GoDaddy - European Supplemental Privacy Notice

GoDaddy and certain of its affiliates (collectively "GoDaddy") maintains a global privacy and data protection program as described in our Global Privacy Notice.

This European Data Protection Notice supplements our Global Privacy Notice by providing additional disclosures required by law in the European Union/European Economic Area (EU/EEA), Switzerland, and the United Kingdom.

When you use services offered by GoDaddy in the EU/EEA, Switzerland, or the United Kingdom, the data controller will be the legal entity with whom you have entered into a contract and/or that is identified as the legal owner of the website you visited, as follows:

• GoDaddy.com – GoDaddy.com, LLC
• Sucuri.net – GoDaddy Media Temple, Inc. d/b/a Sucuri
• Poynt.com – Poynt, LLC
• Blue Razor Domains, LLC – GoDaddy.com, LLC
• CallCatchers Inc. d/b/a FreedomVoice – CallCatchers, Inc.
• GoDaddy Sellbrite, Inc. – GoDaddy Sellbrite, Inc.

We use personal data to operate our business and provide the services requested by our customers as described in our Global Privacy Notices. We also use personal data to comply with our legal obligations and protect our legitimate interests, including communicating with customers and others, improving our services, customizing and personalizing our services, and detecting fraudulent and illegal activity. With your prior consent, we also may use your personal data to send you marketing materials and offers.

We use optional and mandatory (essential) cookies and other online identifiers ("Identifiers") as part of our services. Please see our Global Privacy Notice section on identifiers for more information. Please note that in cases where our optional identifiers involve processing of personal data of data subjects in the EU/EEA, Switzerland, and the UK, we collect your consent before using those cookies.

We operate a global business and personal data you provide may be transferred from your country to the United States or to another country where we do business. We make these transfers when necessary to provide our services, to perform our contract with you, or when we have your consent to transfer your personal data to another country.

We transfer personal data outside the EU/EEA, Switzerland, and the UK to countries that have been determined by the European Commission to offer an adequate level of data protection. Such transfers are made pursuant to the requirements of applicable adequacy decisions.

For transfers from the EU/EEA and Switzerland to countries that have not been deemed to offer an adequate level of data protection, we transfer personal data pursuant to a data protection addendum with standard contractual clauses and appropriate supplementary measures including, appropriate technical and organizational measures.

For transfers from the UK to countries that have not been deemed to offer an adequate level of data protection, we transfer personal data pursuant to a data protection addendum consistent with the requirements of the UK International Data Transfer Agreement issued by the UK Information Commissioner, Version B1.0.

For transfers to the United States, we transfer personal data pursuant to the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension to the EU-U.S. DPF, and/or the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) as set forth by the U.S. Department of Commerce.

We have certified to the U.S. Department of Commerce that we adhere to the EU-U.S. Data Privacy Framework Principles (“EU-U.S. DPF Principles”) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. We have certified to the U.S. Department of Commerce that we adhere to the Swiss-U.S. Data Privacy Framework Principles (“Swiss-U.S. DPF Principles”) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in our privacy notices and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (“DPF”) program, and to view our certification, please visit https://www.dataprivacyframework.gov/s/participant-search/.

For transfers to the United States where transfers via the DPF are not available, we transfer personal data pursuant to a data protection addendum with standard contractual clauses and appropriate supplementary measures including, appropriate technical and organizational measures.

Please see our Data Privacy Framework Notice for more information on our compliance with the DPF's requirements.

Our EU Article 27 Representative is:

GoDaddy Deutschland GmbH
c/o WeWork
Friesenplatz 4
50672 Cologne, Germany

UK Article 27 Representative Our UK Article 27 Representative is:

GoDaddy Europe Ltd. Attn: Legal, Office of the Data Privacy Officer
5th Floor, The Shipping Building, Old Vinyl Factory
252-254 Blyth Road
Hayes, UB3 1HA

In the EU/EEA, you have the right to lodge a complaint with your local data protection supervisory authority.

In Switzerland, you have the right to lodge a complaint with the Federal Data Protection Information Commissioner.

In the UK, you have the right to lodge a complaint with the Information Commissioner's Office.