eo.tc

Privacy Policy

Last updated: 2026-05-11

This Privacy Policy describes how Elysia Root L.C. ("we", "us") collects, uses, and shares information in connection with the eo.tc subdomain registration service (the "Service"). We operate from the United States.

1. Information We Collect

1.1 Account information

  • Email address
  • Name
  • Company (optional)
  • Hashed password (we never store plaintext)
  • Preferred locale

1.2 Domain registrant information

  • Registrant name (English)
  • Registrant phone number
  • Registrant email address
  • Optional postal address fields if a future TLD product requires them

1.3 Payment information

Card number, CVC, and expiration date are submitted directly to Stripe and are not stored on our servers. Stripe is PCI-DSS compliant. We retain the following non-sensitive metadata in our database to support automatic renewal and on-screen display of saved methods:

  • Stripe customer ID
  • Stripe payment-method ID
  • Card brand (e.g. Visa, Mastercard)
  • Last four digits of the card

1.4 Connection logs and access events

When you sign up, sign in, or perform major actions on your account or domains, we record basic information to help protect your account:

  • IP address
  • Approximate country
  • Browser type
  • Date and time

We use this information only to protect your account and investigate abuse. We do not sell it, share it with advertisers, or use it to build a profile of you.

2. How We Use Information

  • To provide, maintain, and improve the Service
  • To verify identity, prevent fraud, and enforce the Acceptable Use Policy
  • To process payments and renewals
  • To send transactional and service-related email (verification, expiration notices, abuse notices)
  • To comply with legal obligations

3. Third-Party Service Providers

  • Cloudflare — infrastructure, DNS, transactional email, and Turnstile bot protection
  • Stripe — payment processing

We do not sell or rent personal information. We do not use third-party automated abuse scanning services for the time being.

4. Your Rights — California (CCPA / CPRA)

California residents have the right to (a) know what personal information we collect and how we use it, (b) request deletion of personal information, (c) request correction of inaccurate personal information, (d) opt out of any "sale" or "sharing" of personal information, and (e) be free from retaliation for exercising these rights. We do not sell or share personal information for cross-context behavioral advertising.

To exercise these rights, email abuse@elysia-root.com.

5. Your Rights — Other U.S. States

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), and other states with comparable laws may exercise rights to access, correct, delete, and obtain a portable copy of their personal information by contacting us at abuse@elysia-root.com.

6. Children Under 13 (COPPA)

The Service is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information, please contact us at abuse@elysia-root.com and we will delete such information.

7. Data Retention

We retain account data while the account is active. Upon deletion of an account, personal information is deleted within 30 days, except (a) information we are required to retain by law (for example, payment records for tax or accounting), and (b) backups, which are overwritten on a regular schedule.

Connection logs (Section 1.4) are kept for six months and then deleted automatically. The IP address and country saved on your account as your most recent and original sign-in are replaced each time you sign in again, and are removed when you delete your account.

8. Security

We employ industry-standard administrative, technical, and physical safeguards to protect personal information, including encryption in transit and at rest, secure password storage, and access controls. Despite reasonable safeguards, no system is perfectly secure, and we cannot guarantee absolute security.

9. International Users

We operate from the United States. By using the Service from outside the United States you consent to the transfer of your information to the United States.

10. Future TLD Reselling Notice

If we add a future product that registers gTLDs (such as .com or .net), additional registrant information may be required, and ICANN rules may cause that information to be published in the public WHOIS database. Such service will be offered under separate notice.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and revise the "Last updated" date above. Material changes will also be notified by email.

12. Contact

Elysia Root L.C., a Wyoming limited liability company with its principal place of business in New York, U.S.A. · abuse@elysia-root.com