SCHEDULE 1 - .BANK TLD
PLEASE NOTE THAT THIS SCHEDULE CONTAINS CONSENTS TO THE PROCESSING OF PERSONAL DATA (clause 3)
The terms and conditions in this Schedule as well as the T&C apply to all domain names within the .BANK TLD.
"Affiliate" means a person or entity that, directly or indirectly, through one or more intermediaries, or in combination with one or more other persons or entities, controls, is controlled by, or is under common control with, the person or entity specified. For purposes of this definition, "control" (including the terms "controlled by" and "under common control with") means the possession, directly or indirectly, of the power to direct or cause the direction of the management or policies of a person or entity, whether through the ownership of securities, as trustee or executor, by serving as an employee or a member of a board of directors or equivalent governing body, by contract, by credit arrangement or otherwise.
"DNS" means the Internet domain name system.
"Personal Data" means data about any identified or identifiable natural person.
"Registry Operator" means fTLD Registry Services LLC., a Delaware Limited Liability Company, with its principal place of business located at 600 13th Street NW, Suite 400, Washington, DC 20005 USA.
"RDDS" or "Registration Data Directory Service" means the collective of WHOIS and Web-based WHOIS services.
"Registered Name" means a domain name within the domain of the Registry TLD, whether consisting of two or more (e.g., first.state.bank), levels about which Registry Operator or an Affiliate engaged in providing Registry Services maintains data in a Registry Database, arranges for such maintenance, or derives revenue from such maintenance. A name in a Registry Database may be a Registered Name even though it does not appear in a TLD zone file (e.g., a registered but inactive name).
"Registered Name Holder" or "Registrant" means the holder of a Registered Name, which can be a person or entity owning or otherwise controlling a Registered Name by virtue of a registration agreement with an ICANN-accredited registrar.
"Registry Database" means a database comprised of data about one or more DNS domain names within the domain of the registry TLD that is used to generate either DNS resource records that are published authoritatively or responses to domain-name availability lookup requests or RDDS queries, for some or all of those names.
"Registry Operator's Security Requirements" means those security requirements described at https://www.ftld.com/enhanced-security, which are approved by Registry Operator and incorporated by reference into these terms and conditions as they may be amended from time to time.
"Registry Service Provider" means the entity that provides Registry System (as defined below) functionality for Registry Operator.
"Registry Services" means, for the purposes of this Agreement, the following:
(a) those services that are both:
(i) operations of the registry critical to the following tasks:
the receipt of data from registrars concerning registrations of domain names and name servers;
provision to registrars of status information relating to the zone servers for the Registry TLD;
dissemination of Registry TLD zone files;
operation of the Registry TLD zone servers; and
dissemination of contact and other information concerning domain name server registrations in the Registry TLD as required by the Registry-Registrar agreement; and
(ii) provided by the Registry Operator for the Registry TLD as of the effective date of the Registry Agreement ;
(b) other products or services that the Registry Operator is required to provide because of the establishment of a Consensus Policy, Specification and/or Temporary Policy (as defined in the Registry Agreement);
(c) any other products or services that only a registry operator is capable of providing by reason of its designation as the registry operator; and
(d) material changes to any Registry Service within the scope of (a), (b), or (c) above.
"Registry System" means the registry system for Registered Names in the Registry TLD.
"Registry TLD" means the .BANK TLD.
"Registry Verification Agent" means the entity that provides Verification Services (as defined below) for Registry Operator.
"Verification Services" means the Registry Verification Agent's process to verify the Registered Name Holder meets the eligibility requirements for registering/maintaining a .Bank Domain Name registration.
Other terms used in this Schedule as defined terms shall have the meanings ascribed to them in the body T&C.
2.1 Before a prospective Registered Name Holder (RNH) can register a .BANK domain, it will be subject to verification under the process outlined at https://www.ftld.com/wp-content/uploads/2015/01/Symantec-Verification-Overview-BANK-2015-01-15.pdf.
2.2 The RNH and its domain name(s) will be subject to re-verification under the circumstances:
2.2.1 Renewal of a domain name or every two years (whichever occurs first)
2.2.2 Change to the organization name
2.2.3 Upon request to the Registrar by the Registry Operator
3. HANDLING OF PERSONAL DATA.
3.3 By submitting a request in respect of a domain in the Registry TLD you consent to the collection and use of Personal Data as referred to in this clause 3.
4. OBLIGATIONS AND REPRESENTATIONS OF REGISTERED NAME HOLDER
4.1. The RNH undertakes that it will, in its main place of business, provide administrative contact information, which must be kept up to date at all times for the notification of complaints or reports of registration abuse, and the contact details of the relevant regulatory, or industry self-regulatory, bodies.
4.2. The RNH acknowledges that in addition to the terms and conditions of the Agreement it agrees to and will comply with:
(i) All .BANK Policies and procedures as they may be instituted or updated from time to time and published on the Registry Operator's website at https://www.ftld.com/policies/, including but not limited to:
Acceptable Use/Anti-Abuse Policy
Name Allocation Policy
Name Selection Policy
Policy Development Process Policy
Registrant Eligibility Policy
Registration Eligibility Dispute Resolution Policy
Reserved Names Challenge Policy
Sunrise Dispute Resolution Policy
Whois Access Policy
The definitions used in these policies and procedures are set out in
(ii) any and all applicable national, state or local law, regulation or court order in relation to its registration in the Registry TLD, including those that relate to privacy, data collection, consumer protection (including in relation to misleading and deceptive conduct) fair lending, debt collection, organic farming, disclosure of data and financial disclosures.
4.3 If the RNH collects and maintains sensitive health and financial data it will implement reasonable and appropriate security measures commensurate with the offering of those services as defined by applicable law.
4.4 The RNH will not distribute malware, abusively operate botnets, engage in phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, or counterfeiting, or otherwise engage in abusive conduct or other activity contrary to applicable law. Abusive conduct includes, but is not limited to: malicious conduct, negligent and reckless behaviour. The consequences of such conduct may include, but are not limited to:-
(i) suspension of the domain name
5 WARRANTIES, REPRESENTATIONS, ACKNOWLEGEMENTS AND AGREEMENTS
5.1 The RNH warrants and represents that it possesses all and any necessary authorizations, charters, licences and/or other related credentials for participation in the banking sector.
The RNH will report any material changes to the validity of its authorizations, charters, licences and/or other related credentials for participation in the banking sector.
5.2 The RNH acknowledges and agrees that the Registry Operator reserves the right to deny, cancel or transfer any Registered Name registration or transaction, or place any Registered Name(s) on registry lock, hold or similar status, as it deems necessary, in its unlimited and sole discretion;-
(i) to comply with specifications adopted by any industry group generally recognized as authoritative with respect to the Internet;
(ii) to correct mistakes made by Registry Operator or any Registrar in connection with a domain name registration, or
(iii) for the non-payment of Fees to Registry Operator.
By submitting a request in respect of a domain in the Registry TLD you consent to the collection and use of Personal Data for the purposes set out in this clause 5.2.
5.3 The RNH agrees that in the event of any dispute concerning the time of the entry of a Registered Name registration into the Registry System, the timestamp shown in the Registry System records shall control.
5.4 Registry Operator may offer premium domain names that are subject to non-standard registration and renewal fees. Please ask Lexsynergy about pricing for these domain names.
6.1 The RNH will indemnify, defend and hold harmless LS, the Registry Operator, Registry Service Provider, Registry Verification Agent and other contractually obligated vendors, and in each case, their Affiliates, partners, subcontractors, subsidiaries, divisions, shareholders, directors, officers, employees, accountants, attorneys, insurers, agents, predecessors, successors and assigns, from and against any and all claims, demands, damages, losses, costs, expenses, causes of action or other liabilities of any kind, whether known or unknown, including reasonable legal and attorney's fees and expenses in any way arising out of, relating to, or otherwise in connection with, the RNH's domain name registration.
6.2 This clause 6 shall survive the termination or expiration of this Agreement.
7. SECURITY REQUIREMENTS
7.1. The RNH will not use privacy or proxy registration services in registering or maintaining domain name registrations with the TLD. Proxy/Privacy registrations are prohibited by the Registry TLD.
7.2. The RNH must deploy DNSSEC at each zone and subsequent sub-zones for domains that resolve in the DNS.
7. 3. The RNH will follow the best practices described in RFC 6781 (obtainable at - https://tools.ietf.org/html/rfc6781) and its successors.
7.4 The RNH will not use unencrypted protocols in order to prevent tampering with messages.
7.5. The RNH will publish a valid Domain-based Message Authentication, Reporting and Conformance (DMARC) record with a requested mail receiver policy of either quarantine or reject for domains that resolve in the DNS.
7.6 RNH will publish a valid email authentication record under all circumstances.
7.7 For domains intended to send email, RNH will publish at least one of the following email authentication DNS Resource Records:
Sender Policy Framework (SPF),
Domain Keys Identified Mail (DKIM).
7.8 When used to protect non-email sending domains, RNHs will publish a DMARC reject requested mail receiver policy or If the RNH does not use the domain for sending email, then it must publish an appropriate record reflective of that policy.
7.9 When deploying DMARC, RNHs may temporarily use a "none" (p=none) during the implementation phase of email capabilities on the affected domain, but must change the policy to either quarantine or reject for ongoing operations.
7.10 It is recommended that:
(i) DMARC records specify strict identifier alignment for both SPF and DKIM via the adkim and aspf tags: and
(ii) DMARC records published at an organisational domain level set an appropriate sp: tag.
7. 6. DNS Resource Records (e.g., CNAME, DNAME, SRV ) are prohibited from aliasing to DNS records outside of the secure zone.
7. 11. Nameserver host names must be in the parent zone.
8. TERMINATION AND EFFECT OF TERMINATION.
8.1 LS shall on any expiration or termination of its agreement with Registry Operator immediately transfer its sponsorship of the RNH's Registered Name registration to another ICANN-accredited registrar of the Registry TLD.
9.1 Without prejudice to the generality of clause 20.5 of the T&C, in addition to the clauses referred to in such clause 20.5, clauses 3, 4.3, the consent in 5.3, 6 and 9.1 of this Schedule will survive the expiration or termination for any reason of the Agreement.