top of page

Privacy Policy

Tafraljós welcomes the new data protection legislation (GDPR) which came into effect on 25 May 2018 in Europe and 16 July 2018 in Iceland. Personal protection and related security is important for all of us and there was a need for sharper rules that dealt with the handling of personal information by companies and institutions, and the rules are therefore a welcome remedy.

The new privacy policy of Tafraljós is as follows:

General information about personal data

  • Táfrlóts emphasizes the security of its customers' personal information.

  • Tafraljós emphasizes that all personal information is treated in accordance with the laws and regulations on personal protection and processing of personal information (Personal Data Protection Act).

  • Táfrlóts emphasizes that the processing of personally identifiable information is limited to the extent that it is possible to provide the services requested by customers.

  • Tafraljós emphasizes the responsible processing of information about customers and that this processing is done in a responsible, safe and legal manner.

  • Tafraljós emphasizes that all information about customers provided or retrieved with their permission to third parties is only retrieved for the purpose of being able to provide the customer with the service they request.

  • Táfraljós emphasizes that Táfraljós' customers are the owners of their own personal information, have sole access to such information, together with Táfraljós' staff and necessary third parties.

What personal information do we collect and why?

This section describes why we collect personal information, what information is processed and why it is done.

1. TO WORK WITH AND TRACK ORDERS AND PURCHASES

Personal data is processed in order to:

  • deliver the ordered/purchased product or service (including notifications about the status of the order and to contact you for questions/information about delivery).

  • can verify age and other necessary information.

  • can verify address information by linking to external records, for example the National Register or the telephone directory.

  • help with product returns, complaints and warranty issues.

Types of information processed:

  • Name

  • Contact information (such as address, email address, telephone number)

  • Payment information (such as details of transactions, date of transactions).

  • social Security number

  • Customer number

  • Payment history

  • Order history, such as which product was purchased and where it was sent

2. TO MANAGE YOUR ACCESS TO OUR WEB MEDIA

Personal data is processed in order to:

  • authorize login.

  • can verify age and other necessary information.

  • keep information correct and up to date

  • enable us to monitor the product purchase summary

  • manage settings and information related to payment history and payment methods

  • allow you to save shopping lists/wish lists, make shopping list suggestions or other ways to simplify things for you. Analyzes are made to make this clear to us.

Types of information processed:

  • Name

  • Contact information (such as address, email address, telephone number)

  • Username and password

  • Product purchase information

  • Information about your computer, phone or other devices you use and their settings.

  • Payment history

  • social Security number

  • Customer number

  • Addresses from a third party, such as the National Register or from the telephone directory

3. TO MARKET PRODUCTS AND SERVICES

Personal data is processed in order to:

  • Recommend relevant products, suggest shopping lists, remind forgotten/stored baskets or save wishlists/shopping lists to simplify future purchases or similar

  • Send marketing messages via e-mail, telephone messages, social media and similar electronic communication media, in addition to traditional mail, including messages from affiliates to customers outside the loyalty network. For example, through marketing campaigns or by sending offers and invitations to events to: all customers, a specific segment of customers (eg women/men between 30 and 40 in the capital region), or to individual customers.

Types of information processed:

  • Name

  • social Security number

  • Contact information (such as address, email address, telephone number)

  • Age

  • Residence

  • Information about how the customer uses the company's websites and other electronic media.

  • Product purchase information.

  • User generated data (eg website clicks and web browsing).

To understand what type of marketing should be used, we analyze:

  • How websites and web media are used (eg which websites and sections of websites have been visited and what has been searched for).

  • Product purchase history

  • Age and residence

  • Survey results

4. TO BE ABLE TO PERFORM AND CONTROL PARTICIPATION IN COMPETITIONS AND EVENTS

Personal data is processed in order to:

  • Communicate with contest participants.

  • Communicate with participants before and after the event (eg confirmations, announcements, questions)

  • Can verify age and other necessary information.

  • Choose winners and deliver prizes.

Types of information processed:

  • Name

  • Social security number or age

  • Contact information (such as address, email address, phone number)

  • Information provided to participate in a contest/game.

  • Information provided in connection with an event.

5. TO EXCLUDE THE BOOKING OF SERVICES (TD PERSONAL CONSULTATION OR SIMILAR)

Personal data is processed in order to:

  • Manage bookings, changes to bookings and cancellations.

  • Can be contacted for bookings and to remind about services.

Types of information processed:

  • Name

  • Contact information (e.g. email address, telephone number)

  • Information you choose and provide that helps the service provider prepare the service.

6. TO KEEP OUT COMMENTS/COMPLAINTS ABOUT THE SERVICE

Personal data is processed in order to:

  • Communicate with customers via telephone or electronic media (including social media)

  • Enable us to identify customers.

  • Enable us to investigate complaints and be able to rely on data (including with the help of technology).

Types of information processed:

  • Name

  • Contact information (such as address, email address, telephone number)

  • Letters, emails, telephone messages or other information provided in response to a comment/complaint.

  • Information about date of purchase, location of product purchase or product defects/complaints.

  • User information from online access, for example when a customer has problems logging in.

  • Technical information from your devices.

  • social Security number

7. TO FULFILL LEGAL OBLIGATIONS

Personal data is processed in order to:

  • Fulfill legal obligations, as required by law from time to time, according to court order or something similar. Such obligations may, for example, concern product safety obligations, and therefore we may have to provide communications or information to the public and/or customers, regarding product suggestions or product recalls, for example due to defects or effects on health.

Types of information processed:

  • Name

  • Contact information (such as address, email address, telephone number)

  • Letters, emails, phone messages or other information provided by the customer

  • Information about date of purchase, location of product purchase or product defects/complaints.

  • User information from online access

  • social Security number

  • Payment information

8. TO EVALUATE, DEVELOP AND IMPROVE OUR SERVICES, PRODUCTS AND SYSTEMS FOR CUSTOMERS GENERALLY

Personal data is processed in order to:

  • Make the service more user-friendly, for example by changing the interface to simplify the flow of information or to make widely used features of electronic media more prominent.

  • Record information to improve product flow processes, for example by predicting sales, stock levels and shipments.

  • Register information to improve product offerings.

  • Record information in order to increase efficiency with environmental and social responsibility in mind, for example by streamlining purchases and deliveries.

  • File information to prepare for new store openings and inventory

  • Give you the opportunity to influence the product range we offer.

  • Register information to improve computer and technical equipment to increase the security of customers and those who visit our web media.

Types of information processed:

  • User generated data (eg website clicks and web browsing).

  • Age

  • Residence

  • Letters, emails, phone messages or other information provided by the customer

  • Technical information related to the devices used and settings, such as language settings, IP addresses, browser settings, time zone, operating system, display settings, etc.

  • Information about your use, for example, how services were used, how login was done, where and for how long various pages were visited, response time, download errors, how to connect to services and when services were left, etc.

In order to do this, we perform analyzes on aggregate data (not on individuals), regarding:

  • How our websites and other electronic media are used (eg which pages or sections of the page have been visited and what has been searched for).

  • Product purchase history

  • Age

  • Geographical and/or demographic information

  • Information from customers, provided, among other things, through surveys

  • Data from customer devices and technical settings.

9. TO PREVENT MISUSE OF THE SERVICE OR TO INVESTIGATE AND PREVENT CRIMES AGAINST THE COMPANY

Personal data is processed in order to:

  • Investigate or prevent fraud or other abuse, eg recording cases in stores.

  • Prevent spam, harassment, unauthorized logins or other unauthorized activities.

  • Protect and improve computing and technology environments against attacks

Types of information processed:

  • Product purchase and usage information (eg website clicks and web browsing).

  • social Security number

  • Video recordings from security cameras.

  • Technical information related to the devices used and settings, such as language settings, IP addresses, browser settings, time zone, operating system, display settings, etc.

  • Information about how our electronic services are used.

10. TO REWARD FRIENDS AND GIVE THEM SPECIAL OPTIONS

Personal data is processed in order to:

  • Reward customers, for example with discounts, offers, invitations to events, gifts, or through other direct marketing.

  • Perform analyzes of data collected by the company for the same purpose, for example, how the member uses websites and other electronic media (such as which websites and parts of websites the member visited and what they searched for), product purchase history, age, residence, preferences (for example, product availability) and other settings on the company's electronic services, as well as survey results.

The analytics may be used to segment members into customer groups in order to provide specific benefits and discounts to certain groups, based on product purchase history, interest, age, residence and market research. The analysis is done down to individuals in order to be able to provide personalized offers, terms and communications.

Types of information processed:

  • Name

  • social Security number

  • Username

  • Customer number

  • Contact information (such as address, email address, telephone number)

  • Residence

  • Product purchase history

  • User generated data (eg website clicks and web browsing).

  • Customer choice of products and services

  • Technical information about your computer, phone and other devices you use and their settings, for example language settings.

  • Device location information.

11. TO PROVIDE A CUSTOMIZED SERVICE

Personal data is processed in order to:

  • Offer content that's right for each person, for example by recommending relevant products, providing shopping list suggestions, or using other similar ways to simplify things for customers.

  • Simplify the use of services, for example by storing shopping lists/wish lists or payment methods to help with product purchases later or reminding of forgotten/stored product baskets.

  • Perform analysis of the information we collect so that members can be divided into different customer groups, in order to be able to offer different offers, terms and discounts to different groups based on product purchase history, preferences, age, residence and market research. The analysis is done down to individuals in order to be able to provide personalized offers, terms and communications.

Types of information processed:

  • Name

  • social Security number

  • Age

  • Residence

  • Product purchase history

  • User generated data (eg website clicks and web browsing).

  • Customer choice of products and services

  • Technical information about your computer, phone and other devices you use and their settings, for example language settings.

In order to fulfill its obligations, the company performs analyzes er várða e.g.

  • How websites and web media are used (eg which websites and sections of websites have been visited and what has been searched for).

  • Product purchase history

  • Age

  • Residence

  • Preferences (eg regarding products and services, interest and behavior)

  • Language settings and other settings in electronic services.

  • Survey results.

 

Information to third parties

Personally identifiable data may be transferred to Täfraljóri's partners so that they can be processed.

For example, when it comes to marketing (printing, distribution, etc.), distribution, transport, payment methods and technical services. When personally identifiable data is shared with partners, the data should only be handled in accordance with the purpose of Táfraljóti when collecting the data.

In addition, Töfraljós may need to provide personally identifiable information to authorities (eg police and tax authorities). Táfrlóts may also need to provide banks, card and payment channel companies and transport companies with access to personally identifiable data. In such cases, our partners must process the data in accordance with the laws and regulations on the processing of personal data.

Cookies

There are two types of cookies. One stores a text file for a certain period of time, until it expires. Its purpose is, for example, to tell you what has happened since you last visited. The other type is the so-called session cookie, which does not have a date. The text file is saved temporarily, while you are on a website and could for example help to remember the language you are using. As soon as the browser is closed, the text file is deleted.

At tofraljos.is, kerti.is and ilmkerti.is we use cookies to keep track of what you have put in the shopping cart. We also use cookies to keep track of statistics, to help develop the pages. This information is collected in collaboration with third parties.

The web system on which Táfraljóri's websites are based and extensions to it may also use cookies to improve the customer experience.

In order to use our websites, you must accept cookies. You can do that in the settings of the browser you use. If you do not, the websites may not function properly.

Accounting data

Täfraljóri's accounting data is stored in accordance with the security requirements of the Personal Protection Act and the Act on the Entry and Preservation of Accounting. The storage and saving of such information is based on the relevant laws.

Limitation of liability

To the extent permitted by applicable law, Táfraljósa bears no liability for damages for incidents that may arise due to the way the service is used or provided, unless such incidents can be attributed to gross/reprehensible negligence or intentional misconduct on the part of Táfraljósa.

Táfrljósa is not responsible for delays in the service or for the service not working properly due to uncontrollable events.

Law and Jurisdiction

This privacy policy is governed by Icelandic law. Disputes that may arise in connection with the privacy policy must be resolved before the District Court of Suðurland if it cannot be resolved in another way.

Your consent

By using our site, you agree to our privacy policy and any changes to it.

If our privacy policy changes, the date below will change.

This privacy policy was last modified on November 30, 2020.

Contact us if you have any questions about this Privacy Policy using the information below.

Magic light/ Þorsteinn Gunnarsson Id. 030358 2879 Fossheiði 5 800 Selfoss

Magic light phone: (+354) 8936804 

bottom of page