1. Introduction
Sýningaljós slf. is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect personal information in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and applicable Icelandic data protection laws.
By using the website syningaljos.is, you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
We collect personal information that you voluntarily provide when you:

• fill out forms on our website,

• contact us by email or other means,

• request or purchase our services.

This may include:

• name,

• email address,

• phone number,

• communication content and inquiries,

• payment details (such as credit card information, processed securely via third-party payment providers).

We also automatically collect certain technical information, including:

• IP address,

• browser and device type,

• connection information,

• usage data such as pages visited, time spent on pages, and interactions with the website.

3. Purpose of Processing
Personal data is processed for the following purposes:

• to provide and manage our services,

• to respond to inquiries and communicate with customers,

• to process orders and payments,

• to improve website functionality, security, and user experience,

• to comply with legal obligations.

4. Legal Basis for Processing
We process personal data based on one or more of the following legal grounds:

• your consent,

• performance of a contract,

• compliance with a legal obligation,

• our legitimate interests, provided such interests do not override your fundamental rights and freedoms.

5. Data Storage and Security
Personal data is stored on secure servers operated by Wix.com Ltd., which complies with GDPR requirements and implements appropriate technical and organizational security measures.
We take reasonable steps to protect personal data against unauthorized access, alteration, disclosure, or destruction.
6. Data Sharing with Third Parties
We do not share personal data with third parties except where:

• necessary to provide our services (e.g. payment processors),

• required by law or legal authorities,

• you have given explicit consent.

Any third parties processing personal data on our behalf do so in accordance with GDPR and under strict confidentiality obligations.
7. Your Rights Under GDPR
You have the right to:

• access your personal data,

• request correction of inaccurate or incomplete data,

• request erasure of your personal data (“right to be forgotten”),

• restrict processing of your personal data,

• object to processing based on legitimate interests,

• receive your data in a structured, commonly used, and machine-readable format (data portability),

• withdraw consent at any time, without affecting the lawfulness of processing carried out prior to withdrawal.

8. Cookies
This website uses cookies to enhance functionality and analyze usage. You can control or disable cookies through your browser settings. For more information, please refer to our Cookie Policy (if applicable).
9. Contact Information
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:
Sýningaljós slf.
Email: info@syningaljos.is
Address: Klettagata 12, 220 Hafnafjörður
10. Changes to This Privacy Policy
Sýningaljós slf. reserves the right to update this Privacy Policy at any time. Any changes will become effective upon publication on the website.