This is the privacy policy for Geysir Miners. This Policy explains how and why we collect and use personal information, and what we do to ensure it is kept private and secure.

For the purposes of data protection law, we will be a controller of the personal information we hold about you. This means we make decisions about how and why your information is used and have a legal duty to make sure that your rights are protected when we do so. If you have any questions about our Privacy Policy, please contact our support team via e-mail at: contact@geysirminers.com

THE PERSONAL INFORMATION WE COLLECT

• Your name
• Your email address
• If you contact us or make an order inquiry, we may keep a record of that correspondence.
• If you have interacted with us via social media (e.g., by liking our Facebook page or connecting with us on Instagram), we may contact you via those platforms.

Special Category Data (also known as sensitive personal information)

We do not collect any special categories of personal information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data).

COOKIES

A cookie is a small file of letters and numbers that we store on your browser or device if you agree. We use the following types of cookies:

• Strictly necessary cookies: These are cookies that are required for the operation of our Website. They include, for example, cookies that enable you to make an order.
• Analytical/performance cookies: These cookies allow us to recognize and count the number of visitors and to see how visitors move around our Website. This helps us to improve the way our site works, for example, by ensuring that users are finding what they are looking for easily.

HOW WE USE YOUR PERSONAL INFORMATION

We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:

• With your consent
• Where we need to perform a contract with you (e.g., when you make an order with us)
• Where we need to comply with a legal or regulatory obligation

We may use personal information held about you in the following ways:

• To confirm orders following an inquiry
• To fulfill orders you place with us
• To advise you of special offers and discounts
• To respond to queries you send us

When contacting you for any of the above purposes, we may do so by phone or email. Your data will be treated in accordance with applicable data protection law. It will not be disclosed to anyone outside Geysir Miners, our group, and any other parties named or described in section 8 below.

LEGITIMATE INTERESTS

We may rely on legitimate interests to process your personal information, provided that your interests do not override our own. Where we rely on legitimate interests, these interests are:

• To keep our records updated and to study how our Website and other services are used
• To administer and protect our business and web presence (including troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting)
• To inform our marketing strategies
• To grow our business

KEEPING YOUR PERSONAL INFORMATION SAFE

We employ a variety of physical and technical measures to keep your personal information safe and to prevent unauthorized access to, use, or disclosure of it. We control who has access to your data (using both physical and electronic means).

STORAGE AND RETENTION

Where do we store your personal information?

Electronic data and databases are stored on secure servers in Iceland, and we also use ConstantContact, a US company that participates and complies with the EU-U.S. Privacy Shield Network.

How long do we keep it?

We collect and store personal information for purposes connected with our business. As such, we will only retain your personal information for as long as necessary for those purposes.

If you place an order, we will keep your personal information for seven years from the date of your interaction with us. We feel that seven years is an acceptable time period to allow for any queries or cases to support a claim or otherwise. This is also the period within which tax-collecting authorities may demand to see and audit our records.

DISCLOSING YOUR PERSONAL INFORMATION

If we choose to sell, transfer, or merge parts of our business or our assets, we may disclose your personal information to the new owners of the business. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal information in the same way as set out in this policy.

DISCLOSURES REQUIRED BY LAW

We are subject to the law like everyone else. We may be required to give information to legal authorities if they so request or if they have the proper authorization, such as a search warrant or court order.

YOUR RIGHTS

We want you to remain in control of your personal information. Part of this is making sure you understand your legal rights, which are as follows:

• Where your personal information is processed on the basis of consent, the right to withdraw that consent
• The right to confirmation as to whether or not we are holding any of your personal information and, if we are, to obtain a copy of it
• From 25 May 2018, the right to have certain data provided to you in a portable electronic format (where technically feasible)
• The right to have inaccurate personal information rectified
• The right to object to your personal information being used for marketing or profiling, or on the basis of our or a third party’s legitimate interest
• The right to restrict how your personal information is used
• The right to be forgotten, which allows you to have your personal information erased in certain circumstances (though this is not an absolute right and may not apply if we need to continue using it for a lawful reason)

If you would like further information about any of your rights or wish to exercise them, please contact us using the details given in section 1.

Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so (for example, because the information no longer exists or there is an exception that applies to your request). If you are not happy with our response, or you believe that your data protection or privacy rights have been infringed, you should contact the The Data Protection Authority, which oversees data protection compliance in Iceland.

UPDATING THIS POLICY

We may update this Policy at any time. We encourage users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we hold.