Contact Point of the .pl domain name Registry for the KSC matters

Procedure and Policy for Disclosing Data from the .pl Domain DNS Database

1. This procedure and policy (hereinafter: “Procedure”) is to be applied by the Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy, seated in Warsaw, Poland, which maintains the .pl domain name Registry ("the Registry") and was introduced pursuant to Article 16c(3) of the Act of July 5, 2018, on the National Cybersecurity System ("uKSC") in conjunction with Article 28(5) of Directive (EU) 2022/2555 of the European Parliament and of the Council of December 14, 2022, on measures for a high common level of cybersecurity within the Union, amending Regulation (EU) No 910/2014 and Directive (EU) 2018/1972, and repealing Directive (EU) 2016/1148 (NIS 2 Directive).

2. The Procedure regulates the rules for disclosing data from the database concerning the registration of domain names in the ".pl" TLD ("DNS Database"), in particular data concerning domain name registrants ("Registrants"), entered into the DNS Database by registrars. This Procedure does not limit in any way the ability of registrars or other entities providing domain name registration services to disclose such data, in accordance with Article 16c of the uKSC or other relevant legal provisions.

3. The Procedure shall only relate to the DNS services as provided by the Registry. These services do not constitute hosting as defined by law, and the Registry is not, in particular, a provider of search engines, internet platforms, websites, or other similar services, and does not make data in this regard available, nor does it make available data concerning domain names in TLDs other than ".pl."

4. Data in the DNS Database, including Registrant’s data that has not been restricted as requiring GDPR protection, shall be published in the Whois database, unless it is currently subject to an applicable verification procedure. The Whois database is available on the Registry’s website (dns.pl), and accessing the data published therein does not require the actions referred to in the Procedure.

5. Data from the DNS Database shall be disclosed in response to a request prepared and signed in accordance with Article 16c of the uKSC, concerning specific data. For this purpose, the exact .pl domain name must be provided; in particular, the website address must not be provided, the domain name must not be preceded by prefixes such as "www" or "https://," or suffixes added after the domain name, etc.

6. Requests are processed in Polish and English and are accepted using the following contact details:

   1. Electronic Delivery Address: AE:PL-60057-61611-BCEGR-11;
   2. ePUAP Mailbox: /NASK-Instytut/SkrytkaESP;
   3. email address: info@dns.pl;
   4. authorities from countries other than Poland may also submit correspondence through a Polish authority, in accordance with applicable regulations and agreements between the authorities;
   5. To facilitate communication, particularly in the cases referred to in paragraphs 7-9 below, it is recommended to also include the contact telephone number of the person handling the case in the request.

7. The applicant may be asked to supplement or clarify the request, particularly if the exact domain name is not provided.

8. The disclosure of data from the DNS Database may additionally require compliance with relevant legal provisions, in particular the GDPR. For this purpose, the Registry may use data encryption tools or other appropriate technical solutions, as well as agree with the applicant on the method of adequately securing the disclosed data.

9. Providing a response may require the involvement of the registrar, particularly in the case of a data verification procedure. If such a procedure or the significant size of the requested data may affect the response time, the Registry shall immediately inform the applicant. Further action shall be taken in consultation with the applicant.

10. The response shall be sent to the address specified in the request, and if no such address is provided, to the address from which the request was sent.

11. Any changes to the Procedure shall be implemented by publishing an updated version of the Procedure on the Registry’s website (dns.pl) and shall take effect as of the date of such publication, unless otherwise specified.