Private Iceland

Private Iceland is all about providing a truly unique and customized experience. We set ourselves apart from ordinary tours through our tailored itineraries, luxury accommodations, and personal style.

info@privateiceland.is +354 860 5565
info@privateiceland.is +354 860 5565
Top

Privacy Policy

1. Introduction

Private Iceland ehf. (“we”, “us”, “our”) is committed to protecting the personal data of visitors to this website and of prospective or existing clients. This Privacy Policy explains what data we collect, why we collect it, how we use it, and what rights you have under the General Data Protection Regulation (GDPR – EU Regulation 2016/679) and applicable Icelandic law.

By using this website, you acknowledge that you have read and understood this policy.

2. Data controller

Private Iceland ehf.
Skólagerði 61, 200 Kópavogur, Iceland
VAT: 630318-1490
Email: info@privateiceland.is
Phone: +354 860 5565

3. Data we collect and why

We collect personal data only to the extent necessary for the purposes described below.

CategoryData collectedPurposeLegal basis (GDPR)
Contact enquiriesName, email address, message content, and any other information you voluntarily provide via the contact formTo respond to your enquiry and provide information about our toursArt. 6(1)(b) – pre-contractual measures; Art. 6(1)(f) – legitimate interest
Booking & contractsName, email, phone number, nationality, travel dates, and any special requirementsTo fulfil a service contract and manage your bookingArt. 6(1)(b) – performance of a contract
Website analyticsIP address (anonymised), browser type, pages visited, session duration, traffic sourceTo understand how visitors use our website and improve its performanceArt. 6(1)(a) – consent (via cookie banner)

We do not collect sensitive categories of personal data (such as health information, religion, or political opinions) unless you voluntarily provide them in relation to a specific travel request (e.g. dietary requirements or accessibility needs), in which case we process them solely to fulfil your booking.

4. How we use your data

We use the personal data listed above exclusively for:

  • responding to enquiries and providing tour quotations;
  • preparing, concluding, and managing tour contracts;
  • communicating with you before, during, and after your trip;
  • improving the website based on aggregated, anonymised usage statistics;
  • complying with legal and regulatory obligations.

We do not use your data for automated decision-making or profiling.

5. Contact form

When you submit a message through our contact form (powered by Contact Form 7), the data you enter is transmitted directly to our email inbox. We do not store form submissions in the website database. Your message is retained in our email system for as long as necessary to handle your enquiry and any resulting contract.

6. Cookies and analytics

This website uses cookies. A detailed description of each cookie, its purpose, and its duration is available in our Cookie Policy, managed by Complianz. You can review and update your cookie preferences at any time via the cookie settings panel accessible in the footer of this page.

Google Analytics 4

If you consent to analytics cookies, we use Google Analytics 4 (GA4) to collect anonymised data about how visitors interact with this website. IP addresses are anonymised before storage. Data is processed by Google LLC (based in the United States) under a Data Processing Agreement that includes Standard Contractual Clauses as the appropriate transfer safeguard.

You can opt out of Google Analytics at any time by withdrawing your cookie consent or by installing the Google Analytics Opt-out Browser Add-on.

7. Data sharing and third parties

We do not sell, rent, or trade your personal data to third parties for marketing purposes. We may share your data only in the following limited circumstances:

  • Service providers: hosting providers, email service providers, and payment processors who act as data processors and are contractually bound to protect your data.
  • Legal obligations: when required by applicable law, court order, or governmental authority.
  • Tour fulfilment: with Icelandic accommodation providers, transport operators, or activity partners strictly to the extent necessary to fulfil your booking. These parties are bound by confidentiality obligations.

8. International data transfers

Your data may be processed outside the European Economic Area (EEA), for example by Google LLC in the United States. In such cases, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, as required by Chapter V of the GDPR.

9. Data retention

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. The table below summarises the retention periods we apply to each category of data.

Data typeRetention period
Contact enquiries (no booking)12 months from the date of the last communication
Booking and contract data7 years from the end of the contractual relationship, in accordance with Icelandic accounting law
Analytics data (GA4)14 months (Google’s default retention period), subject to your consent

 

10. Your rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access – to obtain a copy of the personal data we hold about you.
  • Right to rectification – to have inaccurate or incomplete data corrected.
  • Right to erasure – to request deletion of your data where there is no legitimate reason for us to continue processing it.
  • Right to restriction – to request that we limit the processing of your data in certain circumstances.
  • Right to data portability – to receive your data in a structured, machine-readable format where technically feasible.
  • Right to object – to object to processing based on our legitimate interest.
  • Right to withdraw consent – where processing is based on consent, to withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at info@privateiceland.is. We will respond within 30 days.

11. Right to lodge a complaint

If you believe we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with the competent supervisory authority. In Iceland, this is:

Persónuvernd (Icelandic Data Protection Authority)
Rauðarárstígur 10, 105 Reykjavík, Iceland
Website: www.personuvernd.is

12. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, alteration, or disclosure. These include encrypted HTTPS connections, access controls, and regular security reviews.

13. Children’s privacy

This website is not directed at children under the age of 16. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected such data, please contact us and we will delete it promptly.

14. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The updated version will always be available on this page with a revised “Last updated” date. We encourage you to review this policy periodically.

15. Contact us

For any questions about this Privacy Policy or about how we handle your personal data, please contact us at:

Private Iceland ehf.
Skólagerði 61, 200 Kópavogur, Iceland
info@privateiceland.is  ·  +354 860 5565

 

Last updated: May 2026