Privacy policy

This Privacy Policy constitutes an agreement between the Service Provider and the Customer and is incorporated into and governed by the Terms of Service. Privacy Policy describes what information we collect and use about you and what information is shared with the third parties. Protecting the privacy and integrity of your personal data is our top priority.

1. Information we may collect about you


We collect different types of information in order to provide you with the Services in a reliable and secure manner.

1.1 Your account information. When you use the Services and a reasonable period thereafter in case you decide to re-activate the Services. We collect and associate with your User Account the information you provide us like your first and last names, email address, mobile phone number, personal code, address, credit card and/or other billing information. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes and to enforce our agreements. We are acting as a Data Controller for this information.


1.2 Your uploaded data (Customer Data). In order to provide the Services, we store, process and transmit your uploaded documents and information related to them. This data is processed solely in accordance with the directions provided by you (Customer or User). We are acting as a Data Processor for this information.


1.3 Your usage information. We collect information related to how you use the Services. We may collect information like IP addresses, the type of browser, device, operating system you use, actions you take when using our Services. We use this information to improve our Services, develop new products, features, and functionality, and ensure the security of your account and your data. Should this purpose require us to process Customer Data, the data will only be used in anonymized or aggregated form. We are acting as a Data Controller for this information.


1.4 Other information. We may receive information about you, incl. Your Personal Data, from third parties we are working closely with (like Qualified Trust Service Providers, other Service Providers integrated into our Services, business partners, subcontractors, payment service providers, credit rating agencies). We will treat this information as Personal Data in accordance with this Privacy Policy. We are acting as a Data Controller for this information.


All this information is stored and processed within the European Union/European Economic Area (EU/EEA).


2. Disclosure of your information


We do not share any personal information with third parties unless one of the following circumstances applies:


2.1 With your consent. We will only share your personal information when we have your consent.

2.2 For external processing. We may provide the Personal Data to our trusted business partners to process it for us, based on our instructions and in compliance with this Privacy Policy.

2.3 Lawful requests. We may disclose the Personal Data when we have a good belief that access, use, preservation or disclosure of such information is necessary to:

2.3.1 satisfy any applicable law, regulation, legal process or enforceable governmental request;

2.3.2 enforce our Terms of Service, including investigations of potential violations;

2.3.3 protect against imminent harm to our rights, property or safety, or that of our users or public as required or permitted by law.

2.4 Business transfers. We may share and/or transfer your Personal Data if we become involved in any merger, acquisition, reorganisation, sale of assets, bankruptcy.

3. Information Security

All our Services have been designed from the ground up to be secure.


4. Retention Policy


Once you delete your User Account from the Services, the content (Customer Data) is deleted within 30 days of the date of closure. Your account information and billing information is retained for a period of 7 years in accordance with the Icelandic accounting and taxation laws.

5. Data Processor

You’re acting as a Data Controller for your uploaded data (Customer Data) that contains Personal Data. We are not responsible for any Personal Data stored at the discretion of our Customers, including but not limited to Invitations or Documents.

We are neither responsible for the manner in which our Customers collect, handle, disclose, distribute nor otherwise processes such data.

The terms for such data processing are defined in the Data Processing Agreement.

6. Your rights

Under the GDPR regulation, data subjects have the following rights:


6.1 the right to access personal data held about them;

6.2 the right to object to processing (for example, direct marketing);

6.3 the right to data portability;

6.4 the right to complain about processing carried out by the data controller;

6.5 the right to object to automated decision making;

6.6 the right for the personal data being updated;

6.7 the right to be forgotten.

You may exercise any of your rights in relation to your personal data by contacting our Data Protection Officer by email at

7. Changes and Updates


We may revise this Privacy Policy from time to time and will post the most current version on our website. If a revision meaningfully reduces your rights, we will notify you. We will not reduce your rights under this Privacy Policy without your explicit consent.


8. Contact us

If you have any questions, concerns or complaints about this Privacy Policy, you may contact our Data Protection Officer by email at