In addition to the information required in section 29 of the Act, an application for registration must—
| (a) | contain the following particulars to identify and locate the cryptography provider: |
| (i) | Telephone and fax number, web site and e-mail address; |
| (ii) | the constitutive documents of the applicant which are, in the case of a legal person, certified copies of the Memorandum and Articles of Association, certificate of incorporation, founding statement, partnership agreement or trust deed, and in the case of a natural person, a certified copy of his or her ID book or passport, as the case may be; |
| (iii) | detailed profiles of trusted personnel of the applicant that have supervisory or managerial responsibilities; |
| (b) | contain the following particulars to identify and locate the cryptography provider's products or services: |
| (i) | physical address where a cryptography product is or will be produced, manufactured, created or distributed from; |
| (ii) | physical address where a cryptography service is or will be rendered, delivered, sold, made available or distributed from; |
| (iii) | full details of cryptography operations outsourced; |
| (iv) | name, address and contact details of any other cryptography provider that provides a cryptography service or product to the cryptography provider; |
| (v) | if the cryptography provider is a certification service provider, its certification practice statement and certificate policy; |
| (c) | contain the particulars required by section 29 of the Act and paragraph (a) of this regulation, to identify and locate an entity to whom cryptography operations have been outsourced; |
| (d) | contain particulars indicating whether the cryptography provider provides encrypted bugging and debugging equipment. |
