SNÆDAL Privacy and Personal Data
1. Introduction
SNÆDAL ("we", "us", "our") is committed to protecting your personal data and respecting your privacy. This Privacy Policy explains what information we collect when you visit snaedal.com, how we use it, and what rights you have in relation to it.
We operate in accordance with the General Data Protection Regulation (GDPR) and applicable data protection legislation.
2. Who we are
Company name: Snædal
Registration number: 610322-0930
VAT number: 144461
Address: Eyjabakki 14
Phone: +354 664 8482
Email: snaedal@snaedal.is
Website: https://snaedal.com
Registration number: 610322-0930
VAT number: 144461
Address: Eyjabakki 14
Phone: +354 664 8482
Email: snaedal@snaedal.is
Website: https://snaedal.com
3. What data we collect and why
We collect only the minimum data necessary to operate our website. We do not sell, rent or share your personal data with third parties for commercial purposes.
- Contact forms:
When you submit a contact form on our website, we collect the information you provide — typically your name, email address and message. This data is used solely to respond to your enquiry. We retain this information only for as long as necessary to handle your request. - Google reCAPTCHA:
Our contact forms are protected by Google reCAPTCHA to prevent spam and abuse. reCAPTCHA collects hardware and software information, such as device and application data, and sends it to Google for analysis. This processing is carried out on the basis of our legitimate interest in keeping our website secure and spam-free.
Google's use of data collected via reCAPTCHA is governed by Google's own Privacy Policy, available at: https://policies.google.com/privacy. - Cookies:
We use a strictly limited number of cookies on this website. We do not use cookies for advertising, tracking or analytics purposes.
The cookies we use are:
| Cookie | Purpose | Type | Duration |
|---|---|---|---|
| Session Cookie | Maintains your login session when accessing secure areas of our website | Necessary | Session (deleted when browser is closed) |
| reCAPTCHA cookie | Set by Google reCAPTCHA for spam protection on our contact forms | Necessary | Up to 6 months |
Because we only use strictly necessary cookies, we are not required to obtain your consent for their use. However, you may disable cookies in your browser settings at any time. Please note that disabling cookies may affect the functionality of certain parts of our website.
4. Legal basis for processing
We process your personal data on the following legal bases under GDPR Article 6:
- Legitimate interest (Article 6(1)(f)) — for the use of reCAPTCHA to protect our website from spam and abuse.
- Contract (Article 6(1)(b)) — when processing enquiries submitted through our contact forms with a view to entering into or fulfilling a service agreement.
- Consent (Article 6(1)(a)) — where you have actively provided us with your information by submitting a form.
5. Data sharing and third parties
We do not sell or share your personal data with third parties, except as necessary to operate our website. The only third party involved in data processing on this website is:
- Google LLC — via the reCAPTCHA service. Google may process data outside the European Economic Area (EEA). Such transfers are covered by Google's Standard Contractual Clauses in accordance with GDPR requirements.
6. Data retention
We retain personal data only for as long as necessary for the purposes described in this policy:
- Contact form submissions — retained for up to 12 months, after which they are securely deleted.
- reCAPTCHA data — governed by Google's own retention policy.
7. Your rights
Under GDPR, you have the following rights regarding your personal data:
- Right of access — you may request a copy of the personal data we hold about you.
- Right to rectification — you may request that we correct inaccurate or incomplete data.
- Right to erasure — you may request that we delete your personal data, subject to legal obligations.
- Right to restriction — you may request that we restrict the processing of your data in certain circumstances.
- Right to object — you may object to processing based on legitimate interests.
- Right to data portability — you may request your data in a structured, machine-readable format.
8. Security
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss or misuse. All data transmitted via our contact forms is encrypted using SSL/TLS.
9. Changes to this policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically.
10. Complaints
If you believe we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with your local data protection authority. In Iceland, this is:
Persónuvernd (The Data Protection Authority of Iceland)
Website: https://www.personuvernd.is
Email: postur@personuvernd.is
Persónuvernd (The Data Protection Authority of Iceland)
Website: https://www.personuvernd.is
Email: postur@personuvernd.is
This Privacy Policy was last reviewed in March 2026.