UDR Universal Domain Registry
EN FR
Registrar Login Register Domain

Version 2.0 - Effective 2 May 2026

Acceptable Use Policy

DNS abuse, content abuse, upstream-family, evidence, enforcement, and reinstatement standards for all UDR labels.

Effective 2 May 2026 Universal Domain Registry AUP v2.0

Policy Alignment

  • Uses ICANN-style principles for registration agreements, abuse mitigation, RDAP publication, accuracy, lifecycle controls, and dispute handling where appropriate for a policy-driven domain registry.
  • Preserves upstream country-code registry authority for AFNIC-family labels in .pm, .wf, and .yt and Greece-family labels in .gr.
  • Requires qualified legal review before production publication in jurisdictions where UDR, registrars, or registrants operate.

AFNIC-administered suffixes

PM WF YT TF

Applies to UDR labels operated under parent names in .pm, .wf, .yt, and .tf. These top-level domains are administered by AFNIC and are subject to AFNIC naming rules, French public order and morality principles, intellectual property protections, and upstream registry action.

Upstream Reference

Greece-administered suffixes

GR

Applies to UDR labels operated under parent names in .gr, including AC.GR. These names sit beneath the .gr namespace coordinated by FORTH-ICS under EETT regulation and may be affected by .gr eligibility, reserved-name, geographic-name, public-order, and assignment rules.

Upstream Reference

01 Purpose and Registry Status

Universal Domain Registry is a policy-driven domain registry. UDR allocates conditional use rights in labels beneath parent domains controlled by UDR or its partners, including ORG.YT, BIZ.WF, NAME.PM, AC.GR, SCH.TF, and SCH.WF. UDR is not ICANN, AFNIC, EETT, FORTH-ICS, or an ICANN-accredited registrar, but it voluntarily aligns its registry controls with mature registry and registrar standards where they fit a private subdomain namespace.

This Acceptable Use Policy applies to registrants, registrar partners, resellers, DNS operators, hosting providers, technical contacts, and anyone who controls or benefits from a UDR label. It applies to the label itself, DNS records, redirects, mail services, hosted services, APIs, marketplaces, and any infrastructure reachable through the label.

  • A UDR label is a revocable, conditional right of use and not ownership of a top-level domain, country-code top-level domain, or parent domain.
  • UDR may refuse, hold, lock, suspend, redirect to a warning page, delete, transfer, or refuse renewal of a label when required by policy, contract, upstream registry rule, court order, competent authority request, or credible security risk.
  • The stricter or more specific rule controls when this AUP, a registrar agreement, an upstream registry policy, or applicable law overlap.

02 DNS Abuse

DNS Abuse means conduct that uses a domain name or DNS infrastructure to cause technical harm, deceive users, or materially threaten the security, stability, or resiliency of the DNS. UDR treats well-evidenced DNS Abuse as urgent and may act before contacting the registrant when immediate disruption is necessary.

For ICANN-style alignment, UDR treats malware, botnets, phishing, pharming, and spam used as a delivery mechanism for those harms as core DNS Abuse categories. UDR may also act on adjacent harms when they threaten users, registrars, upstream registry standing, or the public interest.

  • Phishing includes fake login pages, credential theft, deceptive payment pages, invoice fraud, wallet-seed theft, and account-takeover infrastructure.
  • Malware includes ransomware, droppers, exploit kits, malicious downloads, malicious scripts, drive-by compromise, and payload distribution.
  • Botnet abuse includes command-and-control, botnet enrollment, fast-flux service, traffic proxying, and infrastructure that materially supports botnet operation.
  • Pharming includes DNS manipulation, misleading resolver behavior, traffic redirection, or other activity that diverts users to unauthorized destinations.
  • Spam is actionable when it delivers, advertises, coordinates, or materially enables phishing, malware, botnets, pharming, fraud, or other prohibited use.
Critical DNS Abuse reports may trigger immediate hold or suspension, followed by evidence review and notice as soon as operationally reasonable.

03 Prohibited Use

A UDR label must not be registered, configured, advertised, transferred, brokered, or used for unlawful, deceptive, abusive, rights-infringing, or registry-damaging activity. Prohibited use includes direct activity and indirect enablement through DNS, mail, redirects, parking pages, cloaking, CDN configuration, marketplaces, affiliate traffic, or third-party hosting.

  • Fraud, impersonation, fake support desks, investment scams, romance scams, public-authority impersonation, credential harvesting, and deceptive commercial practices.
  • Child sexual abuse material, non-consensual intimate material, trafficking, terrorism support, credible threats, doxing, stalking, or content that applicable law requires UDR to restrict.
  • Counterfeit goods, illegal pharmaceuticals, controlled substances, sanctions evasion, unlawful weapons trade, money laundering, and other illegal goods or services.
  • Trademark, copyright, personality-rights, institutional-name, geographic-name, governmental-name, educational-name, or public-sector rights abuse, including typosquatting and confusingly similar labels.
  • Activities that attack UDR, registrar partners, RDAP services, name servers, users, security researchers, trusted notifiers, or upstream registry operations.

04 AFNIC Family Labels

AFNIC Family Labels are UDR labels whose parent names sit under .pm, .wf, .yt, or .tf. These include NAME.PM, SCH.WF, BIZ.WF, ORG.YT, SCH.TF, and any future UDR parent name in the same family.

Registrants must not request or use AFNIC Family Labels that are reserved, blocked, contrary to public order or morality, misleading as to public authority, or likely to infringe intellectual property, personality, institutional, geographic, or public-sector rights.

  • UDR may require proof of authorization for labels resembling public authorities, regulated professions, official services, geographic places, election-related terms, health services, financial services, emergency services, or highly symbolic terms.
  • UDR may place AFNIC Family Labels in manual review before activation, renewal, registrant change, transfer, or reinstatement.
  • UDR may suspend or delete an AFNIC Family Label when continued delegation could put the relevant .pm, .wf, or .yt parent domain at risk with AFNIC, an upstream registrar, a court, or a competent authority.

05 Greece Family Labels

Greece Family Labels are UDR labels whose parent names sit under .gr, including AC.GR. These labels are reviewed with special care because .gr names may be affected by reserved-name, geographic-name, governmental-name, assignment, public-order, and eligibility rules.

A registrant using a Greece Family Label warrants that the requested label is accurate, lawful, not misleading as to educational or public authority status, and not being used to evade .gr namespace requirements.

  • AC.GR labels that imply academic, research, school, government, or public-sector status may require documentary evidence before activation.
  • Geographic, governmental, official, highly symbolic, or regulated terms may be refused, reserved, or escalated for review.
  • UDR may suspend, lock, transfer, or delete a Greece Family Label when required by an upstream registrar, the .gr registry, EETT, FORTH-ICS, a court, or a competent authority.

06 Registrant and Registrar Duties

Registrants must keep registration, billing, technical, and abuse-contact data accurate, reachable, and updated throughout the label term. Registrar partners must collect and transmit the data required to operate the registry, publish permitted RDAP data, investigate abuse, and comply with upstream requirements.

  • Respond to UDR, registrar, compliance, abuse, or upstream notices within the stated deadline, or within 24 hours for critical security reports.
  • Maintain lawful DNS, mail, redirect, hosting, API, and marketplace behavior associated with the label.
  • Preserve evidence relevant to an investigation and provide logs, provider details, customer records, or remediation proof when reasonably requested.
  • Do not warehouse, speculate, sublicense, or transfer labels in a way that evades eligibility, premium pricing, registrar approval, rights review, or upstream constraints.

07 Evidence, Triage, and Trusted Reports

UDR evaluates abuse reports by evidence quality, urgency, user harm, technical indicators, history, and upstream registry risk. Evidence can include URLs, DNS records, screenshots, headers, malware hashes, certificate transparency records, hosting details, transaction records, law-enforcement references, or trusted notifier submissions.

  • Critical reports target initial triage within 30 minutes when automation and staffing are available.
  • High severity reports target initial triage within 4 hours.
  • Medium and low severity reports target review within 1 business day.
  • UDR may use automated enrichment, n8n routing, AI-assisted classification, blocklist correlation, and provider lookups, but human review controls material enforcement decisions unless immediate automated disruption is necessary to prevent harm.

08 Enforcement and Remedies

UDR chooses remedies proportionate to risk. A single incident may justify immediate action when harm is clear. Repeated low-risk incidents, inaccurate registration data, or failure to respond may also justify escalation.

  • Notice, warning, cure deadline, enhanced verification, or registrar escalation for correctable administrative issues.
  • Registry hold, server hold, DNS suspension, redirect interruption, lock, or nameserver change where immediate user protection is required.
  • Deletion, non-renewal, transfer restriction, reseller restriction, registrar program review, or account termination for severe, repeated, fraudulent, illegal, or upstream-directed cases.
  • Referral to registrars, hosting providers, mail providers, upstream registries, trusted notifiers, payment providers, regulators, law enforcement, or rights holders when appropriate.

09 Appeals, Reinstatement, and Repeat Abuse

A registrant may request review by contacting the compliance desk with the label, account details, evidence of authorization, remediation steps, and a clear explanation of why reinstatement is appropriate. UDR may deny reinstatement where risk remains unresolved, upstream rules prevent reinstatement, or the registrant has a history of repeated abuse.

UDR may require verified identity, corrected registration data, DNS changes, provider changes, written undertakings, registrar confirmation, or payment of outstanding fees before reinstatement.

Back to Legal Hub Contact Compliance