RST Nets Privacy Policy

1. General

RST Net ehf. places great emphasis on the security, transparency and confidentiality of personal information. This
Privacy Policy explains how we collect, use, store and protect
personal information in connection with our operations, in accordance with applicable
personal information laws and regulations (GDPR and Icelandic law).

2. Responsible party

RST Net ehf. (ID 530198-2359)
Email: rst@rst.is
Phone: 557-1050

3. What data do we collect and how?

We process personal information that we receive in connection with:

Customer relations (name, email address, phone number)
Information necessary to provide services (e.g. company name, payment and billing information)
Communication history (emails, inquiries, service requests)
Web usage data (cookies, analytics tools if we use them)
Other information that individuals provide themselves for e.g. marketing, service offers or contracts.

4. Purpose of processing

Personal data is processed to:

Provide, operate and improve our services
Manage business relationships and communications
Comply with legal obligations (e.g. accounting, taxes, regulations)
Ensure the security of our operations and systems
Marketing and communications if we obtain consent
Respond to individual requests, complaints, and promote transparency

5. Legal basis

The processing of personal data is based on one or more of the following:

A contract with the relevant party or steps taken to enter into a contract
A legal obligation to which RST Net is subject, e.g. an accounting obligation
The legitimate interests of RST Net to improve services and ensure operations
Consent of individuals (where appropriate, e.g. marketing)

6. Data security and information integrity

The processing of personal data is based on one or more of the following:

A contract with the relevant party or steps taken to enter into a contract
A legal obligation to which RST Net is subject, e.g. an accounting obligation
The legitimate interests of RST Net to improve services and ensure operations
Consent of individuals (where appropriate, e.g. marketing

7. Communication and sharing of data

We do not share personal information except:

with approved parties (e.g. service providers, accounting) who work under a contract to comply with privacy and security rules
if required by law or necessary to protect our rights or those of others

8. Data retention

Data is only stored for as long as is necessary for the purpose of the processing and in accordance with the law. After the purpose has been achieved or if the law requires the data to be deleted or preserved, this will be done.

9. Rights of individuals

Individuals have the right to:

Access to their personal data
Rectification if data is incorrect or incomplete
Erase data when there is no legitimate reason to retain it
Restriction of processing under certain circumstances
To object to processing where the processing is based on legitimate interests
To have data sent or transferred (data portability) where applicable. To exercise these rights, you can contact RST Net (see section 2).

10. Data security

RST Net applies appropriate technical and organizational security measures to ensure the protection of personal data.

11. Policy changes

RST Net reserves the right to change this policy as laws, regulations, or operating conditions change. We will announce changes on the company website and, if applicable, in other appropriate ways.

12. Complaints and access channels

If you believe that the processing of your personal data violates the law or this policy, you can:

Contact RST Net (email address and phone number of the responsible person)
Apply to the Icelandic Data Protection Authority (www.personuvernd.is) with a complaint and ask for assistance