Requests | Blesta


Resellerclub GDPR/Privacy updates

Eddris Khan shared this idea 4 years ago
Under Consideration

Can the Blesta module for Resellerclub be updated to include the new data privacy settings.


Info (API Stuff towards the end):

For New Domain Registrations, Renewals, Transfers:

All domain

registrations and transfers from SuperSite will use the details from

the customer contact created during the purchase flow or all the 4

contacts: Admin, Billing, Technical and Registrant contact.

The customer can log in to the control panel and change the default contact or edit any of the 4 contactsIf any of these contacts created / selected at the time of domain registration are

from within the EU region, GDPR WHOIS Protection will be enabled for

the Domain name by default during the purchase process. GDPR WHOIS

Protection will work exactly as explained above

Users will be alerted in the purchase flow that their personal information is protected in WHOIS results for free


they still have the choice of layering Privacy Protection over GDPR

WHOIS protection in order to receive emails like sale notices.

WHOIS data for EU customers will always be masked regardless of whether or not Privacy Protection is enabled Partners using the ResellerClub API must note two new attributes that will be recorded for domain names:

Data protection eligibility: This indicates whether the contact information must be masked for a particular domain name.

Data protection status: This indicates if the data protection status is currently turned ON or OFF.

Partners using the API must incorporate the following changes to enable customers to manage their data protection settings:

A new API method to disable and re-enable data protection;

A new API method to resend an authorization email for disabling data protection;

A new API method to cancel disabling request;

Two new parameters in domains/details and domains/details-by-name API methods

Data protection eligibility Data protection status

Our engineering team is currently working on building these changes into the system. While we do that, to enable our API partners to plan ahead, we will aim to share the final API specification with sample request and response patterns as soon as they are ready. . Also, we will confirm when the new API methods will be available on the demo environment.

Notwithstanding the foregoing, access to personal data of domain name registrants may be granted when such access is necessary for technical reasons such as for the facilitation of transfers, or for law enforcement when it is legally entitled to such access.