Policy Alignment
- Uses ICANN-style principles for registration agreements, abuse mitigation, RDAP publication, accuracy, lifecycle controls, and dispute handling where appropriate for a policy-driven domain registry.
- Preserves upstream country-code registry authority for AFNIC-family labels in .pm, .wf, and .yt and Greece-family labels in .gr.
- Requires qualified legal review before production publication in jurisdictions where UDR, registrars, or registrants operate.
01 Scope
This Cookie Policy explains how UDR uses cookies, local storage, pixels, server logs, and similar technologies on the public website, WHOIS/RDAP pages, report-abuse portal, registrar portal, admin portal, blog, and automation endpoints.
02 Essential and Security Cookies
Essential cookies and local storage are needed for sessions, CSRF protection, form submission, rate limiting, admin login, abuse tracking, security monitoring, consent storage, and service availability. These cookies cannot be disabled through the site without breaking core functionality.
- Session cookies support Laravel sessions, CSRF validation, form status messages, and secure navigation.
- Security cookies and logs help detect abuse, credential attacks, scraping, spam, automation misuse, and service degradation.
- Logto or another identity provider may set authentication cookies during admin sign-in.
03 Preferences and Functional Storage
UDR may store preferences such as cookie consent, UI state, accessibility choices, selected extension, WHOIS query assistance, or admin-editor state. Preference storage improves the experience but is not used to change registry rights.
04 Analytics and Measurement
UDR may use privacy-conscious analytics to understand traffic, popular extensions, page performance, blog reach, conversion flows, abuse-form completion, and service quality. Where required, analytics cookies are used only after consent.
- Analytics should avoid collecting sensitive registration data or full abuse evidence.
- UDR may aggregate or anonymize analytics for product planning, registrar reporting, and security review.
05 Third-party Technologies
Third-party services may set cookies or similar identifiers when integrated into UDR workflows. Examples include Logto for admin authentication, n8n for automation routing, notification providers, analytics providers, payment providers, fraud tools, or embedded status tools.
- Third-party cookies are governed by the relevant provider terms and privacy notices.
- UDR should configure providers to minimize data collection and avoid non-essential tracking by default.
06 User Choices
Users can control non-essential cookies through the site consent interface where available or through browser settings. Blocking cookies may affect login, forms, abuse tracking, admin access, or support workflows.
07 Retention
Cookie and storage duration depends on purpose. Session cookies expire when the browser session ends or after inactivity. Security and consent records may last longer to protect the service, remember preferences, and document compliance.