Last updated: May 5th 2021 

This Privacy Notice was developed by Ghostlamp ehf (we, our, or us) and applies to personal information collected from visitors to our website, www.ghostlamp.com; registered users of our services; and the internet. 

It describes how personal information is collected, for what purposes it is collected, how we share it, how we handle the content you place in our services, and the steps we take to secure this information.

Contents

  1. ​Why do we collect personal information
  2. ​When do we collect personal information
  3. ​How do we collect your personal information
  4. ​How do we use your personal information.
  5. ​How and when do we share your personal information
  6. ​International Data Transfers
  7. ​How long do we store your personal information
  8. ​Data Security
  9. ​Automated decision-making
  10. ​Other Privacy Laws and Regulations
  11. ​Your Rights Concerning Your Personal Information
  12. ​Complaints
  13. ​Changes to the Privacy Notice
  14. Contacting Us

1. Why do we collect personal information

Personal information is information about you that can be used alone, or combined with other information, to identify you personally.  Personal information is a broad concept and includes a wide range of information such as, name, email address, mailing address, IP addresses and cookie identifiers.  Personal information does not include information that has been anonymized such that it does not allow for the identification of a specific individual.

We collect personal information to operate effectively, and to provide you the best experiences with our services.

2.When do we collect personal information

We collect personal information from you when: you visit our websites, become a registered user of our services, and/or from publicly available sources on the internet.

If you choose not to provide us with personal information when requested, we may not be able to provide you with the information and/or services you have requested or otherwise fulfill the purpose(s) for which we have asked for the personal information. Aside from this, your visit to our websites will remain unaffected.

3. How do we collect your personal information

We, and our service providers, collect personal information in a variety of ways.

If you choose not to provide us with personal information when requested, we may not be able to provide you with the information and/or services you have requested or otherwise fulfill the purpose(s) for which we have asked for the personal information. Aside from this, your visit to our websites will remain unaffected. 

From your submissions

When you are using our websites, sign up for our newsletter, and/or become a registered user of our services, you may be asked to provide some personal information, such as, your name, mailing address, e-mail address, telephone number, etc. 

From cookies, or similar technologies

Our websites use cookies.  To learn more about our use of cookies, please review our Cookie Notice.

Our third-party service provider MailChimp uses web beacons, which are tiny invisible graphics, and click tracking, which embeds tracking information into each click-through URL, to track who is opening our newsletters and subscriber engagement.

From third-party service providers

 In order to provide you with certain services, we may obtain personal information from our third-party service providers to verify and confirm the information you have submitted.  

From the internet

We may obtain personal information about you from publicly available sources on the internet, such as identifying information, contact information, demographic information, physical characteristics, and other information found on social networks.

4. How do we use your personal information

When we use your personal information, it will be (a) with your consent, or (b) for one of two basic purposes: (1) to operate our business and provide (including improving and personalizing) the products we offer, and (2) to send communications, including promotional communications. 

Operating our business

We use your information to provide and improve the products we offer and perform essential business operations. This includes operating the products, maintaining and improving the performance of the products, developing new features, conducting research, and providing customer support. Examples of such uses include the following:

  • Providing the products. We use your information to carry out your transactions with us and to provide our products to you.
  • Customer support. We use your information to diagnose product problems, and provide other customer care and support services.
  • Product improvement. We use your information to continually improve our products, including adding new features or capabilities.
  • Security, safety and dispute resolution. We use your information to protect the security and safety of our products and our customers, to detect and prevent fraud, and to resolve disputes and enforce our agreements.
  • Business operations. We use your information to develop aggregate analysis and business intelligence that enable us to operate, protect, make informed decisions, and report on the performance of our business.
  • Legal obligations. We use your information as required by law. 

Communications

We use your information to communicate with you and personalize our communications with you.

If your consent is the basis for our use of your personal information, then you have the right to withdraw your consent at any time. If you wish to withdraw consent, please email us in accordance with the “Contacting Us” section.

 5. How and when do we share your personal information 

Our service providers  

Some of the services we provide require the involvement of our third party service providers, such as web hosting providers, payment processor providers, communications providers, customer relationship management providers, and software providers. We have selected these third parties and taken steps to ensure that your personal information is protected by our service providers.  

We do not share your personal information with third parties for their marketing purposes (including direct marketing). 

Compliance with Laws and Legal Requests 

We may disclose your personal information to a third-party if we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request. 

Protection of Our Services

We may disclose your personal information to a third-party, if we believe it is reasonably necessary to (a) to enforce our agreements, policies and terms of service; (b) to protect the security or integrity of our products and services; (c) to protect our business, our customers, or the public from harm or illegal activities; or (d) to respond to an emergency which we believe in the good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person. 

Business Transfers

In the case of a sale, merger, consolidation, liquidation, reorganization, or acquisition, any acquirer will obtain your personal information subject to our obligations under this Privacy Notice. 

With Your Consent

We will share your Personal Data with third-parties when we have your consent to do so. 

6. International Data Transfers

Our services may be provided using resources and servers located in various countries around the world, including the USA and other countries. For example, our website is hosted on servers in the USA.

Your information may be transferred and processed by third-parties outside the country where you use our services, including to countries outside the European Economic Area (EEA), where the level of data protection may not be deemed adequate by the European Commission (i.e., where you have fewer rights in relation to your information).

We expect that our third-party service providers will comply with the terms of the European Union’s General Data Protection Regulation (GDPR), and that any international data transfers be made under a recognized basis such as the US-EU Privacy Shield, or EU Standard Contractual Clauses.

If you wish to know more about international transfers for your personal information, you may contact us as specified below.

7. How long do we store your personal information

We will retain your personal information for the length of time required for the specific purpose or purposes for which it was collected, that is set out in this Privacy Notice, plus an additional twelve (12) months, which allows you to resume use of our services without loss of data. 

Additionally, we may be required to store some data for a longer time, for example, where a longer period is required by applicable law or regulation. In such a case, we will ensure that your personal information will continue to be treated in accordance with this Privacy Notice.

8. Data Security

We seek to use reasonable organizational, technical and administrative measures to protect your personal information.

For example, our website is scanned on a regular basis for security holes, known vulnerabilities, and malware in order to make your visit to our site as safe as possible.  Communications with our website are encrypted using standard HTTPS using TLS.

We do not store or process any of your banking information on our servers and any forms handling such user input go through an encrypted connection.

Your personal information is contained in secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential.  Additionally, your personal information is stored in an encrypted form wherever possible.

Unfortunately, no data transmission or storage system can be guaranteed to be secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by emailing us in accordance with the “Contacting Us” section.

9. Automated decision-making

We may use automated decision-making for profiling purposes to determine approximate demographic information and physical characteristics.

10. Other Privacy Laws and Regulations

We comply with Icelandic Privacy Laws and Regulations (nr.90/2018).  We do not represent that we comply with the privacy laws and regulations in other jurisdictions.

11. Your Rights Concerning Your Personal Information

You have the following rights:

  1. To review, change, or delete your personal information.
  2. To object to direct marketing.
  3. To ask about how we are processing your personal information.
  4. To restrict our processing of your personal information.
  5. To have a copy of your personal information.
  6. To transfer your personal information from us to another person or business.

Should you wish to exercise any of your rights, or if you should have any questions concerning your rights, please contact us using the Contacting Us section. We will respond within one month.

12. Complaints 

 If you have any complaints about this Privacy Notice or are unsatisfied with any response we provided, you may complain to the Supervisory Authority in Iceland: 

The Icelandic Data Protection Authority

Rauðarárstígur 10

105 Reykjavík

Iceland

Tel. +354-510-9600

e-mail: postur@personuvernd.is

 

13. Changes to the Privacy Notice

When we update this Privacy Notice, we will revise the update date at the top of this page. Any changes to this Privacy Notice will become effective when we post the revised Privacy Notice. Your use of the services following these changes means that you accept the revised Privacy Notice. 

14. Contacting Us

We are:

Ghostlamp

Guðrúnartúni 8

105 Reykjavík

Iceland

+354 778 7777

If you have any questions or comments, please email us at info@ghostlamp.com.