Privacy statement
1st edition, updated 28 April 2022
In general
At Ferðavefum, we attach great importance to personal protection and take the utmost care when handling all personal information. We work either as a responsible party or a processor according to the Personal Protection Act (90/2018). We are committed to providing transparent and fair processing of information. In this privacy statement, we will inform you about us, why and how we use personal information and about your rights regarding your personal information held by us.
Who are we?
We are Ferðavefir ehf. and we are registered at Sigtún 29, 105 Reykjavík. You can reach us at 554-5414 or send us an email at upplysingar@ferdavefir.is
You can send a written inquiry to the company about the handling of personal information to the email address benedikt@ferdavefir.is.
What is personal information?
General personal information is all information that can be traced to individuals, eg name, social security number, address, email address and telephone number.
Sensitive personal information is specifically mentioned in the law, but it is information about race, ethnic origin, political opinions, religion, outlook on life and membership of a trade union. It also includes health information, sexual behavior information, genetic information and biometric information.
How we use your information
The company undertakes to process personal data in a lawful manner and that personal data is not processed out of compliance with the original purpose of the processing. The purpose of the processing may change, but in those cases the data subject will be notified.
Personal information is only collected for clear purposes. The company will not collect more information about individuals than is necessary.
Information may be shared with processors, i.e. service providers, agents and/or developers but this will only be done in order to provide services and/or to deliver a product that you have requested and accepted.
Travel websites undertake to take appropriate technical and organizational measures for information security when personal information is communicated to the aforementioned parties.
Processing of information refers to the use or treatment of personal information, for example, in order to provide services.
What Information We Collect
Ferðvevir strives to collect only the information that the company needs in order to provide a specific service.
In general, your personal information is only stored if you provide it to us on your own initiative, but the information is stored in order to be able to provide the requested service, fulfill contracts, protect the legitimate interests of the company or fulfill a legal obligation.
Our website automatically collects IP addresses and basic information about your browser, but additional information may be recorded on the server that hosts the website. The collection is automatic, but the data is only used for Ferðavefi’s legitimate interests, for example due to cyber attacks on a website.
Information retention period
Information about individuals that comes into our custody will only be stored until it is no longer necessary to store it or during a retention period. Retention periods may change due to customer requests or legitimate interests, such as to ensure data security or criminal prosecution.
Your right
You have the right to contact us and receive information about your data at the email address upplysingar@ferdavefir.is .
Your right is this:
• The right to receive information about the processing of information
• The right to restrict the processing of information
• The right to have information about you handed over to another data controller
• The right to receive a copy of your personal information
• Right to object to processing
• The right to have information about you deleted
• The right to have incorrect or inaccurate information corrected
• The right to withdraw consent and stop the processing of information
• The right to submit a complaint to Personal Protection
In some cases, it is impossible for the company to comply with a request, for example if the company is obliged by law to store information. In cases where it is impossible for the company to fulfill your request, it will be rejected. But it can also be done on the basis of intellectual property rights or the rights of other parties, for example due to privacy.