Privacy Policy for Go Do Iceland
At Go Do Iceland (godoiceland.com), your privacy is of paramount importance to us. We are committed to protecting your personal data and ensuring transparency and fairness in all our data processing practices. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website, interact with us, or use our services. Your trust is central to our operations, and we are dedicated to processing your personal data with the highest level of integrity, in full compliance with applicable data protection laws including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of godoiceland.com and related communications. Go Do Iceland acts as the data controller for the personal data you provide through our website or other interactions with our company. This means we determine the purposes and means by which your data is processed.
2. Categories of Data We Process
We collect and process the following categories of personal information in connection with the operation of our website and the provision of our services:
a. Usage Data
Includes data automatically collected when you interact with our website, such as your IP address, browser type, device identifiers, referring URLs, session duration, and pages visited.
b. Account Data
Information you provide when creating an account or booking a service, which may include your full name, email address, postal address, and telephone number.
c. Profile Data
Includes your preferences, service history, travel interests, language settings, and behavior on our website (for example, products and services you view or book).
d. Communication Data
Includes details of your communications with us through customer service channels, such as support requests, chat logs, and responses via email or contact forms.
e. Technical Data
Information about the technology you use to access our site, including device type, operating system, software versions, and system configuration settings.
f. Transaction Data
Includes details about payments made through our site, billing addresses, order history, and delivery information related to product or service purchases.
g. Preference Data
Includes your marketing and communication preferences, including opt-in status for newsletters and information about product categories or tours you’ve shown an interest in.
3. Legal Bases for Processing Personal Data
We process your personal data under a number of valid legal bases, including:
– Contractual Necessity: To fulfill our obligations in providing products or services that you have requested or purchased.
– Legitimate Interests: To improve our services, prevent fraud, personalize your user experience, and ensure security and usability of the site.
– Consent: Where you have explicitly provided consent (e.g., for receiving marketing emails or being tracked through cookies).
– Legal Obligation: Where required to comply with applicable laws and regulatory requirements.
4. Your Rights Under GDPR and CCPA
Depending on your location, you may have the following rights under data protection regulations:
– Right of Access: You have the right to request a copy of the personal data we hold about you.
– Right to Rectification: You may request that we correct any inaccurate or incomplete data.
– Right to Erasure: Also known as the “right to be forgotten,” allowing you to request the deletion of your data under certain conditions.
– Right to Restriction of Processing: You have the right to suspend the processing of your personal data in certain scenarios.
– Right to Data Portability: You can request to receive your data in a structured, machine-readable format or for us to transfer it to a third party.
– Right to Object: You may object to the processing of your personal data for direct marketing or under legitimate interest grounds.
– Right to Not Be Subject to Automated Decision-Making: We do not conduct profiling or automated decisions that produce legal or similarly significant effects.
To exercise any of these rights, please use the contact information provided at the end of this policy.
5. Security Measures
We implement appropriate technical and organizational measures to secure your personal data, including but not limited to:
– Encryption of data both at rest and in transit
– Secure access controls and authentication requirements
– Firewall and intrusion detection systems
– Regular backup of critical systems and data
– Employee training on data protection policies and practices
6. International Data Transfers
Where personal data is transferred outside the European Economic Area (EEA) or the United States, we ensure appropriate safeguards are in place. These may include contractual clauses approved by the European Commission, adherence to the EU-U.S. Data Privacy Framework, or relying on other adequacy decisions for the receiving jurisdiction.
7. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected or to comply with legal, regulatory, or contractual obligations.
– Usage Data and Technical Data: Retained for up to 14 months for analytics purposes.
– Account Data: Retained for the duration of the customer relationship and up to seven years thereafter to comply with legal obligations.
– Transaction Data: Retained as required by financial and tax laws, generally for seven years.
– Communication Data: Retained for up to five years to resolve disputes or maintain service continuity.
– Profile and Preference Data: Retained as long as your account remains active or until consent is withdrawn.
8. Cookie Policy
We use cookies and similar technologies to enhance your experience on godoiceland.com. These include:
– Essential Cookies: Required for the proper functioning of the website (e.g., logging in, maintaining sessions).
– Functional Cookies: Enable enhanced functionality and personalization.
– Analytics Cookies: Help us understand how visitors interact with our site by collecting and reporting information anonymously.
– Performance Cookies: Used to monitor site performance and allow us to improve accordingly.
9. Cookie Management and Compliance
On your first visit to our website, you will be presented with a cookie banner requesting your consent to non-essential cookies, in compliance with GDPR and CCPA. You may manage your cookie preferences at any time by adjusting your browser settings or using our site’s cookie control mechanism. If you are a resident of California, you may opt out of the “sale” of your personal data pursuant to the CCPA.
10. Special Protections for Children
Our services are not directed to individuals under the age of 13. We do not knowingly collect, store, or process personal data from children under 13 years of age. If we become aware that such data has been collected without verified parental consent, we will delete it promptly.
11. Updates to This Policy
We reserve the right to update this Privacy Policy to reflect changes in legal obligations, data practices, or the features of our services. We will notify users of material changes via our website or through direct communication where appropriate. We encourage you to review this policy periodically to remain informed about how we protect your information.
12. Contact Us
Should you have any questions, concerns, or requests regarding this Privacy Policy or how your personal data is handled, you may reach us at:
We comply with all applicable privacy regulations and are committed to ensuring your rights and data are protected at all times. Please do not hesitate to contact us if you have questions about your data or your rights under this policy.