I was trying to register a domain with a TLD that's only available in a few registrars. Njal.la was too expensive, and I hadn't heard much of Epik in the past, so after a bit of research I chose to sign up on Gandi and get things done as fast as possible.

As soon as I signed up I noticed there was no way to check if the domain being registered would come with whois privacy by default, which was a huge red flag for me as I don't want any of my personal details exposed. This red flag was enough for me to keep looking for registrars, so I started looking for the "delete my account" button, only to find out after 2 hours that there wasn't one.

I messaged them on their support email, from the email on which the account was registered, and they replied fairly quick asking me for a photo of my ID on top of all the personal data that I had already given them.

The account was also unverified. I imagine this can also mean that if somebody registers an account there with your email, you will need to send them a picture of your ID to get it removed, which in the end proves absolutely nothing because they could register it on somebody else's name and just use your email for some reason. I really hope it's not the case.

Sorry if the text is poorly structured or I have any grammar mistakes. English is not my first language. I just wanted to get this out there.