Chose your color

Frequently visited

Frequently asked questions

  • I am looking for a domain name registrant. Where can I look it up?

    The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.

    On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.

  • I would like to transfer my domain name to another registrar. What is the procedure?

    To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.

  • The details registered about me/my company are incorrect or out of date. How can I get them updated?

    To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.

  • Why is my domain name in quarantine?

    When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.

    One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.

  • Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?

    Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.

  • What conditions do I have to meet as a registrar?

    Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.

More frequently asked questions

Major data breach at youth services organisation could have been prevented

Others warned about the risk posed by cancelled domain names

On Wednesday, a leading Dutch news outlet reported a major data breach at the Utrecht Youth Services Agency (now known as SAVE). Well over three thousand case files and two hundred voicemails and internal mails containing full details of vulnerable children were compromised. How? Through careless cancellation of a disused domain name when the organisation became SAVE. For industry insiders, it's a familiar story: the Dutch police suffered a very similar data breach two years ago. So how can it have happened again?

In 2015, the Utrecht Youth Services Agency changed its name to Samen Veilig Midden-Nederland ('Safe Together Central Netherlands', or SAVE for short). Three years after the name change, the website linked to the old name was shut down. In situations like that, the normal practice is to de-activate the old domain name, but retain it to prevent abuse. However, that didn't happen with SAVE. The registration (which could have been kept for maybe ten euros a year) was allowed to lapse. As a result, it became available for anyone to register at the end of its quarantine period.

Data leaked via old e-mail addresses

Automated processes at SAVE sent non-encrypted case files to various e-mail addresses, including some linked to the old domain name. Two whistle-blowers then re-registered the disused domain name, enabling them to receive data sent to the defunct addresses. That's because a domain's new registrant is like someone who buys a new house: they receive post meant for the previous owner, if that person forgets to tell everyone that they've moved.

A warning to others

The whistle-blowers are now warning about carelessness in the care sector. They believe that there are probably dozens of similar organisations that have let disused domain names lapse, meaning that they're available for anyone -- including crooks -- to re-register. SAVE's CEO Paul Janssen told RTL Nieuws, "We've acted to ensure that no further information leaks out this way, we've launched an enquiry, and we've sought external advice. We're also changing our security policy immediately."

Is your organisation in a similar position? Here's our advice:

1. Never simply cancel a domain name.

For years afterwards, there's a real risk that traffic will still be directed to the old name, accidentally or otherwise. If someone else innocently or maliciously re-registers your old domain name, all that traffic -- including potentially sensitive information -- will go to them. When you could have kept the name for a nominal annual fee!

2. Monitor your organisation's name or brand

We advise actively monitoring your organisation's name or brand. Various monitoring services are available, where new registrations are checked to pick up any that resemble the subscriber's brand. For example, the .nl zone includes many domain names that include the string 'jeugdzorg’ ('youth care'). There's probably nothing malicious about most of them, but it pays to be aware what's being registered, so that you can respond if and when there is a malicious registration.

Contact person:

Marnie van Duijnhoven, communication manager and spokesman

Marnie van Duijnhoven

Communication Manager / Spokesman