This FAQ will explain the role of WHOIS Domains Privacy
The below article will discuss how people my find your details after you register a domain name, and what you can do to prevent it.
After purchasing a domain name, you may find that you have received spam email.
Don’t worry, this is a common issue, and can affect almost anyone. This article will explain the issue, and show you what you can do to counter it.
Essentially, when any domain name is registered, all of the information is entered into a database called WhoIs, basically as a record of who owns which domain name for when there are multiple claims on the same domain name; its not dissimilar to registering a trademark, for example. Entering into this database is compulsory, and is done automatically when registering a domain name with 123 Reg, or any other domain name provider.
This database contains various contact information, such as your email address. Try running a search for your domain name here: www.who.is
As this is a publicly accessible database, people can access it and mine it for data. In this case, it may be that the company that emailed you to offer their website building services, have found your details, and seen that you have just purchased a domain name and have offered their services just in case you wanted them to build you a website. In some cases, some people would look to use this method to spread computer viruses, spyware, or for other malicious reasons. We would like to stress that these are 3rd party, and not affiliated with 123 Reg.
Currently, Domain Names with Domain Privacy from 123 Reg have their details withheld from the database to protect your anonymity. However, owing to recent changes surrounding the EU’s General Data Protection Regulation (GDPR), Domain Privacy is unavailable for new registrations.
These changes should mean that, for customers within the EU, your details are no longer available to users searching the WHOIS database.