The rules regarding privacy that are described here mainly concerning the information of the Contacts that is received and stored NIC-Internet Costa Rica, through our Official Website http://www.nic.cr and or other means, concerning the data gathered that are accessible to the general public because of the type of administration services of Domain Name, the data that is kept confidential, and about the tools and proceedings used by NIC-Internet Costa Rica to guarantee confidentiality and security on the information furnished by our Contacts and remitted by NIC-Internet Costa Rica to them.

The following agreement is subject to changes in agreement with the Internet, the technological tools associated with the net operation, and the evolution of the established model for Domain Name administration registered under the cc.TLD.cr.

Thus amended by the publication in La Gaceta No.30 of February 12th, 2008.

Thus amended by the publication in La Gaceta No.85 of May 5th, 2009.

Thus amended by the publication in La Gaceta No. 237 of December 7th, 2009.

8.1 Receiving the information provided by the User:

The User that enters into our Official Website http://www.nic.cr and proceeds to submit personal and payment data, whether to register as Contact or to register or renew a Domain Name, may rest assure that the information provided will be managed and stored carefully. Said information is received through the Payment forms for Domain Name Registration or Renewal, Contact Registry forms, Domain Name Registry forms, Domain Name Modification forms, and through the paperwork sent to the offices of NIC-Internet Costa Rica or by emails to any of the email accounts of the NIC unit. The information received by NIC-Internet Costa Rica from the Users through the above mentioned means, will be duly processed and stored, encrypted in a database and electronic archives, following high security controls. Same controls are followed for the archiving of physical data.

In regards to the card payment information that the User provides (card number, type of card, expiration date, card holder), it is used exclusively for the processing of the respective payment through the processing entity for card transactions.

Thus amended by the publication in La Gaceta No.30 of February 12th, 2008.

Thus amended by the publication in La Gaceta No. 237 of December 7th, 2009.

8.2 Reliability on the Information provided by the User:

All the information sent to NIC-Internet Costa Rica via our Official Website http://www.nic.cr, through the paperwork sent to the office of the NIC unit, or through emails to any of the online accounts of NIC-Internet Costa Rica must be legitimate. Thus it is the Domain's Holder responsibility to provide and keep the data updated. The Domain Name's Holder guarantees that any updates done through the official website http://www.nic.cr, or paperwork sent to the offices of NIC-Internet Costa Rica or by emails to any of the email accounts of the NIC unit will be duly processed and stored following the modification procedures in force. NIC-Internet Costa Rica will be free from any responsibility because of any communication or mailing failure, renewal reminders, or any other transaction that NIC-Internet Costa Rica may send or apply on behalf of the User, whenever the information that the User has provided is not legitimate or updated.

NIC-Internet Costa Rica is not compelled to verify the information provided by the Domain Name Holder to determine whether or not the information is legitimate or if the information transgresses a third party rights. However, in case of a dispute NIC-Internet Costa Rica could use as proof all the statements and information provided by the Domain Name Holder.

NIC-Internet Costa Rica reserves the right to delete or execute any other action against the Domain Name, if the Domain Name application or its modification contains, fraudulent, inaccurate or misleading information that NIC-Internet Costa Rica considers relevant to approve and authorize the use of a Domain Name.

Thus amended by the publication in La Gaceta No.30 of February 12th, 2008.

Thus amended by the publication in La Gaceta No. 237 of December 7th, 2009.

8.3 User's data accessible to the General Public:

Due to the nature of the Domain Name registration and administration process carry out by the National Academy of Sciences through NIC-Internet Costa Rica, a tool called WHOIS is available within the Official Website http://www.nic.cr, The sole purpose of this tool is to present Domain Name information regarding the Domain Name's registered under the ccTLD.CR in order to appoint the domain names. The Domain Name Holder allows NIC-Internet Costa Rica to display any information regarding the Domain Name through the WHOIS tool, with the purpose of attaining information about the Domain Name registration. Such information is displayed only for a determined Domain Name.

Even though the data obtained through WHOIS is accessible for the general public, it bears a word of warning: "The information presented through WHOIS is furnished by the Domain Name database registered in NIC-Internet Costa Rica. This selection has the sole purpose to present Domain Name information regarding the Domain Name's registered under the ccTLD.CR in order to appoint the Domain Name's. It is absolutely unlawful to compile, store, use and/or transmit the information received through the option, WHOIS, for commercial or financial purposes, without prior consent from those involved, and at NIC-Internet Costa Rica, this information comes from our Contacts so it is their responsibility. The National Academy of Sciences shall not be held accountable for the use of the information displayed." This warning is shown in the option WHOIS.

Thus amended by the publication in La Gaceta No.30 of February 12th, 2008.

Thus amended by the publication in La Gaceta No.85 of May 5th, 2009.

Thus amended by the publication in La Gaceta No. 237 of December 7th, 2009.

8.4 Other information provided by Users:

The information that is provided by the User to NIC-Internet Costa Rica and that is kept confidential is anything that is not displayed on WHOIS. Confidential information includes: any type of payments, registration or renewal fees, or any other service provided by NIC-Internet Costa Rica

Thus amended by the publication in La Gaceta No.30 of February 12th, 2008.

Thus amended by the publication in La Gaceta No. 237 of December 7th, 2009.

8.5 Available payment methods:

NIC-Internet Costa Rica offers various methods of payment, where the User must provide information that is kept absolutely confidential. Payment methods are those listed in Article 7.4 "Methods of Payment" in this document.

Thus amended by the publication in La Gaceta No.30 of February 12th, 2008.

Thus amended by the publication in La Gaceta No. 237 of December 7th, 2009.

8.6 Password:

The password retrieval and recall question will be kept strictly confidential. This information is retrieved in the "Frequent Procedures" option in the Official Website http://www.nic.cr, through the Contact Registration form and the Domain Name Registration form. This data is properly stored encrypted in our database, by means of a Secure Socket Layer (SSL), which is a Certificate of Security and protection to our online information.

Regarding the password retrieval, this transaction is done through an email, from the email account domreg@nic.cr, which is protected by Digital IDs for Secure Email. This allows:

• To digitally signing email messages sent through NIC-Internet Costa Rica, to reassure our customers that the email was remitted by the NIC-Internet Costa Rica unit

• To encode emails so intruders cannot be able to read it. ONLY the User's email will be able to decipher it.

Thus amended by the publication in La Gaceta No.30 of February 12th, 2008.

Thus amended by the publication in La Gaceta No. 237 of December 7th, 2009.

8.7 Certificate of Security:

The operations' security via Internet is an aspect that deeply concerns every online User, specially when financial transactions are being executed or other private data is being transmitted. One of the methods that NIC-Internet Costa Rica uses to provide protection to the Official Website http://www.nic.cr is a Security Certificate based on the protocol SSL.

Through this Security Certificate, all the information that is transmitted to the official website http://www.nic.cr is protected. It encrypts the transmittal, as well as the target destination. These two techniques are the premises in which the SSL protocol is based.

Thus amended by the publication in La Gaceta No.176, on September 13th, 2005.

Thus amended by the publication in La Gaceta No.30 of February 12th, 2008.

Thus amended by the publication in La Gaceta No. 237 of December 7th, 2009.