Privacy Policy

This Privacy Policy explains what personal identifiable information (“Personal Data”) Svarmi collects from you and how we use that data.


DEFINITIONS

  1. PERSONAL DATA
  2. AFFECTED PERSON
  3. PROCESSING
  4. PROFILING
  5. ANONYMISATION
  6. PSEUDONYMISATION
  7. CONTROLLER
  8. PROCESSOR
  9. RECIPIENTS
  10. THIRD PARTY
  11. CONSENT


GENERAL INFORMATION ABOUT THE COLLECTION AND PROCESSING OF YOUR DATA

  1. SCOPE OF PROCESSING
  2. WHAT INFORMATION DOES SVARMI COLLECT?
  3. HOW DO WE USE YOUR PERSONAL DATA?
  4. CONTROLS FOR DO-NOT-TRACK FEATURES
  5. MINORS
  6. LEGAL BASIS OF PROCESSING
  7. HOW WE SHARE YOUR PERSONAL DATA
  8. SECURITY
  9. DATA RETENTION
  10. DATA PROTECTION RIGHTS
  11. DATA PROTECTION OFFICER
  12. CHANGES AND UPDATES TO THIS POLICY


COOKIE POLICY

  1. WHAT ARE COOKIES?
  2. COOKIES AND TRACKING TECHNOLOGIES USAGE
  3. DURATION OF STORAGE, OBJECTION AND DISPOSAL OPTIONS 


DEFINITIONS

Our privacy policy should be readable and understandable. To ensure this, we would first like to explain some of the terms used.


  1. PERSONAL DATA

Personal Data is all information about a specific or identifiable natural person. An identifiable natural person is a person that can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or one or more specific physical, physiological, genetic, mental characteristics, economic, cultural, or social identity of this natural person.



  1. AFFECTED PERSON

An affected person is any identified or identifiable natural person whose Personal Data is processed by the controller.


  1. PROCESSINGProcessing is any process or set of operations performed on Personal Data or Personal Data, whether automated, recorded, organized, structured, stored, adapted, or changed, accessed, consulted, used, transmitted, disseminated, or otherwise made available, directed, or combined, restricted, deleted or destroyed.



  1. PROFILING

Profiling is any form of automated processing of Personal Data consisting of the use of Personal Data to evaluate certain aspects of a natural person, in particular to analyse, or predict aspects of work performance, economic situation, health, personal preferences, interests, the reliability, the behaviour, the location or the movements of this natural person.


  1. ANONYMISATION

Anonymisation is the process of removing personal identifiers, both direct and indirect, that may lead to an individual being identified. Once data is truly anonymised and individuals are no longer identifiable, the data will not fall within the scope of the GDPR.


  1. PSEUDONYMISATION

Pseudonymisation is the processing of Personal Data in such a way that the Personal Data can no longer be assigned to a specific person without the use of additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that the Personal Data is not assigned to a specific or identifiable natural person.


  1. CONTROLLER

Responsible for processing is the natural or legal person, public authority, agency, or other body which, alone or in concert with others, determines the purposes and means of processing Personal Data; where the purposes and means of such processing are determined by the Union or Member State law, the controller or the specific criteria for their designation may be determined by the Union or Member State law.


  1. PROCESSOR

The processor is a natural or legal person, public authority, government agency or other body that processes Personal Data on behalf of the controller.


  1. RECIPIENTS

Recipient is a natural or legal person, agency, agency, or other entity to which the Personal Data is disclosed, whether or not it is a third party. However, authorities which may obtain Personal Data under a specific investigation under the Union or national law shall not be considered as beneficiaries. The processing of these data by these authorities will be in accordance with the applicable data protection rules for the purposes of processing.


  1. THIRD PARTY

Third parties are natural or legal persons, authorities, agencies, or bodies other than the data subject, the controller, the processor, and persons authorized to process Personal Data under the direct supervision of the controller or the processor.


  1. CONSENT

The consent of the data subject is any free, specific, informed, and unambiguous presentation of the data subject’s wishes, by which they declare their consent to the processing of the Personal Data concerning them by means of a declaration or a clear affirmation.


GENERAL INFORMATION ABOUT THE COLLECTION AND PROCESSING OF YOUR DATA


  1. SCOPE OF PROCESSING


Svarmi processes Personal Data only insofar as this is necessary to provide a functioning website and our content and services. 

We gather various types of Personal Data from our users, as explained further below, and we use this Personal Data for various business, commercial, and research purposes, including:

  • Related to our Services, including the personalization and improvement of our Services, allowing our users to set up their own accounts and provide them with products and services as requested by them, and to analyse how users use the Services;
  • To comply with legal obligations under applicable laws;
  • In collaboration with our partners; and 
  • To process billing information in connection with purchases of our products and services.

This privacy policy applies to all information collected through our website, web application and related features or products available therein (Services), and/or any related services, sales, marketing, or events.

In certain cases, we may also share some Personal Data with third parties, as described below.

Svarmi does not knowingly collect or process Personal Data from anyone under the age of 18. If you are under 18 years of age, please do not attempt to sign up for the Services or send any Personal Data about yourself to us. If we learn that we have collected Personal Data from a child under age 18, we will delete that information as quickly as possible. If you believe that a child under 18 may have provided us Personal Data, please contact us via email at privacy@svarmi.com.




  1. WHAT INFORMATION DOES SVARMI COLLECT?

We collect Personal Data directly from you, and automatically from your device and browser when you use our Services and have collected Personal Data from these categories of sources.

In connection with Svarmi Services, we obtain the following categories of Personal Data:


  • Name, email address, phone number;
  • Demographic information, such as your address;
  • Internet or other electronic network activity information, including information about your IP address and browser when you access our Services;
  • Geolocation data;
  • Commercial information, such as your purchase history; and
  • Professional related information, such as job title, education, and employer.


Some information may be required to register with us or to take advantage of some of our features. We request and require your explicit consent before processing any Personal Data, where required to do so by applicable law.

When you use our Services, we seek to automatically receive and record information on our server logs from your browser or device, which may include geolocation data, cookie information, device identification, IP address, the type of browser and/or device you’re using to access our Services, and the page or feature you requested. 

Svarmi does not process or seek to collect special categories of Personal Data revealing political opinions, religious beliefs, ethnic origin, or trade union membership, and the processing of genetic or biometric data for the purpose of uniquely identifying an individual, health data or data concerning sexual orientation. 



  1. HOW DO WE USE YOUR PERSONAL DATA?


We use may use the Personal Information we obtain about you to:

  • operate, maintain, enhance, and provide features of the Svarmi Services, to provide services and information that you request, to respond to comments and questions and otherwise to provide support to users, and to process and deliver entries and rewards in connection with promotions that may be offered from time to time by Svarmi.
  • understand and analyse the usage trends and preferences of our users, to improve the Svarmi Services, to evaluate and improve the quality of our products and services, and to develop new products, services, features, and functionality (including anonymization of Personal Data).
  • contact you for administrative, informational, and marketing purposes. This may include providing customer service or sending communications, including updates on promotions and events, relating to products and services offered by us and by third parties we work with. Where required under applicable law, we obtain appropriate consent to send you marketing communications.
  • comply with applicable legal requirements and industry standards and our policies.
  • enforce our Terms of Service.
  • manage our vendor and partner relationships.
  • process your information as necessary to consider you for, and assess your suitability for, employment opportunities with Svarmi.
  • In addition, we may use information we automatically collect when you use certain Svarmi Services to: (i) analyse your preferences in order to personalize or customize the Svarmi Services and provide customized advertisements, content, and information; (ii) monitor and analyse the effectiveness of the Svarmi Services and third-party marketing activities; and (iv) monitor aggregate site usage metrics such as total number of visitors and pages viewed.


We may process your Personal Data for the above purposes when:

  • You consented to the use of your Personal Data. For example, we may seek to obtain your consent for our use of cookies and similar technologies, or to send you marketing communications. We may use this data to introduce Content for you that we believe might be of interest to you, based on your usage patterns. We may also use it to improve the Services, where we use data on feature usage to prioritise what to develop and improve further.
  • We need your Personal Data to provide you with products and services requested by you, or to respond to your inquiries.
  • The processing is necessary for compliance with a legal obligation.
  • We, or a third party, have a legitimate interest in using your Personal Data, such as to ensure and improve the safety, security, and performance of our products and services, to anonymise Personal Data and carry out data analyses.



  1. CONTROLS FOR DO-NOT-TRACK FEATURES


Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy.


  1. MINORS


You must be an individual of legal age to use the Services. We do not knowingly collect or solicit Personal Data from anyone under the age of 18. If you have not reached the age limit, do not use the services, and do not provide us with your personal information. 

If you are a parent of a child below the age limit and you learn that your child has provided Svarmi Personal Data, please contact us at privacy@svarmi.com and insist on exercising your rights of access, correction, cancellation and / or opposition. 

If you are resident in California and are under 18 years of age and wish to erase publicly available content, please contact us at privacy@svarmi.com.


  1. LEGAL BASIS OF PROCESSING

The legal basis we rely on for processing Personal Data are:

  • Your consent.  Insofar as we obtain the consent of the data subject, consent serves as the legal basis.  You are able to remove your consent at any time. You can do this by contacting privacy@svarmi.com.  
  • We have a contractual obligation.  The performance of a contract with Svarmi to which the data subject is party or to processing operations required to carry out pre-contractual actions.
  • For compliance with a legal obligation to which Svarmi is subject.
  • In order to protect the vital interests of the data subject or of another natural person.
  • Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in Svarmi as the controller.
  • For the purposes of the legitimate interests pursued by Svarmi or by a third party, except where such interests are overruled by fundamental rights and freedoms of the data subject which require protection of Personal Data, particularly in cases where the data subject is a child.

Svarmi may communicate with you if you’ve provided the means to do so and given your explicit consent. This includes promotional email offers on behalf of other businesses or email you about your use of the Services. If you do not want to receive communications from us, please indicate your preference by either utilizing the “Unsubscribe” functionality at the bottom of our emails or by sending an unsubscribe request to privacy@svarmi.com



  1. HOW WE SHARE YOUR PERSONAL DATA

We will not disclose your Personal Data to third parties except as described in this Policy or as we disclose to you at the time the information is collected. 

Svarmi does not rent nor sell your Personal Data to anyone. However, we may share your Personal Data from any of the categories we collect with third parties as described below. If we use third-party processors, Svarmi will seek to ensure adequate technical and organizational measures exist at such third-party processors to safeguard Personal Data. To the extent any features or linked websites you visit are not owned or operated by Svarmi, we are not responsible for these websites’ content, use, or privacy practices.

Svarmi may anonymize your Personal Data and provide non-personally identifiable information to our partners. We may also provide Service usage information to our partners, who may use such information to understand how often and in what ways people use our Services, so that they, too, can provide you with an optimal online experience. However, we never disclose information to a partner in a manner that would identify you personally, as an individual.


Affiliated Businesses. In certain situations, businesses, or third-party websites we’re affiliated with may sell or provide products or services to you through or in connection with the Services (either alone or jointly with us). You can recognize when an affiliated business is associated with such a transaction or service, and we will share your Personal Data with that affiliated business only to the extent that it is related to such transaction or service.


Contracted Representatives. We may hire other companies and people to perform tasks on our behalf and need to share your information with them. These include:

  • Third-party entities which process Personal Data on our behalf for IT, system administration and hosting, payment processing, marketing, research, analytics, client support, data enhancement;
  • Sponsors or event managers of events for which you register; and
  • Advisors who provide consultancy, legal, insurance, financial, and accounting services.

We may share information about how you use our Services with our partners, such as distribution partners who may broker our Services to you.


Business Transfers.

We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. If you have would like to remove your data from our database in the event of such transfers, please do so by sending a written request to privacy@svarmi.com.


Legal Obligations.

Svarmi may process your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).


International Transfers.

Svarmi may transfer or disclose Personal Data we collect about you to recipients in countries other than your country. These countries may not have the same data protection laws as the country in which you initially provided the information. When we transfer or disclose your Personal Data to other countries, we will protect that information as described in this Privacy Policy.

If you are located in the European Economic Area (“EEA”) or in the UK, we comply with applicable legal requirements to provide adequate safeguards for the transfer of your Personal Data to countries – other than the country where you are located – that are not considered by the European Commission and the UK Government to offer an equivalent level of protection of privacy to the one applicable in the EEA and the UK. In particular, we may transfer Personal Data to countries for which adequacy decisions have been issued, use contractual protections for the transfer of Personal Information, such as Standard Contractual Clauses, or collect your consent. You may contact us at privacy@svarmi.com to obtain a copy of the safeguards we use to transfer Personal Information outside of the EEA and the UK.



  1. SECURITY


We maintain appropriate administrative, technical, and physical safeguards to protect Personal Data against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Data in our possession. 

We restrict access to Personal Data about you to those employees who need to know that information to provide products or services to you. 

Please be aware that no security measures are perfect or impenetrable and thus we cannot and do not guarantee that your information will not be accessed, viewed, disclosed, altered, or destroyed by breach of any of our physical, technical, or organizational safeguards, subject to requirements under applicable law to ensure or warrant information security.



  1. DATA RETENTION

We retain information as long as it is reasonably necessary and relevant for our operations. We take measures to delete your Personal Data or keep it in a form that does not permit identifying you when this information is no longer necessary for the purposes for which we process it or when you request their deletion unless we are required or permitted by law to keep the information for a longer period. We will only retain your Personal Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal requirements.

We may retain Personal Data from closed accounts to comply with the law, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigation, and enforce our Terms and Conditions or other agreements.

When we no longer need your Personal Data, we will securely delete or destroy it. We will also consider if and how we can minimize over time the Personal Data that we use, and if we can anonymize your Personal Data so that it can no longer be associated with you or identify you, in which case we may use that information without further notice to you.



  1. YOUR DATA PROTECTION RIGHTS

In the settings on your account, you may access, and, in some cases, edit or delete information you have provided, including your name and password and email address.

Under data protection law, you also have rights including:

  • Your right of access - You have the right to ask us for copies of your Personal Data. 
  • Your right to rectification - You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. 
  • Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances. 
  • Your right to restriction of processing - You have the right to ask us to restrict the processing of your information in certain circumstances. 
  • Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances.
  • Your right to data portability - You have the right to ask that we transfer the information you gave us to another organisation, or to you, in certain circumstances.
  • You are not required to pay any charge for exercising your rights. 

If you wish to exercise your rights.  Please contact us at privacy@svarmi.com

Without prejudice to any other administrative or judicial remedy, you have the right to complain to the Data Protection Authority in the event of a dispute regarding the processing of your Personal Data. However, we hope that you will seek us first with privacy issues so we can assist you. If you choose to turn directly to privacy, you can send an email to the email address: postur@personuvernd.is



  1. DATA PROTECTION OFFICER

Svarmi has appointed a Data Protection Officer (DPO) to manage any data requests and handle any data issues or data breaches. 

Should you require further information concerning this Privacy Policy or any other information, it should refer to the DPO by correspondence or email. The DPO will respond to the query as soon as possible. 


Svarmi ehf, – Data Protection Officer 

Árleyni 22

112 Reykjavík 

Iceland

email: privacy@svarmi.com


  1. CHANGES AND UPDATES TO THIS POLICY

We’re constantly trying to improve our Services, and in that pursuit, we may have to amend this Privacy Policy accordingly, but we will alert you to changes by updating the Privacy Policy webpage, and as otherwise required by law. If you wish to continue using the Services after any changes to the Privacy Policy have been posted, we may request and require your agreement to the changes.



COOKIE POLICY


  1. WHAT ARE COOKIES?


Web-Browser-Cookies. 

A web browser cookie is a small text file sent from a website to your computer or mobile device where it is stored by your web browser. Web browser cookies may store information such as your IP address or other identifier, your browser type, and information about the content you display and interact with on the digital services. By storing such information, web browser cookies can store your preferences and settings for online services and analyse how you use online services.


Tracking Technologies: Web Beacons / Gifs, Pixels, Page Tags, Script. 

Emails and mobile applications can contain small, transparent image files or lines of code to record how you interact with them. This information is used to help website and app publishers better analyse and improve their services.


  1. COOKIES AND TRACKING TECHNOLOGIES USAGE

When you use our Services, we seek to automatically receive and record information on our server logs from your browser or device, which may include geolocation data, cookie information, device identification, IP address, the type of browser and/or device you’re using to access our Services, and the page or feature you requested. 


Svarmi website works with different types of cookies. Session cookies are generally deleted when a user leaves the website. Persistent cookies, however, are saved on a user's computer or device and remember your actions or choices on Svarmi´s website.


Essential cookies such as statistical cookies and functionality cookies enable features on Svarmi´s website that are a prerequisite for using the website so that they can be used as intended and are therefore not required to consent to their use but are based on Svarmi´s legitimate interests. Essential cookies are usually first-party session cookies that are used exclusively by Svarmi.


First-party cookies

are not a prerequisite for using Svarmi´s website. They nonetheless play an important role in the use and functionality of sites as they facilitate use, for example by prefilled forms and forms and remembering settings. First-party cookies only send information about you to Svarmi requests your consent to use it.


When accessing our website, the user is informed about the use of cookies for analysis purposes and his consent to the processing of the personal data used in this context is obtained. The purpose of using technically necessary cookies is to facilitate the use of websites for users. Some features of our website cannot be offered without the use of cookies. The use of the analysis cookies is for the purpose of improving the quality of our website and its contents. Through the analysis cookies, we learn how the website is used and so we can constantly optimize our offer.


Third-party cookies

are due to services purchased by Svarmi from third parties, such as analytics and advertising cookies. By doing so, Svarmi can better adapt the sites to users' needs, better analyse the use of sites, and create marketing content and ads tailored to specific audiences. For example, by looking at:


  • Number of guests, number of visits from guests, date, and time of visit
  • Which pages within websites are viewed and how often
  • Type of files downloaded from the websites
  • Which device, operating system, or browser type is used for viewing
  • Which keywords from search engines refer to the websites
  • Third-party cookies send information about you to another third-party website such as Google, YouTube, or Facebook. These third parties can also place cookies in your web browser and in this way access information about your visits to Svarmi´s website and what content you are interested in viewing.


We may use this data to introduce Content for you that we believe might be of interest to you, based on your usage patterns. We may also use it to improve the Services, where we use data on feature usage to prioritize what to develop and improve further.


  1. DURATION OF STORAGE, OBJECTION AND DISPOSAL OPTIONS 


Cookies are stored on the computer of the user and transmitted by this on our side. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Already saved cookies can be deleted at any time. This can also be done automatically. If cookies are disabled for our website, it may not be possible to use all the functions of the website to the full.


Please note you may change the preferences on your browser or device to prevent or limit your device’s acceptance of cookies, but this may prevent you from taking advantage of some of our features. By clicking on third-party website or service, such third party may also transmit cookies to you. 


Our Privacy Policy does not cover the use of cookies on sites operated by third parties, and we aren’t responsible for their privacy policies and practices. Please be aware that cookies placed by third parties may continue to track your activ