Privacy policy
We respect you and your personal information. We want you to be informed in a simple way about how and why we collect, use and preserve personal information about you and what rights you have towards us.
In our privacy statement we answer the following questions:
-
When and why do we collect information about you?
-
What personal information do we collect about you?
-
How do we use your personal information?
-
Who do we share your personal information with?
-
How do we ensure the security of your personal information?
-
How long do we keep the information?
-
Your rights against us?
-
Will this privacy policy change?
1. When and why do we collect information about you?
We collect and store a variety of personal information about our customers. Different personal information may be collected about you depending on whether you are doing business with the company yourself or whether you are acting on behalf of a legal entity in business with the company, for example a supplier. We collect this information so that we can provide the services that have been requested.
When you do business with us, we collect and maintain information related to your business history with us. We collect this information to provide you with an overview of your business with us and so that we can offer you a more personalized service.
When you want to be in contact with us and receive information (such as newsletters, targeted mail and offer brochures) from us at regular intervals, you are asked to provide us with the necessary information. This depends on your choice.
Sometimes you will be asked to provide us, on an optional basis, with additional information about yourself. This is information that we request because we believe it can help us provide you with a better service. You are never required to provide such information unless you choose to do so.
When you use our web interface, we also collect personal information with cookies, IP addresses and other information related to the device you use (such as hardware type, operating system version, etc.). You can choose whether you prefer to give us this information.
2. What personal information do we collect about you?
Personal information we collect about you depends on which service you have requested or for what purpose you have approached us, information we collect includes:
-
Your name, social security number, address, phone number and email address.
-
Your business history with us, including which products and services you have purchased from us.
-
Communications you choose to have with us, such as emails, messages sent through a web interface, recorded calls, letters or other communications.
-
Payment information/invoice transaction information – such as dates of transactions or payments received.
-
Information about your use of our websites, including my pages. This information includes when you visit the site, how long you use it, your intended location when you use the site, and information about the device you use to access the site.
Mailing lists: If a customer registers on Desma's mailing list, the company will work with information about the customer's email address and, as the case may be, other information that the customer provides to the company, such as name, address and gender. This processing is based on the customer's consent, but they may withdraw their consent at any time and unsubscribe from the company's mailing list.
Customers: Desma may ask its customers for their social security number, email address, telephone number, address and other information in order to save it in their customer system. The purpose of the processing is to be able to fulfill an agreement that the customer makes with the company, such as being able to deliver purchased products, contact customers about products that are being repaired and that customers can look up their purchases through "my pages". In this way, Desma can keep track of the warranty certificates of sold products in its computer systems, and employees can, at the request of customers, look up purchased products to answer questions and serve customers better.
If you act on behalf of a partner of Desma, such as a supplier, contractor or customer who is a legal entity, Desma may process your contact information, such as name, telephone number and email address. Desma may also work with communication history and, depending on the circumstances, account information. This processing is necessary for the company to be able to fulfill its obligations based on the contract with the relevant partner. The company may also be obliged to work with information based on legal obligations, such as accounting laws.
Marketing: Desma may use the personal information that customers have provided to the company in order to send them offers and advertisements based on this information. Such processing is based on the informed consent of the customer.
Complaints and suggestions: If you send us a suggestion or complaint, Desma will generally process your contact information, such as name and email address, and the content of the complaint or suggestion that you have chosen to make.
Grant applications: In connection with grant applications, Desma processes contact information, such as name, social security number, email address and phone number, as well as other information sent to the company in such an application. This processing is carried out on the basis of your request to enter into a grant agreement with the company.
As a general rule, Desma collects personal information directly from the customer or the customer's representative. However, information may also come from third parties. If personal information is obtained from a third party, the company will endeavor to inform its customers about this.
Information covered by the Accounting Act is retained for 7 years from the end of the relevant financial year. It may be necessary to keep certain information longer, for example if there is a possibility that Desma will need to establish, maintain or defend legal claims. In those cases, the retention period will be based on the rules on the limitation period for claims.
3. How do we use your personal information?
We may use your personal information to:
-
Provide you with the services or products you have requested.
-
Process the requests you have made to us.
-
Offer you specific services on specific terms.
-
Inform you about new products and services.
-
Send you invoices for doing business with us or charge you for service and/or product purchases.
-
Assess your creditworthiness.
-
Understand how you use our services and products, so we can better develop our service and product range.
-
Respond to questions you direct to us.
4. Who do we share your personal information with?
We may share information about you with the following parties:
-
Authorities, such as the government, courts and law enforcement authorities
-
Credit rating companies and financial institutions
-
Our subsidiaries
-
Collection companies
-
Service companies acting on our behalf.
-
Our experts, such as lawyers, accountants and external consultants.
We share information only with third parties according to a processing agreement that stipulates the handling and security of personal information, unless a legal obligation stipulates otherwise. In the event of suspected fraudulent or illegal conduct, we will share with appropriate parties any personal information that may be relevant in order to protect our interests, your interests and/or the interests of our customers.
In the event that we merge with another company and/or are taken over by other owners, the information may be transferred to a new company.
5. How do we ensure the security of your personal information?
Personal information is stored in authorized access-controlled computer systems where care is taken that only those who need to have access to data have. Desma ensures that all general defenses of computer systems are in place, updated and monitored regularly.
All computer equipment related to the storage of personal information is from authorized suppliers, it is monitored and updated regularly.
Services are purchased from an approved security company that conducts regular external vulnerability scanning of all external services in operation at Desma.
6. How long do we keep the information?
We will retain your transaction history for up to 4 years unless the law requires or permits a longer retention period. If the information is no longer needed or the law requires its deletion, the information will be made non-personally identifiable and/or deleted.
7. Your rights towards us?
You have the right to receive information from us about how your personal information is used by us and what information we have about you. You also have the right to update your information so that it is correct, to request corrections or to have your information deleted, as long as there is no longer a reason for us to keep it. In the same way, you can request to receive information about yourself.
If you have questions or comments in relation to this privacy statement or our processing, or if you want to complain about a possible violation of privacy laws, please contact us by sending us an email to desma@desma.is. We will make every effort to respond as soon as possible.
You also always have the right to direct your complaint to Personal Protection in accordance with the current law on personal protection and processing of personal data, now law no. 90/2018. The Personal Protection website can be found at www.personuvernd.is . Personal information generated during electronic monitoring is kept for as long as necessary, but never longer than 30 days unless the laws or regulations of the Personal Protection Agency on electronic monitoring of the home in each case.
8. Will this privacy policy change?
This privacy policy may change over time, for example due to changes in laws and regulations or official requirements towards us and the handling of personal information. We therefore encourage you to regularly follow updates, which we publish on our website.
This privacy policy was established on 15.11.2023