<img alt="" src="https://secure.want7feed.com/193339.png" style="display:none;">
Skip to content

Privacy Policy

Last updated: 14 March 2025

At WiseFish ehf., reg. no. 461221-0330, Katrinartun 4, 105 Reykjavik (the “Company”), we value our clients, customers, visitors and registered users (the “Customer”) privacy and understand the Customer’s concerns regarding the use of their personal and company information collected them through the Company’s website https://www.wisefish.com its subdomains (the “Website”), the Company’s software and other communication channels. This Privacy Policy outlines how the Company collects, utilizes, and shares personal information from the Customer. 

This Privacy Policy only applies when the Company processes personal data as the controller as defined by Act no. 90/2018 on the Data Protection and the Processing of Personal Data (“Data Protection Act”). 

If the Customer is unsure of how this Privacy Policy applies, please contact the Company using the contact information set out below. 

Information the Company collects

For the purposes of this Privacy Policy, personal data means any information relating to an identified or identifiable individual, i.e. information that can be traced directly or indirectly to a specific individual. Personal data does not include anonymous data or non-personal data (i.e., information that cannot be associated with or tracked back to a specific individual). 

To ensure effective operation and deliver optimal experiences with the Company’s software and services, the Company may gather data. This collection of information about the Customer by the Company can occur through the following means: 

  • Information the Customer gives the Company: The Company collects the Customer’s name, company name, job title, postal address, email address, and phone number. Username, password, personal and company demographic information (such as the Customer’s company software application, version, user usage and occupation), and any other information the Customer provides to the Company may be provided on a project basis to individuals within the Company. 
  • Information automatically collected: When the Customer visits the Website or uses the Company’s software, the Company automatically records details about the Customer and its device. For instance, this includes the Customer’s computer operating system type, telemetry information, browser type, browser language, the website the Customer visited prior to accessing the Website, the pages the Customer viewed, duration spent on each page, access times, Internet Protocol (IP) address, and the Customer’s interactions and activities on the Website. 
  • Information the Company gets from others: The Company may acquire information about the Customer from alternative sources, which may then be incorporated with the data obtained from the Website for example. 
  • The Company may log information using “cookies”: Cookies are small data files stored on the Customer’s hard drive by a website. Cookies help the Company to make the Website and the Customer’s visit better. The Company uses cookies to see which parts of the Website people use and like and to count visits to the Website. 

    For further information on how the Company uses cookies, please visit the Company’s Cookie Policy on the Company’s website (the “Legal Center”).
  • Web Beacons: The Company may utilize digital images known as Web beacons on the Website or within the Company’s emails to log information. These Web beacons are employed to control cookies, track visits, and assess the effectiveness of marketing efforts. Additionally, the Company may use Web beacons to determine if the Customer has opened or engaged with the Company’s emails. 

Use of personal information
The Company utilizes the Customer’s personal information in the following ways: 

  • Operating, maintaining, and enhancing the Company’s software, services and Website.
  • Engaging with the Customer, addressing comments and inquiries, and delivering customer service.
  • Sending various information such as confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages. 
  • Sharing promotions, upcoming events, and other relevant news about the Company’s software and services, along with those of the Company’s selected partners.
  • Linking or combining the Customer’s information with other personal data. Employing the Customer’s personal information to safeguard against fraudulent, unauthorized, or illegal activities through protection, investigation, and deterrence measures.
  • Fulfilling and delivering software and services as requested by the Customer. 
The data is processed primarily in order to be able provide requested service to the Customer and to perform any other duties resulting from the Company’s service and software, but the processing also occurs on the basis of the Company’s legitimate interests of ensuring that the Customer receives good service and software. Also, data may be processed on the basis of a legal obligation. 

Sharing of personal information

The Company may disclose personal information in the following circumstances: 

  • With the Customer’s explicit consent, the Company may share personal information, allowing for its use by third parties for their marketing endeavors. Such usage will be subject to the privacy policies of those third parties.
  • In the event of a business transaction, negotiation, or any dealings involving the sale or transfer of the Company’s business or assets, personal information may be shared. This includes mergers, financing, acquisitions, or bankruptcy proceedings.
  • Personal information may be shared for legal, protective, and safety purposes, including compliance with applicable laws in the jurisdictions where the Company operates. 
  • The Company may disclose information in response to lawful requests and legal processes, as well as to protect its rights, property, and those of its agents, customers, partners and others. This encompasses the enforcement of agreements, policies, and terms of use.
  • In emergency situations aimed at safeguarding the well-being of the Company’s employees and agents, customers, or any individual, information may be shared.
  • Information may be disclosed to individuals engaged in work on behalf of the Company, including data processors.
  • Additionally, the Company may share aggregated and/or anonymized data with third parties for their independent use.
  • It's worth noting that certain data collected from the Website may not be covered by non-disclosure agreements if the Company and others have mutually executed such agreements. 

Retention of
personal data 

The Company stores personal data for as long as necessary based on the purpose of the processing, unless otherwise authorized or required by law. Personal data which may be collected through the Website is generally not stored for more than 13 months. Personal data collected through the Company’s software is retained for the duration of the Customer’s use of the software and the existence of the business relationship with the Customer. 

Security of the Customer’s personal information 

The Company is committed to ensuring that its servers, software and connections are equipped with the latest encryption and security measures. The Company has implemented physical, electronic, and managerial protocols to protect and secure the collected information. However, it's important to note that no data transmission can be guaranteed to be completely secure, and malicious actors may circumvent the Company’s security measures. Therefore, the Company cannot assure the absolute security of information transmitted to or from the Website or through the use of the Company’s services and software. The Customer provides such information at their own risk. Consequently, the Company disclaims any liability for the theft, loss, interception, unauthorized access, or damage to the Customer’s data or communications while utilizing the Website, the Company’s software and services. By visiting the Website and by using the Company’s software and services, the Customer acknowledges that they understand and accept these risks. 

The Customer’s rights

The Data Protection Act ensures individuals certain rights over their personal data. Thus, individuals can, e.g., request access to or the deletion of their personal data. 

It should be noted that the Customer’s rights under the Privacy Act are not implicit. Thus, laws may, for example, oblige the Company to reject a request for deletion or access to data. The Company may also reject the Customer’s request due to the Company’s rights, e.g., intellectual property rights, or the rights of other parties, or for the protection of privacy if the Company considers those rights to be of more importance. 

In the event of a situation where the Company is unable to comply with the Customer’s request, the Company will endeavor to explain why the request has been rejected, however, with regard to the restrictions based on legal obligations. 

Right of rectification 

It is important that the personal data processed by the Company is both accurate and relevant. Therefore, it is important that the Company is notified of any changes that may occur to the Customer’s personal data. The Customer has the right to have inaccurate personal data regarding the Customer corrected. Taking into account the purpose of the processing, the Customer also has the right to have incomplete personal data about the Customer completed, e.g., by providing additional information. 

Right of access 

The Customer has the right to request a confirmation from the Company on whether the Company processed the Customer’s personal data or not, and if so, request access to the personal data and how the processing is managed. The Customer may also be entitled to a copy of the information. 

Right to data portability 

In certain circumstances, the Customer may request the Company to send information the Customer has provided or provided to the Company directly to the Customer or a third party. However, this only applies when processing the relevant personal data is based on the Customer’s consent or an agreement with the Company. 

Right to erasure (“the right to be forgotten”) 

In certain circumstances, the Customer may request the immediate deletion of the Customer’s personal data, for example, when the storage of the data is no longer necessary considering the purpose of the processing or because the Customer has revoked its consent for the processing of personal data; and there is no other authorization that the processing is based on. 

Withdrawal of consent 

When the processing is carried out based on the Customer’s consent, the Customer has the right to withdraw its consent at any time. 

Right to request restriction of processing 

If the Customer does not want its personal data to be deleted, e.g., because the Customer needs it to defend against a legal claim, however, the Customer does not want its personal data to be further processed by the Company, the Customer can request that the processing is limited. 

The right to object to processing 

If the processing of the Customer’s personal data is based on the Company’s legitimate interests, the Customer has the right to object to that processing.

The right to lodge a complaint with the Data Protection Authority 

Privacy Policy
updates 

If the Customer is not satisfied with how the Company processes its personal data, the Customer can always send a complaint to the Data Protection Authority. 

Information regarding the Data Protection Authority is available at https://www.personuvernd.is/

The Company reserves the right to amend and modify the terms of this Privacy Policy at any given time. Any alterations will be communicated by indicating the date of the last revision on the Privacy Policy. The Customer’s continued use of the Website, the Company’s services or software, subsequent to the posting of such revised policy will signify the Customer’s acknowledgment and acceptance of any changes made. The Company recommends reviewing the Privacy Policy each time the Customer uses the Website, the Company’s software or service, to ensure the Customer fully understands how their information may be collected and utilized. 

Contact information

The Company appreciates the Customer’s comments or inquiries regarding this Privacy Policy. The Customer can reach out to the Company at the following address: 

WiseFish ehf. 
Attn.: Stefan Torfi Höskuldsson, Chief Technology Officer 
Email: stefan@wisefish.is 
Katrinartun 4 
105 Reykjavik 
Iceland