SOFTWARE PRIVACY STATEMENT
Welcome to the privacy statement of Klappir Grænar Lausnir hf. (“Klappir”, “Company”, “we”, “our”).
Our clients’ data security is of great importance to us. We are aware that some of the information collected, processed and presented on Klappir software services could be regarded as personal data. We are determined to protect it to the fullest extent possible and have we taken the appropriate steps to ensure we are compliant with the General Data Protection Regulation (GDPR).
This privacy statement will inform you as to how we look after your personal data when you visit our website and use our services and tell you about your privacy rights and how the law protects you.
PURPOSE OF THIS PRIVACY STATEMENT
This privacy statement aims to give you information on how Klappir collects, processes and presents personal data through your use of our software, including any data you may provide when you subscribe to or log on to our services.
If you have any questions about this privacy statement, including any requests to exercise your legal rights, please contact us using the details set out below:
Klappir Grænar Lausnir hf.
Address: Austurstræti 17, 101 Reykjavík, Iceland.
Tel: +354 5193800
THE DATA WE COLLECT
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Identity Data includes first name, maiden name, last name, username or similar identifier, title and user image.
- Contact Data includes e-mail addresses and telephone numbers.
- Transaction Data includes details about payments for services.
- Technical data includes internet protocol (IP) address, your login data, browser type and version, time zone settings and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Profile Data includes your log in details, preferences, and feedback.
- Usage Data includes information on how you use our website and services.
Where we need to collect personal data under the terms of an agreement we have with you and you fail to provide that data when requested, we may not be able to perform the agreement we have or are trying to enter into with you to provide you with our services.
HOW IS YOUR PERSONAL DATA COLLECTED
We use different methods to collect data from and about you including through:
- Direct interactions. You may give us your identity and contact data by filling in forms or by corresponding with us by post, phone, e-mail or otherwise. This includes personal data you provide when you apply for our products or services or give us some feedback.
- Automated technologies or interactions. As you interact with our website, we may automatically collect Usage Data and Technical Data about your equipment, software usage, and patterns. We collect this personal data by using cookies and other similar technologies.
- Third parties or publicly available sources. As you engage in our services, you may choose to give us access to your data from third-party data sources. Although most of the raw data collected from the third-party data sources does not consist of personal data, it may be possible for you to relate it with an identified or identifiable individual, thus turning it into personal data.
HOW WE USE YOUR PERSONAL DATA
We will only use your personal data in accordance with the law. Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the agreement we are about to enter into or have entered into with you.
- Where we need to comply with statutory obligations.
CHANGE OF PURPOSE
We will only use your personal data for the purposes for which we collected it unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
TRANSFER OF DATA
We may transfer your personal data to third parties, such as cloud storage services, to make it possible for us to provide you with our services. Some of these parties may be located outside the European Economic Area (EEA).
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for the specified purposes and in accordance with our instructions.
Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield, which requires them to provide similar protection to personal data shared between Europe and the US.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any statutory requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
YOUR LEGAL RIGHTS
Under certain circumstances, you or those whose personal data you share with us, have rights under data protection laws. These rights include:
- Requesting access to personal data.
- Requesting correction of personal data.
- Requesting erasure of personal data.
- Objecting to the processing of personal data.
- Requesting restriction of processing personal data.
- Requesting transfer of personal data
- Right to withdraw consent.
If you wish to exercise any of the rights set above, please contact us.
We try to respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.