised to submit the application to the registrar.

• If a member of the board of a legal person, who is not the administrative contact of the domain, wants to perform operations regarding the domain? If the member of the board has an equal right of representation (not a joint right of representation), he or she has the right to perform operations regarding the domain even if he or she is not the domain's administrative contact. In such a case, the registrar has to ensure that the person is a member of the board of the legal person holding a valid right of representation.

What should be done if the application or documents attached to it are not in the Latin alphabet?

• All applications submitted to the registrar must be in the Latin alphabet.

• It is up to the registrar to find a method to ensure that the contents of an application's attachment, which is not in the Latin alphabet (e.g. a certificate of the validity of the legal person, or a payment receipt of the bank/PayPal Verified transaction) corresponds with the data presented in the application submitted in the Latin alphabet.

• If the registrant has submitted an application with an attachment that is not in the Latin alphabet, the registrar is entitled to request a translation of the document in order to be able to verify its contents.

• The registrar is not obliged to request a translation from the registrant, and may use a dictionary to understand the contents of the non-Latin alphabet content.
• At the same time, however, it is important that the registrar follows the general principle of identity verification that the identity of the registrant is verified and the intent of the registrant established!

Related topics:
Updating Contact Information
Processing and Protection of Personal Data
Rights of Registrars
Obligations of Registrars

Related sections in the Domain Regulation: 4.1.2 and 41 with subsections; section 7 with subsections of the Registar Contract.

Processing and Protection of Personal Data

Any data concerning a natural person that has been submitted to the EIF through the registration service or any other kind of operation related to domains constitute personal data. Also, any kind of operation that involves a registrant's personal data constitutes the processing of personal data.

• For the purposes of the Personal Data Protection Act, the EIF is the chief processor of personal data and a registrar is the authorised processor of personal data.
  
• Personal data is data, which is referring to the natural person. For example personal data is natural person name, address information, health issues, IP-address, e-mail address etc.
• Registrars are obliged to apply security measures for protecting personal data in order to secure them against accidental or unauthorised processing, publication or destruction!
  
• A registrar may forward personal data at its disposal only to the EIF and the person whom the data concern;
  
• Personal data submitted by a registrant to the EIF for processing may be disclosed to third persons only in the case and on the basis laid down in law. This may happen e.g. in a situation where a body fulfilling tasks of a public nature (e.g. a court or the Data Protection Inspectorate) requests the personal data of a domain registrant on the basis of legislation.
  
• Registrars confirm their compliance with the requirements of processing personal data in an annual confirmation letter!
  

NOTE! Personal data are confidential and a registrar uses it only for fulfilling tasks pursuant to its role.

Related sections in the Domain Regulation: 8 with subsections.

.ee accredited Registrar is the person or agency who, pursuant to the Registry Agreement, provides Registrants with Registration Services.

• The Registrar Contract regulates EIF’s relationship with the Registrant.

• The Registrar has an EIF authorisation, and the right and obligation to provide Registration Services to Registrants. The Registrar may receive a fee based on agreements with Registrants.

• At least one of the Registrar’s employees has completed the EIF training programme and the Registrar completes other competence requirements fixed in the Contract.

Rights of a Registrar

• A registrar has the right and the obligation to provide registration services to registrants. Registration services include all activities related to the registration of an .ee domain and other related operations.
  
• A registrar has the right to request payment from the registrant for providing registration services (except in the case of issuing an authorisation code).
• The Registrar may allow one or several domain name registration periods.
• A registrar has the right to use subcontractors when providing registration services, giving them the right to fulfil the obligations of the registrar. In such case the registrar is responsible for the actions of the subcontractors as if it were its own actions.
  
• A registrar does not need the approval of a registrant to transfer its rights and obligations to another registrar.
  
• A registrar may provide one or several methods for enabling verification of identity!
  

Related topics:
Processing and Protection of Personal Data
Identity Verification
Signing of Applications

Related sections in the Domain Regulation: 3, 4 and 9.1.1 with subsections.

The Obligations of a Registrar

A registrar has the right and the obligation to provide registration services to registrants. A registrar must provide a high quality and safe registration service to registrants.

• A registrar must abide by the applicable Domain Regulation;
  
• For providing a registration service, a registrar is obliged to sign a service contract with the registrant.
  
• A registrar must verify the identity and establish the intent of the registrant before providing the registration service;
  
• A registrar must not provide a registration service to a registrant before the registrant has provided all data and documents required for the registration service.
  
• A registrar shall keep all personal data collected by it and available to it confidential! A registrar may use personal data only for fulfilling tasks arising from its role as a registrar.
  
• A registrar must implement house rules in its company regulating the obligations of the employees of the registrar when processing personal data and to ensure compliance with the Domain Regulation!

Related topics:
Processing and Protection of Personal Data
Identity Verification
Signing an Application

Related sections in the Domain Regulation: 4 with all subsections, sections 2.4, 6 and 8 of the Registry Contract.

Registrar's certified employee

According to the Registrar Contract with EIF, at least one of the registrar’s employee must be .ee certified person, who has completed certification test.

• .ee certified employee confirms that in the registrar team is a member, who has acquired sufficient knowledge regarding the general operation of the domain world as well as Estonia’s registry system.
• .ee certified employee must also train his/her colleagues about the specific knowledge of .ee domain regulation and registry system and helps them about .ee in their everyday work.
• .ee certified employee shall retake the test after every 2 years or if the domain regulation and its annexes have been significantly amended within the 2 years. In this case the registrar must take a new test within 4 months after the amendments have entered into force.

Potential problems:

• To whom the certification belongs? .ee certification belongs to the person who has successfully completed the certification test and is individual. If, for example, the .ee certified employee moves from one registrar to another, then the certification moves with them.
• If .ee certified employee leaves registrar? In this case the registrar must, within three months, certify a new employee at the EIF;

Registrar Change

Registrar change is a procedure of the domain name registrant replacing the current registrar with a new registrar.

• A registrant has the right to replace the registrar at any time.
  
• For replacing a registrar, the domain authorisation code is required;
  
• A registrant can get the authorisation code from the Registrant's Portal of EIF, the registrar's self-service environment or customer service;
  
• If the registrant has no way to obtain the authorisation code(s) of its domain(s), the registrar is obliged to issue the code to the registrant within five (5) workdays;
  
• To change the registrar, the registrant has to submit an application to the new registrar, who may, among other things, request payment for it.
  

NOTE! A registrar is obliged to cooperate with the registrant and the new registrar chosen by the registrant to enable the transfer of the domain. A registrar must not obstruct the transfer of a domain in any way nor ask for payment for issuing the authorisation code.

Potential issues and problems:

• A customer wants to move to a new registrar, but does not know the authorisation code? To obtain the code, the customer has to address this issue with the current registrar!
  
• What should we do with a customer who wants to leave, but hasn't paid for services? Replacement of registrar should not be obstructed!
  
• Who can the registrar issue the authorisation code to? The authorisation code may only be issued to the registrant, its authorised representative, incl. the administrative contact, or the new registrar appointed by the registrant (only if requested by the registrant);
  
• What happens if the registrar does not issue the authorisation code in five (5) workdays? In this case, the EIF will issue the authorisation code and contact the registrar for explanation.
  

Related topics:
Administrative Contact
Rights of a Registrant
Obligations of a Registrant

Related sections in the Domain Regulation: 2.13.7 and 5.3.7 with subsections.

For solving domain disputes, the EIF has established the Domain Disputes Committee (DDC), an independent body for solving disputes related to the .ee top level domain.

• A ruling of the DDC enters into force on the date of the decision being made. The EIF will not enforce the decision before 14 calendar days have passed from entry into enforcement of the decision.
  
• A party of the proceedings has the right to initiate judicial proceedings. The EIF will not enforce the ruling of the DDC if a court order has been forwarded to it within 14 days from the date of the decision of the DDC prohibiting the deletion or transfer of a disputed domain as a measure of securing the action.
  
• As long as there is no such court order, fulfilling the decision of the DDC is mandatory for a registrar after 14 days have passed from the decision. The party in favour of whom a decision of the DDC has been made, has the right to submit an application to the registrars to enforce that decision. Registrars must act upon this application (e.g. perform the transfer or deletion of a domain name on the date and at the time specifically agreed).
  
• An enforced decision of the DDC will replace the registrant’s declaration of will in an application regarding the transfer or deletion of a domain name.
  
• If applications have been submitted to the registrar during a procedure of the DDC regarding the disputed domain name, the applications submitted to the registrar shall be deemed invalid.
• If the .ee domain name registration, which is object of the DDC, has been deleted, it will be transferred into the list of registered domains. In this case, the DDDC decision enforcement is pursuant to special conditions for registering reserved domains.
• Enforced decisions of the DDC are available HERE (in Estonian).
  

Related sections of the Rules of the Domain Disputes Committee: 5.2.8 and 15.2 with all subsections.