Privacy Policy for Go Do Iceland
1. Introduction
Go Do Iceland (“we”, “us”, or “our”) is committed to safeguarding your privacy and the security of your personal data. This Privacy Policy outlines how we collect, use, process, and protect your personal information when you visit or interact with our website, godoiceland.com, or otherwise engage with our services. We are dedicated to maintaining your trust by handling your personal data transparently, lawfully, and responsibly, in accordance with applicable data privacy laws, including the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).
2. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users and visitors of godoiceland.com and to the processing of personal data by us as the data controller. The data controller determines the purposes and means of the processing of your personal data. If you have any questions or concerns about the processing of your data, you may contact us at [email protected].
This policy does not apply to third-party websites, plug-ins, or services linked through godoiceland.com. We do not control and are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies separately.
3. Categories of Data We Process
We collect and process various categories of personal data when you use our site and services:
(a) Usage Data: Includes information about your interactions with our website, such as IP address, browser type, referring/exit pages, timestamps, page views, session duration, and usage patterns.
(b) Account Data: Includes your name, email address, telephone number, billing and shipping address, and login credentials when you create or maintain an account with us.
(c) Profile Data: Includes details related to your preferences, past purchases, browsing behavior, and any saved interests or activities.
(d) Communication Data: Consists of inquiries, feedback, support requests, chat history, and other communications between you and our support team.
(e) Technical Data: Includes details about your device such as operating system, device model, system settings, screen resolution, geographic location, and language preferences.
(f) Transaction Data: Encompasses payment details (excluding full credit card numbers), service orders, booking confirmations, delivery addresses, and purchase records.
(g) Preference Data: Includes your consent to receive marketing communications, your responses to promotional campaigns, and stated interests in our tours, activities, or services.
4. Legal Bases for Processing Personal Data
We rely on the following legal grounds to lawfully process your personal data:
– Consent: Where you have explicitly provided your consent, particularly for marketing communications and the use of non-essential cookies.
– Contractual Necessity: To fulfill and manage your bookings, provide customer support, and process transactions.
– Legal Obligation: To comply with legal and regulatory requirements, such as tax and accounting obligations.
– Legitimate Interests: To improve our services, secure our platform, understand how our website is used, and communicate with you about relevant products or offers. When relying on this basis, we ensure that your rights and freedoms are not overridden.
5. Your Rights
Under the GDPR and CCPA, you have the following rights, subject to applicable law:
– Right of Access: You can request a copy of the personal data we hold about you.
– Right to Rectification: You may request corrections to any inaccurate or incomplete data.
– Right to Erasure (“Right to be Forgotten”): You can request the deletion of your personal data where there is no longer a compelling reason for its continued processing.
– Right to Restrict Processing: You have the right to request we temporarily suspend processing of your data under certain circumstances.
– Right to Data Portability: You can request that we provide your data in a structured, commonly used, and machine-readable format so that you may reuse it for your own purposes across different services.
– Right to Object: You can object to processing when it is based on our legitimate interests or for direct marketing purposes.
– Right not to be subject to automated decision-making, including profiling: Where applicable, you may object to decisions made solely by automated means.
To exercise any of your rights, please contact us at [email protected]. We will respond to valid requests within a reasonable timeframe and as required by law.
6. Security Measures
We implement robust technical and organizational security safeguards to protect your data against unauthorized access, disclosure, alteration, and destruction. These measures include:
– End-to-end data encryption for transmissions and storage
– Multi-layered access controls and authentication protocols
– Regular data backup and disaster recovery plans
– Secure software development practices and code reviews
– Ongoing staff training in data privacy and security best practices
Despite these efforts, no security system is entirely infallible; therefore, we cannot guarantee absolute security.
7. International Transfers
As a global service, data you submit through godoiceland.com may be transferred to and processed in countries outside your residence, including jurisdictions which may not offer the same level of data protection. In such cases, we ensure appropriate safeguards are in place, such as the use of European Commission-approved Standard Contractual Clauses or frameworks recognized under applicable law, to ensure the adequate protection of your data.
8. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, unless a longer retention period is required or permitted by law. Specifically:
– Usage Data: Retained for 12 months for analytics and performance improvement
– Account and Profile Data: Retained while your account remains active and up to 36 months after closure
– Communication Data: Retained for 24 months for support quality and audit purposes
– Transaction Data: Retained for 7 years for accounting and compliance purposes
– Preference Data: Retained as long as consent is valid and no unsubscription is received
Data no longer required is securely deleted or anonymized in accordance with our data disposal protocols.
9. Cookie Policy
godoiceland.com uses cookies and similar technologies to enhance your experience and to analyze traffic. Cookies fall into the following categories:
– Essential Cookies: Required for the operation of the website, including secure login, cart functionality, and page navigation.
– Functional Cookies: Enable enhanced functionality like language selection and storing user preferences.
– Analytics Cookies: Collect aggregated usage statistics to understand how visitors interact with the site (e.g., Google Analytics).
– Performance Cookies: Help monitor system performance, error tracking, and improve site responsiveness.
10. Cookie Management and Compliance
In compliance with GDPR and CCPA, you are provided with clear choices about your cookie preferences:
– On your first visit to godoiceland.com, we will present a cookie banner requesting your consent to use non-essential cookies.
– You may modify or withdraw your cookie consent preferences at any time via our Cookie Settings portal, accessible from the website footer.
– Opt-out mechanisms for third-party advertising and tracking cookies are provided where applicable.
Note: Essential cookies do not require consent but are disclosed for transparency.
11. Children’s Privacy
We do not knowingly collect or solicit personal data from children under the age of 13. If we become aware that we have inadvertently collected data from a child without verified parental consent, we will delete such information promptly. Parents or guardians who believe their child has provided us with personal information should contact us immediately at [email protected].
12. Policy Updates and Amendments
We reserve the right to modify or update this Privacy Policy at any time to reflect changes in legal, regulatory, or operational requirements. Substantive updates will be posted to this page and, where appropriate, communicated directly to you through available contact methods. We encourage you to review this page periodically to stay informed about our privacy practices.
13. Contact Us
If you have questions, requests, or concerns about this Privacy Policy or your personal data, please contact us at:
Privacy and responsible data stewardship are central to everything we do at Go Do Iceland. We remain steadfast in our commitment to full compliance with all applicable data protection laws and welcome your feedback in helping us uphold these standards.